The security hole affected an EngageLab SDK and it was reported by Microsoft to the vendor one year ago.
The post Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users appeared first on SecurityWeek.
Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities
The bugs could allow attackers to modify protected resources and escalate their privileges to administrator.
The post Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
Adobe Reader Zero-Day Exploited for Months: Researcher
Reputable researcher Haifei Li has come across what appears to be a PDF designed to exploit an unpatched vulnerability.
The post Adobe Reader Zero-Day Exploited for Months: Researcher appeared first on SecurityWeek.
Data Leakage Vulnerability Patched in OpenSSL
A total of seven vulnerabilities, most of which can be exploited for DoS attacks, have been patched in OpenSSL.
The post Data Leakage Vulnerability Patched in OpenSSL appeared first on SecurityWeek.
RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years
The vulnerability requires authentication for successful exploitation, but another flaw exposes the Jolokia API without authentication.
The post RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years appeared first on SecurityWeek.
Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover
The vulnerability allows hackers to upload arbitrary files to a site’s server and achieve remote code execution.
The post Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover appeared first on SecurityWeek.
Critical Flowise Vulnerability in Attacker Crosshairs
The improper validation of user-supplied JavaScript code allows attackers to execute arbitrary code and access the file system.
The post Critical Flowise Vulnerability in Attacker Crosshairs appeared first on SecurityWeek.
Severe StrongBox Vulnerability Patched in Android
A critical DoS vulnerability in the Framework component of Android has also been fixed with the latest update.
The post Severe StrongBox Vulnerability Patched in Android appeared first on SecurityWeek.
GPUBreach: Root Shell Access Achieved via GPU Rowhammer Attack
Researchers have demonstrated that GPU Rowhammer attacks can be used to escalate privileges.
The post GPUBreach: Root Shell Access Achieved via GPU Rowhammer Attack appeared first on SecurityWeek.
Fortinet Rushes Emergency Fixes for Exploited Zero-Day
The improper access control bug in FortiClient EMS allows unauthenticated attackers to execute arbitrary code remotely.
The post Fortinet Rushes Emergency Fixes for Exploited Zero-Day appeared first on SecurityWeek.
