vulnerability

Zoho

Researchers release PoC vulnerability for critical Zoho RCE bug, patch now

A proof-of-concept exploit will be released later this week for a critical vulnerability that allows remote code execution (RCE) without authentication in multiple VMware products. Tracked as CVE-2022-47966, this pre-built security flaw for RCE is due to the use of an outdated and vulnerable third-party dependency, Apache Santuario. A successful exploit allows unauthenticated threat actors …

Researchers release PoC vulnerability for critical Zoho RCE bug, patch now Read More »

The first update Tuesday of 2023 includes a wild vulnerability

The first update Tuesday of 2023 includes a wild vulnerability

Correction Tuesday Microsoft fixed 98 security flaws in its first patch Tuesday of 2023, including one already exploited and another listed as publicly known. Of the new January vulnerabilities, 11 are rated critical because they lead to remote code execution. The bug that is subject to the exploit, tracked as CVE-2023-21674, is an advanced local …

The first update Tuesday of 2023 includes a wild vulnerability Read More »