Security Vulnerabilities - Page 8

Discover Security Vulnerabilities News

Citrix Fixes Severe Flaws in Workspace, Virtual Apps and Desktops

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Citrix Systems has released security updates for vulnerabilities in its Virtual Apps and Desktops, and Workspace Apps products.

Brittany Day
Feb 22, 2023

Linux KVM Gets Patched For New AMD Cross-Thread Return Address Predictions Bug

CVE-2022-27672 is being made public today as the "Cross-Thread Return Address Predictions" bug affecting various AMD and Hygon processors. This vulnerability affects the SMT mode where one sibling thread transitions out of the C0 state and the other sibling thread could use return target predictions.

Brittany Day
Feb 15, 2023

New Ubuntu Linux Kernel Updates Fix 19 Vulnerabilities, Patch Now

Canonical has published new Linux kernel updates for all supported Ubuntu LTS systems to address a total of 19 security vulnerabilities.

Brittany Day
Feb 13, 2023

Proposed Linux Patch Would Allow Disabling CPU Security Mitigations At Build-Time

A proposed Linux kernel patch would provide a new Kconfig build time option of "CONFIG_DEFAULT_CPU_MITIGATIONS_OFF" to build an insecure kernel if wanting to avoid the growing list of CPU security mitigations within the kernel and their associated performance overhead.

Brittany Day
Feb 13, 2023

Sudo Has a High-Severity Vulnerability that Low-Privilege Attackers Might Exploit to Get Root Access

Sudo is one of the most essential, powerful, and often used tools that comes as a core command pre-installed on macOS and practically every other UNIX or Linux-based operating system. It is also one of the programs that comes pre-installed as a core command.

Brittany Day
Jan 23, 2023

Critical Linux Kernel flaw affects SMB servers with ksmbd enabled

Experts warn of a critical Linux Kernel vulnerability (CVSS score of 10) impacting SMB servers that can lead to remote code execution.

Brittany Day
Jan 19, 2023

A New Privilege Escalation Vulnerability in the Linux Kernel, Enables a Local Attacker to Execute Malware on Vulnerable Systems

A new privilege escalation vulnerability has been identified in the Linux kernel by researcher Davide Ornaghi. This vulnerability might enable a local attacker to execute code on vulnerable computers with elevated rights if the kernel is installed on those systems.

Brittany Day
Jan 17, 2023

Patch Now: Serious Linux Kernel Security Hole Uncovered

The Zero Day Initiative (ZDI), a zero-day security research firm, announced a new Linux kernel security bug. This hole allows authenticated remote users to disclose sensitive information and run code on vulnerable Linux kernel versions.

Brittany Day
Jan 16, 2023

Alert: Hackers Actively Exploiting Critical "Control Web Panel" RCE Vulnerability

Malicious actors are actively attempting to exploit a recently patched critical vulnerability in Control Web Panel (CWP) that enables elevated privileges and unauthenticated remote code execution (RCE) on susceptible servers.

Brittany Day
Jan 15, 2023

Ubuntu Users Get Massive Kernel Security Updates, More Than 20 Vulnerabilities Patched

Canonical has published new kernel security updates for all of its supported Ubuntu Linux releases as a massive update that addresses more than 20 security vulnerabilities discovered by various researchers in the upstream kernels.

Brittany Day
Jan 09, 2023

Many WordPress Plugin Flaws Leveraged by Novel Linux Malware

Thirty security vulnerabilities in numerous outdated WordPress plugins and themes are being leveraged by a novel Linux malware to facilitate malicious JavaScript injections, reports BleepingComputer.

Brittany Day
Jan 05, 2023

What Is the CVE-2021-4034 Polkit Privilege Escalation Vulnerability?

Here's everything you need to know about the CVE-2021-4034 Polkit privilege escalation vulnerability in the Linux kernel.

Brittany Day
Jan 02, 2023

Back to work, Linux Admins: You Have a CVSS 10 Kernel Bug to Address

Merry Christmas, Linux systems administrators: Here's a kernel vulnerability with a CVSS score of 10 in your SMB server for the holiday season giving an unauthenticated user remote code execution.

Brittany Day
Dec 28, 2022

Linux Fixes Maximum-Severity Kernel Vulnerability

Most businesses running SMB servers are believed to be shielded but one expert likened potential exploits to Heartbleed.

Brittany Day
Dec 26, 2022

Why You Should Update File Sharing Platform, Samba, Right Now

Vulnerabilities have been found in Samba, software that lets you access shared files. So here's why it's vital you install these updates.

Brittany Day
Dec 26, 2022

Running in Place: Staying Afloat With Language-Level Vulnerability Management

The patch management process can be painful, tedious, and time and labor intensive. Often, all this effort is for no other purpose than to maintain the operational status quo. And for devs or sysadmins, patch management has to happen on top of handling every-day activities as well as any other additional challenges that occur during service interruptions or system reboots.

Brittany Day
Dec 20, 2022

Longstanding Bug in Linux Kernel Floppy Handling Fixed

Good news, everyone! Er, someone. Anyone? Bueller?

Brittany Day
Dec 14, 2022

A New Linux Flaw Can Be Chained with Other Two Bugs to Gain Full Root Privileges

Qualys researchers demonstrated how to chain a new Linux flaw with two other two issues to gain full root privileges on an impacted system.

Brittany Day
Dec 14, 2022

NVIDIA Releases GPU Driver Update to Fix 29 Security Flaws

NVIDIA has released a security update for its GPU display driver, containing a fix for a high-severity flaw that threat actors can exploit to perform, among other things, code execution and privilege escalation.

Brittany Day
Dec 02, 2022

Intel Linux Kernel Graphics Driver Patched For New Security Sensitive Bug

CVE-2022-4139 was made public as an i915 kernel graphics driver security issue affecting all Gen12 graphics -- from integrated Tigerlake graphics up through the latest Raptor Lake graphics as well as the in-development Meteor Lake code plus the discrete GPUs of DG2/Alchemist and Arctic Sound.

Brittany Day
Dec 02, 2022

Security Vulnerabilities - Page 8

Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns

Easily Exploitable 10-Year-Old needrestart Utility Flaws Allow Root Access

7-Zip Users Beware: Urgent Update Needed to Fix Code Execution Security Flaw