Exploits and vulnerabilities – Page 16 – PossibleThreat Articles

MalwareBytes Security

Update now! October patch Tuesday fixes actively used zero-day…but not the one you expected

October 12, 2022 0 Comments Adobe, Android, Apple, cve-2022-41033, cve-2022-41040, Exploits and vulnerabilities, fortinet, Google, Microsoft, news, Samsung, sap, vmware, xiaomi, zero day

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: Apple

Tags: Google

Tags: Android

Tags: Samsung

Tags: Xiaomi

Tags: Adobe

Tags: SAP

Tags: VMWare

Tags: Fortinet

Tags: CVE-2022-41033

Tags: CVE-2022-41040

Tags: zero-day

No fix for ProxyNotShell

(Read more…)

The post Update now! October patch Tuesday fixes actively used zero-day…but not the one you expected appeared first on Malwarebytes Labs.

MalwareBytes Security

Android vulnerabilities could allow arbitrary code execution

October 7, 2022 0 Comments activitymanager, Android, cve-2022-20419, cve-2022-25718, cve-2022-25720, cve-2022-25748, Exploits and vulnerabilities, Google, news, qualcomm, wlan

Categories: Exploits and vulnerabilities

Categories: News

Tags: Google

Tags: Android

Tags: Qualcomm

Tags: WLAN

Tags: CVE-2022-25720

Tags: CVE-2022-25718

Tags: CVE-2022-25748

Tags: CVE-2022-20419

Tags: ActivityManager

Google has issued patches for 42 vulnerabilities, including four marked critical

(Read more…)

The post Android vulnerabilities could allow arbitrary code execution appeared first on Malwarebytes Labs.

MalwareBytes Security

[updated]Two new Exchange Server zero-days in the wild

October 4, 2022 0 Comments cve-2022-41040, cve-2022-41082, exchange, Exploits and vulnerabilities, news, proxyshell, rce, remote powershell, ssrf, web shell

Categories: Exploits and vulnerabilities

Categories: News

Tags: Exchange

Tags: ProxyShell

Tags: remote PowerShell

Tags: web shell

Tags: CVE-2022-41040

Tags: CVE-2022-41082

Tags: SSRF

Tags: RCE

Two ProxyShell-like vulnerabilities are being used to exploit Microsoft Exchange Servers

(Read more…)

The post [updated]Two new Exchange Server zero-days in the wild appeared first on Malwarebytes Labs.

MalwareBytes Security

Actively exploited vulnerability in Bitbucket Server and Data Center

October 3, 2022 0 Comments atlassian, bitbucket, cve-2022-36804, Exploits and vulnerabilities, git, news, rce, read permission

Categories: Exploits and vulnerabilities

Categories: News

Tags: Atlassian

Tags: Bitbucket

Tags: git

Tags: CVE-2022-36804

Tags: RCE

Tags: read permission

International cybersecurity authorities are warning about the active exploitation of a vulnerability in Bitbucket Server and Data Center

(Read more…)

The post Actively exploited vulnerability in Bitbucket Server and Data Center appeared first on Malwarebytes Labs.

MalwareBytes Security

Two new Exchange Server zero-days in the wild

September 30, 2022 0 Comments cve-2022-41040, cve-2022-41082, exchange, Exploits and vulnerabilities, news, proxyshell, rce, remote powershell, ssrf, web shell

Categories: Exploits and vulnerabilities

Categories: News

Tags: Exchange

Tags: ProxyShell

Tags: remote PowerShell

Tags: web shell

Tags: CVE-2022-41040

Tags: CVE-2022-41082

Tags: SSRF

Tags: RCE

Two ProxyShell-like vulnerabilities are being used to exploit Microsoft Exchange Servers

(Read more…)

The post Two new Exchange Server zero-days in the wild appeared first on Malwarebytes Labs.

MalwareBytes Security

Flaw in some ManageEngine apps is being actively exploited, says CISA

September 27, 2022 0 Comments Exploits and vulnerabilities, news

Categories: Exploits and vulnerabilities

Categories: News

The critical CVE-2022-35405 flaw affects several Zoho ManageEngine products. Federal and private organizations must patch now!

(Read more…)

The post Flaw in some ManageEngine apps is being actively exploited, says CISA appeared first on Malwarebytes Labs.

MalwareBytes Security

Critical WhatsApp vulnerabilities patched: Check you’ve updated!

September 26, 2022 0 Comments cve-2022-27492, cve-2022-36934, Exploits and vulnerabilities, news, whatsapp

Categories: Exploits and vulnerabilities

Categories: News

Tags: WhatsApp

Tags: CVE-2022-36934

Tags: CVE-2022-27492

Two RCE vulnerabilities were patched in WhatsApp. Both vulnerabilities were video related and could be used to compromise your device.

(Read more…)

The post Critical WhatsApp vulnerabilities patched: Check you’ve updated! appeared first on Malwarebytes Labs.

MalwareBytes Security

Medtronic’s MiniMed 600 series insulin pumps potentially at risk of compromise, says FDA

September 22, 2022 0 Comments Exploits and vulnerabilities, news

Categories: Exploits and vulnerabilities

Categories: News

Medtronic, an insulin pump company, notified its users of a potential risk of attack due to a flaw in its pump’s communication protocol.

(Read more…)

The post Medtronic’s MiniMed 600 series insulin pumps potentially at risk of compromise, says FDA appeared first on Malwarebytes Labs.

MalwareBytes Security

Update Firefox and Thunderbird now! Mozilla patches several high risk vulnerabilities

September 22, 2022 0 Comments cve-2022-3033, cve-2022-40959, cve-2022-40960, cve-2022-40962, Exploits and vulnerabilities, firefox, Mozilla, news, thunderbird

Categories: Exploits and vulnerabilities

Categories: News

Tags: CVE-2022-40959

Tags: CVE-2022-40960

Tags: CVE-2022-40962

Tags: CVE-2022-3033

Tags: Mozilla

Tags: Firefox

Tags: Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird which could be exploited to take control of a system.

(Read more…)

The post Update Firefox and Thunderbird now! Mozilla patches several high risk vulnerabilities appeared first on Malwarebytes Labs.

MalwareBytes Security

[updated] Important update! iPhones, Macs, and more vulnerable to zero-day bug

September 20, 2022 0 Comments Apple, cve-2022-22594, cve-2022-32917, Exploits and vulnerabilities, news

Categories: Apple

Categories: Exploits and vulnerabilities

Categories: News

Tags: CVE-2022-22594

Tags: CVE-2022-32917

Apple has patched an actively-exploited flaw that affects a host of devices and software, including iPhones, Macs, iPads, and iPod touch.

(Read more…)

The post [updated] Important update! iPhones, Macs, and more vulnerable to zero-day bug appeared first on Malwarebytes Labs.