Exploits and vulnerabilities – Page 22 – PossibleThreat Articles

MalwareBytes Security

Google fixes two critical Pixel vulnerabilities: Get your updates when you can!

May 5, 2022 0 Comments Android, bootloader, cve-2021-35090, cve-2022-20117, cve-2022-20120, Exploits and vulnerabilities, Google, Pixel, qualcomm, race condition, titan m, toc tou

Credit to Author: Pieter Arntz| Date: Thu, 05 May 2022 14:44:24 +0000

Google has released updates for Android and its Pixel phone. We discuss the three vulnerabilities that were classified as critical.

The post Google fixes two critical Pixel vulnerabilities: Get your updates when you can! appeared first on Malwarebytes Labs.

MalwareBytes Security

Unfixed vulnerability in popular library puts IoT products at risk

May 4, 2022 0 Comments dns poisoning, Exploits and vulnerabilities, IoT, library, MITM, transaction id, uclibc

Credit to Author: Pieter Arntz| Date: Wed, 04 May 2022 16:13:27 +0000

Researchers have disclosed an unpatched vulnerability in the popular uClibc library that could allow attackers to use DNS poisoning.

The post Unfixed vulnerability in popular library puts IoT products at risk appeared first on Malwarebytes Labs.

MalwareBytes Security

Update now! Critical patches for Chrome and Edge

April 30, 2022 0 Comments cjhromium, edge chrome, Exploits and vulnerabilities, use-after-free

Credit to Author: Pieter Arntz| Date: Sat, 30 Apr 2022 13:44:04 +0000

Google has released an update for the Chrome browser that includes 30 security fixes. Edge and other Chromium-based browsers also need updating.

The post Update now! Critical patches for Chrome and Edge appeared first on Malwarebytes Labs.

MalwareBytes Security

The top 5 most routinely exploited vulnerabilities of 2021

April 29, 2022 0 Comments cisa, confluence, cve-2021-26084, cve-2021-26857, cve-2021-26858, cve-2021-27065, cve-2021-31207, cve-2021-34473, cve-2021-34523, cve-2021-40539, cve-2021-44228, cve-26855, Exploits and vulnerabilities, log4shell, microsoft exchange server, ognl, proxylogon, proxyshell, zoho manageengine

Credit to Author: Pieter Arntz| Date: Fri, 29 Apr 2022 16:28:20 +0000

International cybersecurity authorities have published an overview of the most routinely exploited vulnerabilities of 2021.

The post The top 5 most routinely exploited vulnerabilities of 2021 appeared first on Malwarebytes Labs.

MalwareBytes Security

QNAP customers urged to disable AFP to protect against severe vulnerabilities

April 28, 2022 0 Comments afpqnap, cve-2021-23121, cve-2021-23122, cve-2021-23125, cve-2022-0194, cvss, Exploits and vulnerabilities, MacOS, NAS, netatalk, Synology, truenas, western digital

Credit to Author: Pieter Arntz| Date: Thu, 28 Apr 2022 14:28:10 +0000

NAS device vendors are dealing with several severe vulnerabilities in Netatalk, the open-source implemenation of AFP.

The post QNAP customers urged to disable AFP to protect against severe vulnerabilities appeared first on Malwarebytes Labs.

MalwareBytes Security

Lenovo issues fixes for laptop backdoors

April 21, 2022 0 Comments backdoor, cve-2021-3970, cve-2021-3971, cve-2021-3972, Exploits and vulnerabilities, firmware, lenovo, uefi

Credit to Author: Pieter Arntz| Date: Thu, 21 Apr 2022 15:11:05 +0000

Millions of Lenovo laptops were shipped with a backdoor that was intended for the manufacturing process only.

The post Lenovo issues fixes for laptop backdoors appeared first on Malwarebytes Labs.

MalwareBytes Security

Oracle releases massive Critical Patch Update containing 520 security patches

April 20, 2022 0 Comments critical patch update, cve-2021-23017, cve-2022-21431, cve-2022-21449, cve-2022-22947, cve-2022-23305, cve-2022-23990, cvss, Exploits and vulnerabilities, oracle

Credit to Author: Pieter Arntz| Date: Wed, 20 Apr 2022 14:53:54 +0000

Oracle’s April Critical Patch UPdate contains 520 new security patches. We spell out some of the most important vulnerabilities.

The post Oracle releases massive Critical Patch Update containing 520 security patches appeared first on Malwarebytes Labs.

MalwareBytes Security

April’s Patch Tuesday update includes fixes for two zero-day vulnerabilities

April 13, 2022 0 Comments chrome, cve-2022-24491, Edge, Exploits and vulnerabilities, Microsoft, wormable

Credit to Author: Pieter Arntz| Date: Wed, 13 Apr 2022 13:57:39 +0000

April’s Patch Tuesday brings patches for two zero-day vulnerabilities and two potentially wormable Network File System vulnerabilities.

The post April’s Patch Tuesday update includes fixes for two zero-day vulnerabilities appeared first on Malwarebytes Labs.

MalwareBytes Security

CISA advises D-Link users to take vulnerable routers offline

April 5, 2022 0 Comments bod 22-01, cisa, cve-2021-45382, d-link, Exploits and vulnerabilities, vulnerability management

Credit to Author: Pieter Arntz| Date: Tue, 05 Apr 2022 13:23:12 +0000

CISA has advised users to take certain vulnerable D-Link routers offline since the existing vulnerabilities are know to be actively exploited and the models have reached EOL and will not get patched.

The post CISA advises D-Link users to take vulnerable routers offline appeared first on Malwarebytes Labs.

MalwareBytes Security

Update now! Zyxel patches critical firewall bypass vulnerability

April 4, 2022 0 Comments Exploits and vulnerabilities, Firewall, zyxel

Credit to Author: Pieter Arntz| Date: Mon, 04 Apr 2022 10:22:29 +0000

Zyxel has urged customers to update after it disclosed a security flaw that could lead to the circumvention of firewall protection in several of its products.

The post Update now! Zyxel patches critical firewall bypass vulnerability appeared first on Malwarebytes Labs.