Category Archives: Vulnerability Assessment

SAP and Intel Patch High Severity Vulnerabilities in Their Respective Systems

This week, SAP released 6 Security Notes as part of its April 2019 Security Patch Day, including two that highlight high severity vulnerabilities in Crystal Reports and NetWeaver.

Intel, on the other hand, has released security updates highlighting two high-severity flaws in its Intel Media Software Development Kit (SDK) and Intel NUC mini PC.

Continue reading

Review on Last Week’s Security Threats & Vulnerability Patches

Organizations, large and small, all over the world are faced with a serious cybersecurity threat that is eating away at the foundation of the World Wide Web. The grave security threat has forced companies to take preemptive steps to ensure security from such lethal attacks that could come across as an existential threat to them. Last week, we took a holistic view, through our comprehensive articles, how technology companies managed to effectively patch vulnerabilities in their systems, brought on by cyber-attackers the world over.  Here is a brief recap of our work last week.

Continue reading

High-Severity Vulnerabilities in Tegra Drivers Patched by NVIDIA

This week, NVIDIA issued security patches to highlight numerous flaws in the Tegra Linux Driver Package (L4T), including many defects evaluated with a “high” severity rating.

CVE‑2018‑6269, a flaw that exists in the Tagra kernel driver, is one of the most significant bugs, affecting the input/output control (IOCTL) handling for user mode requests that could result in information revelation, denial-of-service (DoS), increase of privileges, or code execution through a non-trusted pointer dereference.

Continue reading

Grave SQL Injection and RCE Flaws Patched by Magento

As many as 37 faults were patched by Magento on Thursday, including a stored cross-site scripting (XSS) flaw that could have allowed an attacker to take over a website.

The gravest of the viruses is a distant code-execution (RCE) susceptibility that could let a genuine user, with limited approvals, create special newsletters and email templates that can be used to perform random code on targeted systems. The weakness has a CVSS score of 9.8 and affects Magento versions 2.1 prior to 2.1.17, Magento 2.2 prior to 2.2.8 and Magento 2.3 prior to 2.3.1.

Continue reading

Cisco Released a Number of Patches for IOS XE, But Says Some Routers May be Targeted

The networking behemoth released 27 patches affecting a broad range of its products running the ISO XE software.

UDPATE

On Wednesday, Cisco Systems released 24 patches due to weaknesses in its IOS XE operating system and cautioned customers against a possible attack on another two small business routers. The networking giant rated 19 of the bugs as high severity, while the others were graded as medium.

Continue reading

PuTTY Announces Essential Software Update to Fix Critical Bugs

The famous user program PuTTY has announced the updated version of its software that comprising of security fixes for eight high-severeness security flaws. PuTTY is one of the most famous and widely utilized open-source user-side programs that permits users to distantly access systems over Telnet, SSH, and Rlogin network protocols.

Continue reading

Review on Last Week’s Security Threats

Past week’s major security threats are being reviewed as to present them to our esteemed readers and to bring such alarming threats to their notice which have occurred the previous week. We are playing specific role in bringing these security threats to the readers precisely and to let them know well that what had happened the previous week.

Continue reading