By 
Organizations, large and small, all over the world are faced with a serious cybersecurity threat that is eating away at the foundation of the World Wide Web. The grave security threat has forced companies to take preemptive steps to ensure security from such lethal attacks that could come across as an existential threat to them. Last week, we took a holistic view, through our comprehensive articles, how technology companies managed to effectively patch vulnerabilities in their systems, brought on by cyber-attackers the world over. Here is a brief recap of our work last week.
Grave SQL Injection and RCE Flaws Patched by Magento
Magento patched a staggering 37 flaws last Thursday, including a stored cross-site scripting (XSS) flaw that could have let an attacker take over a website.
Unpatched Vulnerability in TP-Link SR20 Routers to be Exploited to Allow Command Execution
It goes to the credit of Google security researcher Matthew Garrett, who has discovered that an unpatched vulnerability in the TP-Link SR20 smart hub and router can be exploited to achieve random command execution.
Google Patches Serious Flaws in Android’s Media Framework
Tech giant Google has issued its April 2019 set of security patches for the Android platform, which fixes three critical vulnerabilities, including two that affect the media framework component.
Facebook Data of Millions Uncovered in Leaky Datasets
Experts suggest that, from user names to plaintext passwords, two extensively exposed datasets are leaking Facebook data. Cultura Colectiva, a Mexico-based media company, has divulged the first publicly-exposed dataset that contains more than 540 million records including comments, likes, reactions, account names and more.
High-Severity Vulnerabilities in Tegra Drivers Patched by NVIDIA
NVIDIA issued security patches to point out many flaws in the Tegra Linux Driver Package (L4T), including many faults evaluated with a “high” severity rating. CVE‑2018‑6269 is one of the most significant bugs that affect the input/output control (IOCTL) handling for user mode requests.
