Magento released updates for Magento Commerce and Open Source 2.1.9 and 2.0.16 that fixed also a critical remote code execution vulnerability. Magento released updates for Magento Commerce and Open Source 2.1.9 and 2.0.16 that fixed numerous flaws, including a critical remote code execution vulnerability. The remote code execution flaw impacts content manag

Microsoft has just released the September Patch Tuesday, a huge batch of security updates to address 81 vulnerabilities including Blueborne issue. Microsoft has just released the September Patch Tuesday, a huge batch of security updates to address 81 vulnerabilities in almost any supported versions of Windows and other MS products. The batch includes secu

Security researchers at Positive Technologies have discovered an undocumented configuration setting that disables the Intel Management Engine. Security researchers at Positive Technologies have discovered an undocumented configuration setting that disables the CPU control mechanism Intel Management Engine 11. The Intel Management Engine consists of a microco

Experts found two critical zero-day flaws in the Foxit PDF Reader that could be exploited by attackers to execute arbitrary code on a targeted computer Security researchers have discovered two critical zero-day vulnerabilities in the popular Foxit Reader application that could be exploited by attackers to execute arbitrary code on a targeted computer, if no

The security researcher Vikas Anil Sharma exploited an unrestricted File Upload vulnerability in a PayPal Server to remotely execute code. The security researcher Vikas Anil Sharma has found a remote code execution vulnerability in a PayPal server. The expert was visiting the PayPal Bug Bounty page using the Burp software, below the response obtained opening

The seven-year-old remote code execution vulnerability SambaCry was exploited by the SHELLBIND IoT malware to target NAS devices. A new strain of malware dubbed SHELLBIND exploits the recently patched CVE-2017-7494 Samba vulnerability in attacks against Internet of Things devices. SHELLBIND has infected most network-attached storage (NAS) appliances, it exp

For the second time in a year, a highly critical remote code execution vulnerability was found in the Cisco WebEx Extension. For the second time in a year, a highly critical remote code execution vulnerability, tracked as CVE-2017-6753, was discovered in the Cisco Systems WebEx browser extension for Chrome and Firefox. The vulnerability could be exploited by

Adobe released new versions of Flash Player and Connect web conferencing software to fix important and critical vulnerabilities. According to the security advisory published by Adobe for Flash Player, the new version 26.0.0.137 patches three critical vulnerabilities, including a remote code execution flaw tracked as CVE-2017-3099 that can be exploited by att

OpenVPN fixed several vulnerabilities that could be exploited by remote attackers, the flaws were not detected in a recent audit. Recently two distinct audits were conducted to discover security issues in the OpenVPN, many flaws were found but some vulnerabilities were not spotted by the experts. Four of the vulnerabilities in OpenVPN 2.4.2, were found by th

Microsoft released the June 2017 Patch Tuesday to address more than 90 security flaws, including two critical RCE that have been exploited in attacks. Microsoft released June Patch Tuesday updates that address more than 90 vulnerabilities, including two critical remote code execution (RCE) vulnerabilities that have been exploited in attacks. The first vulner

Security experts from Kaspersky confirmed that threat actors in the wild are exploiting the SambaCry vulnerability CVE-2017-7494 to spread a miner. At the end of May, a seven-year-old remote code execution vulnerability affecting all versions of the Samba software since 3.5.0 was patched by the development team of the project. An attacker can exploit the CV

A seven-year-old remote code execution vulnerability, tracked as CVE-2017-7494, affects all versions of the Samba software since 3.5.0. A seven-year-old remote code execution vulnerability affects all versions of the Samba software since 3.5.0. The flaw has been patched by the development team of the project. An attacker can exploit the CVE-2017-7494 RCE to

A critical remote code execution vulnerability tracked as CVE-2017-5689 in Intel Management Engine affects Intel enterprise PCs dates back 9 years. A critical remote code execution (RCE) vulnerability tracked as CVE-2017-5689 has been discovered in the remote management features implemented on computers shipped with Intel Chipset in past 9 years. The vulnera

The popular PHP webmail package SquirrelMail is affected by a remote code execution vulnerability tracked as CVE-2017-7692. The popular PHP webmail package SquirrelMail is affected by a remote code execution vulnerability tracked as CVE-2017-7692, that could be exploited by hackers to execute arbitrary commands on the target and fully control it. The recent

The Linux remote vulnerability tracked as CVE-2016-10229 poses Linux systems at rick of hack if not patched. A Linux kernel vulnerability, trackers as CVE-2016-10229, potentially allows attackers to remotely take over a vulnerable system (i.e. Servers, desktops, IoT devices and mobile devices). “udp.c in the Linux kernel before 4.5 allows remote attack