Poshan Bhandari Google Chrome Browser released Patch for New Zero-Day Exploit Detected in the Wild. OpenSSL Releases Patch for High-Severity Bug that Could Lead to RCE Attacks Description: The maintainers of the OpenSSL project have released patches to address a high-severity bug in the cryptograp...
Monal Tech, Arjun Aryal DFSCoerce-A new NTLM relay attack can take control over a Windows domain DFSCoerce-A new NTLM relay attack can take control over a Windows domain Description: A new kind of Windows NTLM relay attack dubbed DFSCoerce has been uncovered that leverages the Distributed File Sy...
Poshan Bhandari VMware Releases Patches for New Vulnerabilities Affecting Multiple Products VMware Releases Patches for New Vulnerabilities Affecting Multiple Products Description: VMware has issued patches to contain two security flaws impacting Workspace ONE Access, Identity Manager, and v...
Poshan Bhandari Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers Description: Microsoft has disclosed that it addressed a pair of issues with the Azure Database for PostgreSQL Flexible Se...
Monal Tech, Arjun Aryal Atlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability Atlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability Description: Atlassian has published a security advisory to alert that its Jira and Jira Service Management products are a...
Monal Tech, Arjun Aryal NGINX Shares Mitigations for Zero-Day Bug Affecting LDAP Implementation NGINX Shares Mitigations for Zero-Day Bug Affecting LDAP Implementation Description: NGNIX has issued mitigations to address security weaknesses in its LDAP (Lightweight Directory Access Protocol) ref...
Monal Tech, Arjun Aryal VMware Releases Critical Patches for New Vulnerabilities Affecting Multiple Products VMware Releases Critical Patches for New Vulnerabilities Affecting Multiple Products Description: VMware has released security updates to patch eight vulnerabilities affecting VMware Workspace ONE Acc...
Monal Tech, Arjun Aryal Spring Core RCE Zero-Day Vulnerability Critical SonicOS Vulnerability Affects SonicWall Firewall Appliances Description: A Security Patch has been released by SonicWall for a critical flaw across multiple appliances. Tracked as CVE-2022-22...
Monal Tech, Arjun Aryal Microsoft and Okta Confirm Breach by LAPSUS$ Extortion Group Mozilla Firefox fixes two actively exploited zero-day bugs Description: Five Security flaws have been disclosed in Dell BIOS. Successfully exploitation of these flaws could lead to code execution on v...
Monal Tech, Dipin Thapa Severe Vulnerability Patched in CRI-O Container Engine for Kubernet Major Unpatched RCE flaw in Dompdf A critical security vulnerability in dompdf, a PHP-based HTML to PDF converter has been disclosed. The vulnerability disclosed could lead to remote code execution in...
Monal Tech, Arjun Aryal Dirty Pipe- High Severity Linux Kernel Vulnerability Description: A Linux Kernel vulnerability named Dirty Pipe was discovered lately by security researcher Max Kellermann. Designated as CVE-2022–0847, when the flaw is exploited, it allows a local privi... CVE-2022–0847 dirty pipe
Monal Tech, Suman Sunuwar Critical Arbitrary File Overwrite Vulnerability on Linux Kernel 'Dirty Pipe Mozilla Firefox fixes two actively exploited zero-day bugs Description: Mozilla has released Firefox updates to fix two critical zero-day vulnerabilities actively exploited in attacks. Both zero-day v...
