Fortinet patched a critical SQL injection vulnerability (CVE-2023-48788) in its FortiClient EMS software, allowing unauthenticated attackers to achieve remote code execution with SYSTEM privileges.
Canon has patched seven critical buffer-overflow bugs affecting its small office multifunction printers and laser printers. Tracked as CVE-2023-6229 through CVE-2023-6234 (plus CVE-2024-0244), they affect different processes common across Canon’s product lines – the username or password process involved with authenticating mobile devices, for example, the Service Location Protocol (SLP) attribute request process, and more. […]
The CISA has identified two recently patched vulnerabilities, one in Google Chrome and another in the open-source Perl library Spreadsheet::ParseExcel, that have been actively exploited and require immediate mitigation.
While the decryptor only works on older versions of Black Basta and has been patched in newer attacks, it provides hope for victims who were affected between November 2022 and the recent bug fix.
Google said it patched three vulnerabilities in a version of its Chromecast media-streaming hardware discovered by security researchers earlier this year. When chained together, the bugs could allow someone to maliciously install a custom operating system and unsigned code on the Chromecast with Google TV. Patches for the bugs — tagged as CVE-2023-48424, CVE-2023-48425 and […]
The vulnerabilities, collectively known as “ShellTorch,” have been patched in the latest version of TorchServe (0.8.2), hence, developers are encouraged to update to ensure their systems are secure.
Nine vulnerabilities, including potentially serious flaws, were patched recently in a couple of electric power management products made by Schweitzer Engineering Laboratories (SEL). SEL is a US-based company that provides a wide range of products and services for the electric power sector, including control systems, generator and transmission protection, and distribution automation. Researchers at industrial […]