In a recent report, Google Project Zero pointed out that during 2021 58 zero-day vulnerabilities were reported exploited, a record in the short time that this specialized team has beenRead More →
After receiving a report from ESET researcher Martin Smolár, Lenovo security teams announced the correction of three severe vulnerabilities. Tracked as CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972, the flaws could be exploitedRead More →
Information security specialists report the detection of a critical vulnerability in Composer, a package management system for programming in PHP that provides the standard formats necessary to handle PHP dependenciesRead More →
Citrix announced the release of security patches for multiple vulnerabilities present in some of its products, including a severe issue in SD-WAN. Tracked as CVE-2022-27505, this flaw was described asRead More →
Those responsible for the NGINX web server released a series of security updates to fix a severe zero-day vulnerability in its Lightweight Directory Access Protocol (LDAP). The NGINX LDAP referenceRead More →
Developers addressed a command injection vulnerability in asciidoctor-include-ext, a popular Ruby library that allows users to parse and convert AsciiDoc files. According to the report, this vulnerability allows remote codeRead More →
VMware released a critical security alert to address various vulnerabilities found in Workspace ONE Access, VMware Identity Manager (vIDM), vRealize Lifecycle Manager, vRealize Automation, and VMware Cloud Foundation products. AccordingRead More →
A severe vulnerability in a PHP function would allow threat actors to evade security measures implemented for the protection of web applications. The affected feature is filter_var(), which allows developersRead More →
Cybersecurity specialists report the detection of a critical vulnerability in Vim, the improved version of the Vi text editor, present in all UNIX systems and developed by Bram Moolenaar inRead More →