Tag: CVE
-
The Register: Mozilla patches critical Firefox vuln that attackers are already exploiting
Source URL: https://www.theregister.com/2024/10/10/firefixed_mozilla_patches_critical_firefox/ Source: The Register Title: Mozilla patches critical Firefox vuln that attackers are already exploiting Feedly Summary: Firefixed: It’s maintenance time for low-complexity, high-impact security flaw It’s patch time for Firefox fans as Mozilla issues a security advisory for a critical code execution vulnerability in the browser.… AI Summary and Description: Yes Summary:…
-
Hacker News: Mozilla fixes Firefox zero-day actively exploited in attacks
Source URL: https://www.bleepingcomputer.com/news/security/mozilla-fixes-firefox-zero-day-actively-exploited-in-attacks/ Source: Hacker News Title: Mozilla fixes Firefox zero-day actively exploited in attacks Feedly Summary: Comments AI Summary and Description: Yes Summary: Mozilla has released an emergency update for Firefox to patch a serious use-after-free vulnerability (CVE-2024-9680) that is actively exploited by attackers. This flaw allows unauthorized code execution due to improper memory…
-
Cisco Talos Blog: Vulnerability in popular PDF reader could lead to arbitrary code execution; Multiple issues in GNOME project
Source URL: https://blog.talosintelligence.com/vulnerability-roundup-foxit-gnome-oct-9-2024/ Source: Cisco Talos Blog Title: Vulnerability in popular PDF reader could lead to arbitrary code execution; Multiple issues in GNOME project Feedly Summary: Talos also discovered three vulnerabilities in Veertu’s Anka Build, a suite of software designed to test macOS or iOS applications in CI/CD environments. AI Summary and Description: Yes Summary:…
-
Alerts: CISA Adds Three Known Exploited Vulnerabilities to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2024/10/09/cisa-adds-three-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Three Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-23113 Fortinet Multiple Products Format String Vulnerability CVE-2024-9379 Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability CVE-2024-9380 Ivanti Cloud Services Appliance (CSA) OS Command Injection…
-
Krebs on Security: Patch Tuesday, October 2024 Edition
Source URL: https://krebsonsecurity.com/2024/10/patch-tuesday-october-2024-edition/ Source: Krebs on Security Title: Patch Tuesday, October 2024 Edition Feedly Summary: Microsoft today released security updates to fix at least 117 security holes in Windows computers and other software, including two vulnerabilities that are already seeing active attacks. Also, Adobe plugged 52 security holes across a range of products, and Apple…