Vulnerabilities Archives

Critical RCE Fortinet Flaw May Have Been Exploited

A critical remote code execution vulnerability has been patched in the latest Fortigate firmware updates for Fortinet FortiOS, FortiOS-6K7K, and FortiProxy SSL VPN devices. These updates were pushed out last week, however specific details about the critical vulnerability patched was not made available until Monday, when Fortinet published a security advisory detailing fixed versions, and […]

Critical RCE Fortinet Flaw May Have Been Exploited Read More »

High Severity Cisco Elevation of Privileges Flaw

News, Vulnerabilities / secureteampstg

A high severity vulnerability exists within the Cisco Secure Client Software for Windows and Cisco AnyConnect Secure Mobility Client Software for Windows. This elevation of privileges flaw could enable an attacker to have SYSTEM level privileges to carry out further attacks on vulnerable systems. The Cisco Secure Client and Cisco AnyConnect Secure Mobility Client products

High Severity Cisco Elevation of Privileges Flaw Read More »

Android Update Fixes Critical and Exploited Flaws

News, Vulnerabilities / secureteampstg

The Android Security Update for June has been released containing patches for 56 vulnerabilities, 5 of which have been assigned a critical severity rating, and one which is known to be actively exploited. The critical severity flaws patched this month include three remote code execution flaws, CVE-2023-21108 and CVE-2023-21130 are found in the Android System,

Android Update Fixes Critical and Exploited Flaws Read More »

Google Fix Chrome Bug Exploited in the Wild

News, Vulnerabilities / secureteampstg

A zero-day vulnerability in Google Chrome that has been exploited in the wild has been fixed through the most recent Stable Channel Update for Desktop. A security bulletin released by Google this week confirms that an exploit for this bug exists, however, detailed exploit and vulnerability information has still not been released by Google in

Google Fix Chrome Bug Exploited in the Wild Read More »

Zyxel Patch Critical Buffer Overflow Vulnerabilities

News, Vulnerabilities / secureteampstg

Zyxel firewall and VPN products have been found to contain two critical severity buffer overflow vulnerabilities that could be exploited by unauthenticated attackers. The affected products include ATP, USG FLEX, USG FLEX50(W) and USG20(W)-VPN, VPN, and ZyWall/USG. Zyxel have released a security advisory to inform users of these products about these vulnerabilities, and which patch

Zyxel Patch Critical Buffer Overflow Vulnerabilities Read More »

Critical Flaws in D-View Network Management Suite

News, Vulnerabilities / secureteampstg

D-View network management suite, developed by D-Link, has received a security update to patch two critical severity vulnerabilities. D-View can be used to control device configurations, monitor performance, and create network maps, as well as for other administrative network management tasks. These operations require access to devices and network components with high privileges so the

Critical Flaws in D-View Network Management Suite Read More »

Maximum Severity Flaw Patched in GitLab

News, Vulnerabilities / secureteampstg

A vulnerability affecting GitLab Community and Enterprise Editions, has been assigned the highest possible CVSS score of 10.0. GitLab is a web-based Git repository used for remote code management by developers and their teams, with approximately 30 million registered users. GitLab have released an emergency security update to address this critical flaw which they advise

Maximum Severity Flaw Patched in GitLab Read More »

Actively Exploited Flaws Patched in Apple Devices

News, Vulnerabilities / secureteampstg

The latest software updates released by Apple for macOS, iOS, iPadOS, Safari, tvOS, and watchOS contain patches for three zero-day vulnerabilities that are known to be actively exploited in attacks. These vulnerabilities exist within the WebKit browser engine used by Safari, and other macOS and iOS applications. Currently the CVE information about these vulnerabilities is

Actively Exploited Flaws Patched in Apple Devices Read More »

Windows Security Feature Bypass Vulnerability

News, Vulnerabilities / secureteampstg

Attackers are targeting a pair of Windows bugs that can be exploited simply by sending a malicious email to the victim, allowing the attacker to steal the users Windows credentials. A vulnerability in the MSHTML / EdgeHTML component used in Microsoft products such as Internet Explorer (now retired), WebBrowser control, Microsoft Edge, and other legacy applications

Windows Security Feature Bypass Vulnerability Read More »

WordPress Plugin Flaw has Public Exploit Code

News, Vulnerabilities / secureteampstg

A vulnerability in the WordPress plugin Advanced Custom Fields and Advanced Custom Fields Pro is being actively exploited by attackers after proof of concept (PoC) code for the exploit was released. The Advanced Customs Fields plugin has been installed on over 2M WordPress sites worldwide however only 31.5% of users have installed update version 6.1

WordPress Plugin Flaw has Public Exploit Code Read More »

Vulnerabilities

Critical RCE Fortinet Flaw May Have Been Exploited

High Severity Cisco Elevation of Privileges Flaw

Android Update Fixes Critical and Exploited Flaws

Google Fix Chrome Bug Exploited in the Wild

Zyxel Patch Critical Buffer Overflow Vulnerabilities

Critical Flaws in D-View Network Management Suite

Maximum Severity Flaw Patched in GitLab

Actively Exploited Flaws Patched in Apple Devices

Windows Security Feature Bypass Vulnerability

WordPress Plugin Flaw has Public Exploit Code

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch