Tag : Audits

image_pdfimage_print

Vendors and agencies are actively bypassing the security patch that Adobe released in February 2022 to address CVE-2022-24086, a critical mail template vulnerability in Adobe Commerce and Magento stores, ecommerce security firm Sansec warns. The CVE-2022-24086 bug (CVSS score of 9.8) is described as an improper input validation bug in the checkout process. It could ..

Leggi tutto

Video messaging technology giant Zoom has shipped patches for high-severity vulnerabilities that expose enterprise users to remote code execution and command injection attacks. The company released multiple security bulletins to warn of the risks and called special attention to a pair of “high-risk” bugs affecting its on-prem meeting connector software and the popular Keybase Client. ..

Leggi tutto

United States Vice President Kamala Harris on Wednesday formally announced support for the Paris Call for Trust and Security in Cyberspace, an international collaborative initiative aimed at advancing cybersecurity. Issued in 2018, the Paris Call details nine principles to improve stability in cyberspace through global collaboration, and has been already signed by 79 countries. The ..

Leggi tutto

Enterprise networking giant Cisco has released patches for multiple vulnerabilities across its product portfolio, including critical security defects in Catalyst Passive Optical Network (PON) series switches and the Policy Suite product. The most severe of these issues are CVE-2021-34795 and CVE-2021-40113 (CVSS 10.0), two flaws in Catalyst PON switches that could be exploited to log ..

Leggi tutto