code execution

Pierluigi Paganini February 02, 2023
A High-severity bug in F5 BIG-IP can lead to code execution and DoS

Experts warn of a high-severity vulnerability that affects F5 BIG-IP that can lead to arbitrary code execution or DoS condition. A high-severity vulnerability in F5 BIG-IP, tracked as CVE-2023-22374, can be exploited to cause a DoS condition and potentially lead to arbitrary code execution. “A format string vulnerability exists in iControl SOAP that allows an […]

Pierluigi Paganini July 25, 2022
Drupal developers fixed a code execution flaw in the popular CMS

Drupal development team released security updates to fix multiple issues, including a critical code execution flaw. Drupal developers have released security updates to address multiple vulnerabilities in the popular CMS: Drupal core – Moderately critical – Multiple vulnerabilities – SA-CORE-2022-015 Drupal core – Critical – Arbitrary PHP code execution – SA-CORE-2022-014 Drupal core – Moderately […]

Pierluigi Paganini January 21, 2022
A bug in McAfee Agent allows running code with Windows SYSTEM privileges

McAfee addressed a security flaw in its McAfee Agent software for Windows that allows running arbitrary code with SYSTEM privileges. McAfee (now Trellix) has addressed a high-severity vulnerability, tracked as CVE-2022-0166, that resides in McAfee Agent software for Windows. An attacker can exploit this flaw to escalate privileges and execute arbitrary code with SYSTEM privileges. The McAfee Agent is […]

Pierluigi Paganini January 16, 2021
Siemens fixed tens of flaws in Siemens Digital Industries Software products

Siemens has addressed tens of vulnerabilities in Siemens Digital Industries Software products that can allow arbitrary code execution. Siemens has addressed 18 vulnerabilities affecting some products of Siemens Digital Industries Software which provides product lifecycle management (PLM) solutions. The vulnerabilities affect Siemens JT2Go, a 3D viewing tool for JT data (ISO-standardized 3D data format) and […]

Pierluigi Paganini September 10, 2020
Palo Alto Networks fixes severe Code Execution and DoS flaws in PAN-OS

Palo Alto Networks addressed critical and high-severity denial-of-service (DoS) and arbitrary code execution vulnerabilities in its PAN-OS firewall software. Palo Alto Networks has released security updates to patch critical and high-severity denial-of-service (DoS) and arbitrary code execution vulnerabilities in its PAN-OS firewall software. The most severe flaw is a buffer overflow issue can be exploited […]

Pierluigi Paganini August 27, 2020
Microsoft fixes code execution, privilege escalation in Microsoft Azure Sphere

Microsoft addressed vulnerabilities in Microsoft Azure Sphere that could lead to the execution of arbitrary code or to the elevation of privileges. Microsoft has recently addressed some vulnerabilities impacting Microsoft Azure Sphere that could be exploited by attackers to execute arbitrary code or to elevate privileges. Azure Sphere OS adds layers of protection and ongoing security […]

Pierluigi Paganini June 27, 2020
NVIDIA addressed multiple code execution issues in GPU Drivers

NVIDIA released security patches for a dozen vulnerabilities in GPU display drivers and vGPU software, including code execution issues. NVIDIA has released security updates to address a dozen vulnerabilities in GPU display drivers and vGPU software, some of them could lead to code execution. “NVIDIA has released a software security update for NVIDIA GPU Display […]

Pierluigi Paganini June 24, 2020
VMware addresses critical flaws in Workstation and Fusion

VMware addressed 10 vulnerabilities affecting its ESXi, Workstation and Fusion products, including critical and high-severity code issues on the hypervisor. VMware has addressed 10 vulnerabilities affecting ESXi, Workstation and Fusion products, including critical and high-severity issues that can be exploited by attackers to execute arbitrary code on the hypervisor. The most serious issue is a […]

Pierluigi Paganini March 13, 2020
VMware fixes a critical bug in Workstation, Fusion that allows code execution on host From guest

VMware has fixed three serious flaws in its products, including a critical issue in Workstation and Fusion that allow code execution on the host from guest. VMware has addressed three serious vulnerabilities in its products, including a critical flaw in Workstation and Fusion that could be exploited to execute code on the host from guest. […]

Pierluigi Paganini October 07, 2018
D-Link fixed several flaws in Central WiFiManager access point management tool

D-Link addresses several remote code execution and XSS vulnerabilities affecting the Central WiFiManager access point management tool. D-Link issued security patches to address several remote code execution and cross-site scripting (XSS) vulnerabilities affecting the Central WiFiManager access point management tool. The vulnerabilities have been reported by researchers at SecureAuth/CoreSecurity D-Link Central WiFiManager software controller helps network […]