Actively Exploited Zero-Day Vulnerability in Google Chrome (CVE-2023-6345)

Google has released Chrome Version 119.0.6045.199 for Mac and Linux, and Version 119.0.6045.199/200 for Windows to address seven security issues, including a zero-day vulnerability (CVE-2023-6345). Based on the official site for Chrome updates, “Google is aware of reports that an exploit for CVE-2023-6345 exists in the wild.”. _____________________________ A. Nature of Vulnerability CVE-2023-6348 CVE-2023-6347 CVE-2023-6346 continue reading : Actively Exploited Zero-Day Vulnerability in Google Chrome (CVE-2023-6345)

Critical Vulnerabilities in VMware vCenter Server and VMware Cloud Foundation

VMware has released security updates to address critical vulnerabilities (CVE-2023-34048 and CVE-2023-34056) in VMware vCenter Server and VMware Cloud Foundation. Based on the official advisory, “A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution”. _____________________________ A. Nature of Vulnerabilities CVE-2023-34048 CVE-2023-34056 _____________________________ B. Actions continue reading : Critical Vulnerabilities in VMware vCenter Server and VMware Cloud Foundation

Actively Exploited Zero-Day Vulnerability in Cisco IOS XE Software

Cisco has released a security advisory to address an actively exploited zero-day vulnerability(CVE-2023-20198 in the web user interface of Cisco IOS XE software.  Based on the evidence analyzed by Cisco, a suspicious activity was observed on September 28, 2023 which includes the creation of unauthorized account on a customer’s device. Additionally on October 12, Cisco continue reading : Actively Exploited Zero-Day Vulnerability in Cisco IOS XE Software

Microsoft Releases October 2023 Patch Tuesday Security Updates

Microsoft has released its October 2023 Patch Tuesday security updates to fix multiple vulnerabilities across its products, including three reported zero-day vulnerabilities (CVE-2023-36563, CVE-2023-41763, and CVE-2023-44487) that are currently being exploited in the wild. Based on the official release notes from Microsoft, there are a total of 103 Microsoft CVEs and 2 non-Microsoft CVEs. ____________________________ continue reading : Microsoft Releases October 2023 Patch Tuesday Security Updates

Actively Exploited Zero-Day Vulnerability in Google Chrome (CVE-2023-5217)

Google has released Chrome Version 117.0.5938.132 for Mac, Linux, and Windows to address several security vulnerabilities, including a zero-day vulnerability (CVE-2023-5217). Based on the official site for Chrome updates, “Google is aware of reports that an exploit for CVE-2023-5217 exists in the wild”. _____________________________ A. Nature of Vulnerabilities CVE-2023-5217 CVE-2023-5186  CVE-2023-5187 _____________________________ B. Actions to continue reading : Actively Exploited Zero-Day Vulnerability in Google Chrome (CVE-2023-5217)