The Mozilla Foundation Security has released an advisory to patch critical vulnerabilities in Firefox and Firefox ESR products which could allow a remote attacker to take control of an affected system.
Sierra Wireless patched two vulnerabilities in several of its AirLink routers that if exploited could allow the execution of arbitrary code or gain full control of a system.
A patch released Tuesday by Adobe fixes a critical confusion vulnerability, CVE-2018-4944, found in all Flash Player versions up to 22.214.171.124.
Drupal announced its third critical website bug found in the last month and has issued an unscheduled security update to patch a code-execution bug that is being actively exploited in the wild.
Juniper Networks released more than a dozen security updates to patch a wide range of issues including two denial-of-service vulnerabilities and one for remote code execution.
Microsoft Corporation on Tuesday announced an emergency patch for a memory corruption vulnerability in its Microsoft Malware Protection Engine (MMPE) that remote attackers can exploit to execute arbitrary code.
Despite a lack of appropriate visibility and control measures in place, cloud-based HR applications are now the most highly used cloud applications across organisations, with 139 such apps being used by organisations on average.
Apple just released a patch to fix its crash bug that allowed specially crafted messages to disable access to iMessage and other messaging apps.
Skype is reportedly refusing to patch a security vulnerability in its updater process which could allow an attacker to gain system level privileges on a vulnerable computer.
Organisations need to apply patch to prevent malicious code execution from USB flash drives. Linux systems could be a risk from malware on USB memory sticks, according to security researchers.
Microsoft patched nearly 50 vulnerabilities this month, including patches for an Adobe Flash Player zero-day vulnerability that was announced earlier this month.
Amazon is issuing a security patch for its "Key"services shortly after a researcher posted a video demonstration of them claiming to hack the Amazon device using a Raspberry Pi.
NSA exploits stolen by hacker Shadow Brokers can be tweaked to exploit vulnerabilities in all versions of Windows, including Windows 10 - so deploy the MS17-010 security update from Microsoft as soon as possible.
Researchers are reporting that an increasingly sophisticated North Korean hacking group is responsible for an attack campaign exploiting CVE-2018-4878, a critical use-after-free flaw in Flash Player that has not yet been patched.
Mozilla patched an unsanitised output flaw in its Firefox browser user interface that could lead to arbitrary code execution.
Cryptocurrency miners have begun using two older and already patched vulnerabilities to compromise servers to mine the Monero digital currency.
Intel is recommending that vendors and end users stop deploying the current version of its patch designed to fix the Spectre/Meltdown vulnerabilities that were discovered in most of the company's processors.
Lenovo released a patch for a vulnerability introduced 14 years ago via a firmware update by the now-defunct Nortel Networks and its blade server and switch business unit.
Microsoft is having a different type of Patch Tuesday, instead of simply pushing out security updates the company is dealing with several new issues surrounding the patches it released last week to mitigate Spectre/Meltdown issues.
The first patch Tuesday of 2018 has Adobe issuing its first patch for the new year, a lone entry for Flash Player rated as "important".
Apple followed up on its promise last week and rolled out updates for macOS High Sierra, Safari and iOS to patch the Spectre vulnerabilities CVE-2017-5753 and CVE-2017-5715 in Intel's processor family.
The popular Bitcoin client Electrum has developed a patch for a critical vulnerability that allows malicious websites to steal from digital wallets that are not password-protected.
Apple released security updates for its mobiles, set top box and Window's iCloud platform shortly after rolling out another patch for the KRACK exploits.
Researchers recently discovered that a nearly two-decade-old vulnerability in TLS stacks was still exploitable due to insufficient protective counter-measures some used by highly popular websites.
TeamViewer has rushed out an emergency patch to fix a security flaw that could allow hackers to take over other machines during an active session.
Apple released security updates to patch vulnerabilities in its iOS, mac OS, tvOS and watchOS platforms, some of which could have been used to remotely exploit the affected devices.
Bindecy security researchers identified a flaw in the original patch code of the Dirty Cow vulnerability which could ultimately lead to a privilege escalation attack.
Online retailer AliExpress fixed an open redirect vulnerability in its online shopping portal last October that could have been exploited to display a fake coupon designed to phish sensitive information from those who viewed it.
Adobe's November Patch Tuesday included 83 patches, including fixes for five critical-rated issues in Flash Player. Reader and Acrobat, by themselves, generated more than five dozen CVEs.