security update
![](https://img.helpnetsecurity.com/wp-content/uploads/2019/10/09092849/docker-warning-400x200.jpg)
Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
A critical-severity Docker Engine vulnerability (CVE-2024-41110) may be exploited by attackers to bypass authorization plugins (AuthZ) via specially crafted API request, …
![](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/18164309/splunk-1500-2-400x200.webp)
Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)
A recently fixed vulnerability (CVE-2024-36991) affecting Splunk Enterprise on Windows “is more severe than it initially appeared,” according to SonicWall’s …
![Cisco](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12084252/cisco-neon2-400x200.jpg)
Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419)
Cisco has fixed two critical vulnerabilities that may allow attackers to overwrite files on its Secure Email Gateways (CVE-2024-20401) and change the password of any user on …
![Patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/07160340/patch_tuesday-2024-2-400x200.webp)
Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)
For July 2024 Patch Tuesday, Microsoft has released security updates and patches that fix 142 CVEs, including two exploited zero-days (CVE-2024-38080, CVE-2024-38112) in …
![Progress MOVEit](https://img.helpnetsecurity.com/wp-content/uploads/2024/06/25191718/progress-moveit-1500-400x200.webp)
Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806)
Progress Software has patched one critical (CVE-2024-5805) and one high-risk (CVE-2024-5806) vulnerability in MOVEit, its widely used managed file transfer (MFT) software …
![Patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2024/05/14201548/patch_tuesday_news2-400x200.webp)
Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103)
June 2024 Patch Tuesday is here and Microsoft has delivered fixes for a critical MSMQ flaw (CVE-2024-30080) and a RCE vulnerability in Microsoft Outlook (CVE-2024-30103). 49 …
![Patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2024/03/12195711/patch_tuesday_2024-400x200.webp)
June 2024 Patch Tuesday forecast: Multiple announcements from Microsoft
June 2024 Patch Tuesday is now live: Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103) May 2024 Patch Tuesday was unusual because we had …
![Google Chrome](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12104200/chrome-connection1-400x200.jpg)
Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274)
For the eighth time this year, Google has released an emergency update for its Chrome browser that fixes a zero-day vulnerability (CVE-2024-5274) with an in-the-wild exploit. …
![QNAP](https://img.helpnetsecurity.com/wp-content/uploads/2024/05/21161555/qnap-1500-400x200.webp)
15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130)
Researchers have found 15 vulnerabilities in QNAP’s network attached storage (NAS) devices, and have released a proof-of-concept for one: an unauthenticated stack …
![git](https://img.helpnetsecurity.com/wp-content/uploads/2023/01/19125253/git-19012023-04-400x200.jpg)
Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)
New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a …
![Google Chrome](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12104156/chrome-wave-400x200.jpg)
Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947)
For the third time in the last seven days, Google has fixed a Chrome zero-day vulnerability (CVE-2024-4947) for which an exploit exists in the wild. About CVE-2024-4947 …
![Patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2024/05/14201548/patch_tuesday_news2-400x200.webp)
May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040)
For May 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, including two zero-days (CVE-2024-30051, CVE-2024-30040) actively exploited by …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege