A vulnerability is a flaw that can be exploited by an attacker to perform unauthorized actions within a computer system. A vulnerability can be rated on a severity scale of Critical, high, medium, and low. Vulnerabilities that score in the critical range have the potential to result in root-level compromise of servers or infrastructure devices. The exploitation of a critical vulnerability is usually straightforward, in the sense that the attacker does not need any special authentication credentials or knowledge about individual victims, and does not need to persuade a target user into performing any special functions.
For critical vulnerabilities, it is advised that you patch or upgrade as soon as possible unless you have other mitigating measures in place.

What do Crowdsourced cybersecurity experts recommend?                                                                                                                                 

Crowdsourced Cybersecurity warned SolarWinds users about SUPERNOVA Malware

Lack of crowdsourced cybersecurity has made SolarWinds Orion vulnerable against a zero-day vulnerability on the authentication bypass section. The vulnerability that may make it possible to deploy the SUPERNOVA malware in target environments. Regardless of the reasons such as lack of crowdsourced cybersecurity contributing to this vulnerability, let us read what exactly Carnegie Mellon University…

IBM Logo

Researcher Discloses 4 Zero-Day Vulnerabilities in IBM Data Risk Manager

A cybersecurity researcher disclosed four zero-day vulnerabilities in IBM’s enterprise security software after the company refused to fix the issues and acknowledge the private disclosure report. The vulnerabilities affect the IBM Data Risk Manager software ― a tool that provides companies with “a business-consumable data risk control center that helps to uncover, analyze, and visualize data-related business…

vMware logo

VMware patched critical flaw on vCenter Server

VMware has fixed a critical vulnerability in its latest security update. The critical information-disclosure bug exists in the vCenter Server virtual infrastructure management platform.  “With vCenter Server, virtual environments are easier to manage: a single administrator can manage hundreds of workloads, more than doubling typical productivity when managing physical infrastructure,” says VMware. The vulnerability in…

Mozilla Firefox Logo

Mozilla releases security patches for Firefox critical vulnerabilities exploited in the wild

Mozilla patched two critical zero-days in Firefox 74.0.1. The vulnerabilities were exploited in the wild through targeted attacks. Mozilla is now urging users to update their Firefox browsers to fix the two bugs. The two vulnerabilities, tracked as CVE-2020-6819 and CVE-2020-6820, are both use-after-free. Use-after-free flaws are a type of memory corruption that could lead…

vulnerabilities in WordPress SEO plugin - Rank Math

Vulnerabilities in WordPress SEO Plugin Modify Administrative Access, Create Malicious Redirects on Site

WordPress security plugin, Wordfence, discovered two high severity vulnerabilities in the WordPress SEO Plugin – Rank Math. The vulnerabilities, if exploited, allow unauthorized attackers to grant or revoke administrative privileges or lock admins out. The privilege escalation vulnerability in the WordPress SEO plugin, Rank Math, allows attackers to grant administrative access to any registered user…