Vulnerability / Zero-Day Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that could be exploited to … Read more
December 2023 Patch Tuesday 34 flaws and one previously disclosed, unpatched vulnerability in AMD CPUs. The number of bugs in each vulnerability category is listed below: 10 Elevation of Privilege Vulnerabilities 8 Remote Code Execution Vulnerabilities 6 Information Disclosure Vulnerabilities 5 Denial of Service Vulnerabilities 5 Spoofing Vulnerabilities The total count of 34 flaws does … Read more
Zyxel Firewall Devices Security Flaws. Networking equipment maker Zyxel has released patches for a critical security flaw in its firewall devices that could be exploited to achieve remote code execution on affected systems. The issue, tracked as CVE-2023-28771, is rated 9.8 on the CVSS scoring system Very High. Researchers from TRAPA Security have been credited … Read more