On Monday, Apple released an iPhone security update to fix a major vulnerability that is being exploited in the wild. With the latest patch, the corporation has now resolved a total of 17 zero-days in 2021 – a new high. The vulnerability CVE-2021-30883 involves a memory corruption flaw in the IOMobileFrameBuffer component. This flaw allows an application to run arbitrary … Continue reading “Apple releases emergency update to address the arbitrary code execution zero-day vulnerability (CVE-2021-30883)”
Tag: Arbitrary Code Execution Vulnerability
Pulse Connect Secure Authenticated Arbitrary Code Execution Vulnerability (CVE-2021-22908)
Pulse Connect Secure (PCS) gateway contains a buffer overflow vulnerability in Samba-related code that may allow authenticated remote attacker to execute arbitrary code. By performing certain SMB operations with a specially crafted server name, an authenticated attacker may be able to execute arbitrary code with root privileges on a vulnerable PCS server. PCS allows to … Continue reading “Pulse Connect Secure Authenticated Arbitrary Code Execution Vulnerability (CVE-2021-22908)”