Apache fixes the HTTP Path Traversal Vulnerability (CVE-2021-41773)

Apache Software Foundation has published HTTP Web Server version 2.4.50 to fix the CVE-2021-41773 vulnerability in Apache Server version 2.4.49. This is a path traversal and file disclosure flaw that could allow attackers to gain access to sensitive data, and according to the report, is being actively exploited. The Apache HTTP Server is a cross-platform, … Continue reading “Apache fixes the HTTP Path Traversal Vulnerability (CVE-2021-41773)”

Apple macOS Finder Remote Code Execution Zero-Day Vulnerability

A zero-day security flaw in Apple’s macOS Finder system has been detected. This vulnerability allows remote attackers to fool users into running arbitrary commands. Zero-day vulnerabilities are defects that have been publicly published but have not yet been patched by the vendor. These vulnerabilities are sometimes actively exploited by attackers or have publicly available proof-of-concept exploits. … Continue reading “Apple macOS Finder Remote Code Execution Zero-Day Vulnerability”

Microsoft Windows June 2021 Zero-day Vulnerabilities

On June 2021 Patch Tuesday, Microsoft addressed 50 vulnerabilities; and out of these, 5 were critical and 45 were important bugs. 3 vulnerabilities were previously known, and 6 are being actively exploited by attackers. The 6 exploited vulnerabilities are: CVE-2021-31955, CVE-2021-31956, CVE-2021-33739, CVE-2021-33742, CVE-2021-31199, & CVE-2021-31201. CVE-2021-31955 and CVE-2021-31956 are Windows Kernel Information Disclosure vulnerability … Continue reading “Microsoft Windows June 2021 Zero-day Vulnerabilities”