Notepad++ Flaw
Several Buffer Overflow vulnerabilities have been discovered in Notepad++ that can be exploited by threat actors for malicious purposes. The severities of these vulnerabilities vary from 5.5 (Medium) to 7.8 (High).
Splunk IT Service Intelligence Injection Flaw
Splunk has been reported with a Unauthenticated Log injection vulnerability in the Splunk IT Service Intelligence (ITSI) product. This vulnerability exists in Splunk ITSI versions before 4.13.3 or 4.15.3.
Microsoft Edge Privilege Escalation
Microsoft Edge has published a release note that mentioned a Privilege escalation vulnerability with the CVE ID of CVE-2023-36741 and has a CVSS Score of 8.3 (High). This vulnerability exists in the Microsoft-Edge Chromium-based versions before 116.0.1938.62.
Google Chrome Security Update
Google has updated the Stable and Extended Stable channels for Mac, Linux, and Windows to version 116.0.5845.140/.141 to address a security issue in Chrome.
Hackers Embedding Weaponized Word File into a PDF
To avoid detection, hackers employed a new method dubbed “MalDoc in PDF” to insert a malicious Word file into a PDF file.
2.6 Million DuoLingo Users’ Info Exposed
The popular language learning platform has come under scrutiny as a post on a hacker’s forum offers access to information from 2.6 million customer accounts for a mere $1,500.
Hackers Can Exploit Skype Vulnerability to Find User IP Address
Hackers can now capture your IP address and expose your physical location by sending a Skype link, even if you don’t click it.
Discover more from Information Security Blogs
Subscribe to get the latest posts sent to your email.
