Two bugs (CVE-2020-4703 and CVE-2020-4711) in IBM’s Spectrum Protect Plus data-storage protection solution could enable remote code execution.
The flaws are disclosed as Oracle reportedly partners with TikTok as concerns in the U.S. over spying continue.
The “BootHole” bug could allow cyberattackers to load malware, steal information and move laterally into corporate, OT ,IoT and home networks.
Critical Adobe Flash Player and Framemaker flaws could enable arbitrary code execution.
Adobe fixed critical flaws in Illustrator, Magento and Bridge in an out-of-band security update.
Overall, Adobe patched flaws tied to 42 CVEs as part of its regularly scheduled updates.
Multiple critical memory safety bugs in Firefox 69 and Firefox ESR 68.1 in particular affect medium and large government entities and enterprises.
The flaw affected all versions of Microsoft Office, Microsoft Windows and architecture types dating back to 2000, and was patched in November 2017.
An unscheduled patch fixed two critical flaws that could enable arbitrary code execution.
Adobe issues patch for a Flash Player vulnerability that could lead to an arbitrary code execution on targeted systems.