Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers – Go Health Pro

Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers – Go Health Pro

May 06, 2025Ravie LakshmananVulnerability / Mobile Security Google has released its monthly security updates for Android with fixes for 46 security flaws, including one vulnerability that it said has been exploited in the wild. The vulnerability in question is CVE-2025-27363 (CVSS score: 8.1), a high-severity flaw in the System component that could lead to local … Read more

Google fixes Cloud Composer privilege escalation vulnerability – Go Health Pro

Google fixes Cloud Composer privilege escalation vulnerability – Go Health Pro

Google fixed a vulnerability in Cloud Composer 2 that could have led to privilege escalation through exploitation of the default Cloud Build service account, Tenable researchers reported Tuesday.Cloud Composer is an Apache Airflow-based fully managed workflow orchestration service within the Google Cloud Platform that can be used to create, schedule and monitor data pipelines.Cloud Composer … Read more

GitLab fixes critical SSO bypass vulnerabilities in update – Go Health Pro

GitLab fixes critical SSO bypass vulnerabilities in update – Go Health Pro

GitLab posted updates to its platform following the disclosure of a pair of critical security vulnerabilities.The company said that both the Enterprise and Community Edition platforms should be updated as soon as possible to protect against any potential exploit attempts.“We are committed to ensuring all aspects of GitLab that are exposed to customers or that … Read more

CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25 – Go Health Pro

CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25 – Go Health Pro

Feb 05, 2025Ravie LakshmananVulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows – CVE-2024-45195 (CVSS score: 7.5/9.8) – A forced browsing vulnerability in Apache … Read more

Microsoft fixes CVSS 9.9 vulnerability in Azure AI Face service – Go Health Pro

Microsoft fixes CVSS 9.9 vulnerability in Azure AI Face service – Go Health Pro

Microsoft has fixed a critical vulnerability in its Azure AI Face service deemed worthy of a CVSS score of 9.9 potentially leading to elevation of privileges over a network. Azure AI Face is a cloud-based facial recognition service that is capable of detecting, analyzing and recognizing human faces. The service can be used by developers … Read more