Patch

Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes – Go Health Pro

by
Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes – Go Health Pro

Apr 10, 2025Ravie LakshmananContainer Security / Vulnerability Cybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put sensitive data at risk. The original vulnerability CVE-2024-0132 (CVSS score: 9.0) is a Time-of-Check Time-of-Use (TOCTOU) vulnerability that could lead to … Read more

Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw – Go Health Pro

by
Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw – Go Health Pro

Apr 08, 2025Ravie LakshmananNetwork Security / Vulnerability Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an attacker to make unauthorized password changes. The vulnerability, tracked as CVE-2024-48887, carries a CVSS score of 9.3 out of a maximum of 10.0. “An unverified password change vulnerability [CWE-620] in FortiSwitch … Read more

6 Zero-Days in March 2025 Patch Tuesday – Krebs on Security – Go Health Pro

by
6 Zero-Days in March 2025 Patch Tuesday – Krebs on Security – Go Health Pro

Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation. Two of the zero-day flaws include CVE-2025-24991 and CVE-2025-24993, both vulnerabilities in NTFS, the default file system for Windows and Windows Server. Both require the attacker to … Read more

Broadcom urges VMware customers to patch ‘emergency’ zero-day bugs under active exploitation – Go Health Pro

by
Broadcom urges VMware customers to patch ‘emergency’ zero-day bugs under active exploitation – Go Health Pro

U.S. technology giant Broadcom is warning that a trio of VMware vulnerabilities are being actively exploited by malicious hackers to compromise the networks of its corporate customers.  The three vulnerabilities — collectively dubbed “ESXicape” by one security researcher — affect VMware ESXi, Workstation, and Fusion, which are widely used software hypervisor products that allow multiple … Read more

New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now – Go Health Pro

by
New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now – Go Health Pro

Feb 18, 2025Ravie LakshmananVulnerability / Network Security Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain conditions. The vulnerabilities, detailed by the Qualys Threat Research Unit (TRU), are listed below – CVE-2025-26465 … Read more