Apple Patches iOS Zero-Day

Subscribe to Newsletters

Cybersecurity Risk Management FREE Event 4/22
The Future of Authentication – Interop Digital April 29
Network Security for 2021 and Beyond (April 29)

More Informa Tech Live Events

White Papers

Threat Reconnaissance Lessons from the Private Sector for Federal & State Agencies

2021 Application Security Statistics Report Vol.2

10 Must-Have Capabilities for Stopping Malicious Automation Checklist

Improve MITRE ATT&CK Test Results for Endpoint Security Using Deception

The Definitive Buyer’s Guide for Managed Threat Detection and Response Services

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: As God as my witness, I thought chickens could type.

Cartoon Archive

Current Issue

2021 Top Enterprise IT TrendsWe’ve identified the key trends that are poised to impact the IT landscape in 2021. Find out why they’re important and how they will affect you today!

Back Issues | Must Reads

Flash Poll

All Polls

How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.

Download Now!

Assessing Cybersecurity Risk in Today’s Enterprises

0 comments

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

More Reports

Twitter Feed

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database
CVE-2021-3275
PUBLISHED: 2021-03-26

Unauthenticated stored cross-site scripting (XSS) exists in multiple TP-Link products including WIFI Routers (Wireless AC routers), Access Points, ADSL + DSL Gateways and Routers, which affects TD-W9977v1, TL-WA801NDv5, TL-WA801Nv6, TL-WA802Nv5, and Archer C3150v2 devices through the improper valida…

CVE-2021-23889
PUBLISHED: 2021-03-26

Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 allows ePO administrators to inject arbitrary web script or HTML via multiple parameters where the administrator’s entries were not correctly sanitized.

CVE-2021-23890
PUBLISHED: 2021-03-26

Information leak vulnerability in the Agent Handler of McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 allows an unauthenticated user to download McAfee product packages (specifically McAfee Agent) available in ePO repository and install them on their own machines to have it managed and th…

CVE-2021-23888
PUBLISHED: 2021-03-26

Unvalidated client-side URL redirect vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 could cause an authenticated ePO user to load an untrusted site in an ePO iframe which could steal information from the authenticated user.

CVE-2021-20681
PUBLISHED: 2021-03-26

Improper neutralization of JavaScript input in the page editing function of baserCMS versions prior to 4.4.5 allows remote authenticated attackers to inject an arbitrary script via unspecified vectors.

The post Apple Patches iOS Zero-Day appeared first on Malware Devil.

https://malwaredevil.com/2021/03/26/apple-patches-ios-zero-day/?utm_source=rss&utm_medium=rss&utm_campaign=apple-patches-ios-zero-day