Patch/Configuration Management, Vulnerability Management

Oracle quarterly update offers 86 security fixes

January 16, 2013

Oracle on Tuesday shipped its quarterly security update to close 86 vulnerabilities across its product line. Fixes included six for the company's popular Database Server, 13 for Enterprise Grid Control and 18 for MySQL. The most serious hole plugged was CVE-2013-0361 in the Database Mobile/Lite Server, which is remotely exploitable without authentication. The update from Oracle came two days after it released an out-of-cycle patch for a major Java 7 vulnerability being actively exploited.

Dan Kaplan

Vulnerability Management

Apple patches TCC bypass vulnerability

SC StaffDecember 19, 2024

The vulnerability, tracked as CVE-2024-44131, was discovered in the FileProvider component and has been fixed in iOS 18, iPadOS 18, and macOS Sequoia 15 through improved validation of symbolic links.

concept of leaky software, data with a tap sticking out.3d illustration

Data Security

Misconfiguration exposes Virtavo security cam user data

SC StaffDecember 18, 2024

Over 8.7 million records, many of which are duplicates, were discovered within the server, including user phone numbers, network information, device identifiers, performance metrics, and other personal details, according to Cybernews researchers.