highseverity

  • Blog

    Qualcomm patches high-severity zero-day exploited in attacks

    Qualcomm has released security patches for a zero-day vulnerability in the Digital Signal Processor (DSP) service that impacts dozens of chipsets. The security flaw (CVE-2024-43047) was reported by Google Project Zero’s Seth Jenkins and Amnesty International Security Lab’s Conghui Wang, and it is caused by a use-after-free weakness that can lead to memory corruption when successfully exploited by local attackers…

    Read More »
  • Blog

    CISA issues alert over two high-severity DrayTek vulnerabilities – here’s what you need to know

    CISA has added three security flaws to its known exploited vulnerabilities (KEV) catalog, including two affecting DrayTek’s network equipment management software, VigorConnect. The third vulnerability added to the catalog affects Kingsoft’s popular WPS Office productivity suite. All three vulnerabilities were described as path traversal flaws, that allow attackers to read sensitive files they should not be able to access. The…

    Read More »
Back to top button
close