Zero Care pour les Zero Days : bilan d’une année 2021

L’année 2021 est bel et bien présentée comme l’une des pires années jamais enregistrées en ce qui concerne le volume de vulnérabilités de type “zero-day” exploitées dans la nature. Certains y voient la preuve d’une meilleure détection par l’industrie, tandis que d’autres y voient une meilleure divulgation par les victimes. D’autres concluront qu’à mesure que […]

Continue Reading

VMware addresses File Read and SSRF flaws in vCenter Server

VMware addressed arbitrary file read and server-side request forgery (SSRF) vulnerabilities in its vCenter Server product. VMware this week addressed arbitrary file read and server-side request forgery (SSRF) vulnerabilities affecting its vCenter Server product. vCenter Server is the centralized management utility for VMware, and is used to manage virtual machines, multiple ESXi hosts, and all dependent […]

Continue Reading

VMware discloses a severe flaw in vCenter Server that has yet to fix

VMware announced it is working on patches for an important severity privilege escalation vulnerability affecting vCenter Server. VMware announced it’s working on security patches to address an important severity privilege escalation vulnerability, tracked as CVE-2021-22048, in its vCenter Server. vCenter Server is the centralized management utility for VMware and is used to manage virtual machines, multiple […]

Continue Reading