Google released to all users and partners its November security bulletin for the Android operating system, with fixes for critical remote code execution (RCE) and privilege escalation vulnerabilities.
A design flaw in the WordPress permission system used by plugins and a file deletion vulnerability in a very popular eCommerce plugin called WooCommerce could allow attackers to gain full control over a WordPress site.
A vulnerability that is trivial to exploit allows privilege escalation to root level on Linux and BSD distributions using X.Org server, the open source implementation of the X Window System that offers the graphical environment.
Vulnerabilities in NordVPN and ProtonVPN clients allow an attacker to execute code on the affected computer with the rights of an administrator.
Security researchers have discovered a new exploitation technique that they say can bypass the kernel protection measures present in the Windows operating systems.