CISA Says Two Old JasperReports Vulnerabilities Exploited in Attacks

The US Cybersecurity and Infrastructure Security Agency (CISA) has added two JasperReports flaws to its Known Exploited Vulnerabilities Catalog. Tibco’s JasperReports Library is advertised as the world’s most popular open source reporting engine. The JasperReports Server software is designed to enable non-technical users to create reports, dashboards, and visualizations. CISA has learned that two JasperReports […]

Read More

Google Patches Eighth Chrome Zero-Day of 2022

An emergency Chrome update that Google announced on Thanksgiving Day addresses an actively exploited zero-day in the popular browser. Tracked as CVE-2022-4135, the high-severity vulnerability is described as a heap buffer overflow in Chrome’s GPU component. “Google is aware that an exploit for CVE-2022-4135 exists in the wild,” the internet giant notes. A National Vulnerability […]

Read More