Nicholas Coolman

Nicolas Coolman is a French IT and IT security expert with a degree in software engineering. It specializes in scanning and disinfecting malware, including adware, ransomware, Trojans and other types of unwanted software. Nicolas Coolman is also the creator of several computer security tools, such as "ZHPCleaner" and "ZHPDiag", which are widely used by users to scan and clean malware from their Windows operating systems. Nicolas Coolman is very active in the IT security community and regularly shares his knowledge and findings on his website and on security forums. His expertise is recognized by many users and IT professionals, and he is considered a reference in the field of combating malware.

Two Netapp security advisories from March 22, 2024

113 Multiple Netapp StorageGRID Security Bulletins March 22, 2024 Two security advisories from NetApp address vulnerabilities CVE-2024-21983 and CVE-2024-21984 in its StorageGRID product. These gave an attacker the opportunity to intervene from a distance. Exploitation of these flaws could make it possible to inject indirect code (XSS) and cause a denial of service (DDos). Successful exploitation of CVE-2024-21984 could lead to the disclosure of sensitive information or unauthorized modification of data. CVE-2024-21983: Concerns a denial of service vulnerability in StorageGRID. Certain versions of StorageGRID are susceptible to a denial of service (DoS) vulnerability. A successful exploit by an authenticated attacker could result in an out-of-memory condition or a reboot of the […]

Two Netapp security advisories from March 22, 2024 Read more "

Arbitrary code, corrective, DDoS, Fault, NetApp, Data Breach, XSS

Mozilla security advisory dated March 22, 2024

182 Mozilla plubie deux avis de sécurité le 22 mars 2024. Mozilla corrige deux vulnérabilités de niveau critique dans son navigateur Firefox. Elles permettent à un attaquant de provoquer une exécution de code arbitraire javascript à distance et un contournement de la politique de sécurité. CVE-2024-29943 : Faille critique avec un accès hors limites via le contournement de l’analyse de plage. Un attaquant a pu effectuer une lecture ou une écriture hors limites sur un objet JavaScript en trompant l’élimination de la vérification des limites basée sur la plage. CVE-2024-29944 : Faille critique avec une exécution JavaScript privilégiée via des gestionnaires d’événements. Un attaquant a pu injecter un gestionnaire d’événements dans un objet privilégié qui permettrait l’exécution arbitraire de JavaScript dans

Mozilla security advisory dated March 22, 2024 Read more "

CERT, Arbitrary code, corrective, Fault, Firefox, Mozilla, Security policy

An RCE exploit published by Fortinet

172 Fortinet publishes an exploit on a critical RCE flaw. An exploit has just been released by Fortinet concerning a remote code execution (RCE) flaw actively used in attacks. Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now being actively exploited in attacks. This security vulnerability is an SQL injection in the DB2 Administration Server (DAS) component discovered and reported by the UK National Cyber ​​Security Center (NCSC). CVE-2023-48788: Improper neutralization of special elements used in an SQL command ("SQL injection") in Fortinet FortiClientEMS versions 7.2.0 to 7.2.2, FortiClientEMS 7.0.1 to 7.0.10 allows

An RCE exploit published by Fortinet Read more "

Arbitrary code, Fault, Fortinet, Security policy, RCE

Urgent Windows Server fix.

162 Microsoft urgently fixes Windows Server outages following the latest security updates. Microsoft releases emergency fix for Windows Server crashes. Microsoft has released emergency out-of-band (OOB) updates to address a known issue that causes Windows domain controllers to crash. This outage comes after installing Windows Server March 2024 security updates. Many system administrators have warned since this month's Patch Tuesday that servers are freezing and restarting unexpectedly due to a leak of memory in the LSASS (Local Security Authority Subsystem Service) process. Microsoft had confirmed the Windows Server problem behind the controller crashes

Urgent Windows Server fix. Read more "

corrective, Fault, Microsoft, Security policy

Kaspersky Password Manager security patch

166 Kaspersky fixes a security issue in Password Manager. Kaspersky issues a security bulletin regarding the use of its Kaspersky Password Manager (KPM) digital safe for Windows. This flaw allowed auto-filled credentials to be retrieved from a core dump when the KPM extension for Google Chrome is used. The security bulletin does not indicate any evidence of exploitation of this issue. According to Kaspersky security experts, to exploit this vulnerability, an attacker must trick a user into visiting a website login form. As soon as credentials are saved, and the KPM extension should automatically populate these credentials. The attacker must then launch a malicious module to steal these specific credentials. It is recommended to use the solution

Kaspersky Password Manager security patch Read more "

Policy, corrective, Fault, Kaspersky

Microsoft Security Advisory March 14, 2024

196 Issue of three security advisories from Microsoft on March 14, 2024 Microsoft is publishing three security bulletins on its Microsoft Edge browser based on the Chromium kernel on March 14, 2024. They allow an attacker to cause security policy bypass, identity theft and a security issue not specified by the publisher. CVE-2024-2400: Free use in Performance Manager. Free use in Performance Manager in Google Chrome before 122.0.6261.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability poses a high security severity level to Chromium. CVE-2024-26163: Security feature bypass vulnerability in Microsoft Edge (Chromium-based). CVE-2024-26246:

Microsoft Security Advisory March 14, 2024 Read more "

Policy, corrective, Fault, Microsoft, Navigator, Security policy, Identity Theft

Synology Security Notice March 12, 2024

171 Synology security warning issued on March 12, 2024. Synology issues a security warning to address several vulnerabilities in its Router Manager (SRM) product. These allow an attacker to cause security policy bypass, data privacy breach, and remote indirect code injection (XSS). According to Synology security experts, multiple vulnerabilities allow remote attackers or remote authenticated users to inject arbitrary web script or HTML, allow remote authenticated users to bypass security constraints, and allow remote authenticated users to remotely read specific files via a sensitive version of Synology Router Manager (SRM).

Synology Security Notice March 12, 2024 Read more "

Arbitrary code, Policy, Fault, Security policy, Synology, XSS

Palo Alto Networks Security Bulletins for March 13, 2024

185 Palo Alto Networks is issuing several security advisories to address multiple vulnerabilities discovered in its GlobalProtect and Panorama applications. Some of these allow an attacker to cause data integrity breach, privilege escalation, and data confidentiality breach. CVE-2024-2431: GlobalProtect application, local user can disable GlobalProtect. An issue in the Palo Alto Networks GlobalProtect application allows an unprivileged user to disable the GlobalProtect application without requiring the password in configurations that allow a user to disable GlobalProtect with a password. Medium severity vulnerability (5,7). CVE-2024-2432: GlobalProtect application, local elevation of privilege (PE) vulnerability. An elevation of privilege (EP) vulnerability in the Palo Alto application

Palo Alto Networks Security Bulletins for March 13, 2024 Read more "

Policy, corrective, Privilege elevation, Fault, Data integrity, Palo Alto

Cisco Security Bulletins for March 13, 2024

200 Three security bulletins issued by Cisco on March 13, 2024 Cisco issues three security bulletins relating to multiple vulnerabilities discovered in its IOS XR software. Some of them allow an attacker to cause an escalation of privileges and a denial of service remotely. In the event of an update installation failure, workaround measures are proposed by the publisher in the Workaround section. CVE-2024-20318: Discovery of a denial of service vulnerability in Layer 2 services in Cisco IOS XR software. It could allow an adjacent, unauthenticated attacker to cause the line card's network processor to reset, thereby resulting in a denial of service (DoS) condition. A successful feat

Cisco Security Bulletins for March 13, 2024 Read more "

Cisco, corrective, DDoS, Privilege elevation, Fault
Back to top