Cisco has fixed two critical Identity Services Engine (ISE) vulnerabilities that can let attackers with read-only admin privileges bypass authorization and run commands as root.

Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device.

A critical vulnerability in SolarWinds' Web Help Desk solution for customer support could be exploited to achieve remote code execution, the American business software developer warns in a security advisory today.

The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port.

Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command execution.