Vulnerabilities

Palo Alto Networks Warns of Exploited Firewall Vulnerability

Palo Alto Networks Warns of Exploited Firewall Vulnerability 2024-04-12 at 14:31 By Ionut Arghire Palo Alto Networks warns of limited exploitation of a critical command injection vulnerability leading to code execution on firewalls. The post Palo Alto Networks Warns of Exploited Firewall Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS …

Palo Alto Networks Warns of Exploited Firewall Vulnerability Read More »

React to this headline:

Loading spinner

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars 2024-04-12 at 14:31 By Eduard Kovacs Second identifier, CVE-2024-3272, assigned to unpatched D-Link NAS device vulnerabilities, just as exploitation attempts soar.  The post Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source …

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars Read More »

React to this headline:

Loading spinner

Google Pays Out $41,000 for Three Serious Chrome Vulnerabilities

Google Pays Out $41,000 for Three Serious Chrome Vulnerabilities 2024-04-11 at 15:31 By Ionut Arghire Google releases a Chrome 123 update to resolve three high-severity memory safety vulnerabilities. The post Google Pays Out $41,000 for Three Serious Chrome Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source …

Google Pays Out $41,000 for Three Serious Chrome Vulnerabilities Read More »

React to this headline:

Loading spinner

Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption

Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption 2024-04-11 at 13:16 By Eduard Kovacs Palo Alto Networks patches several high-severity vulnerabilities, including ones that allow DoS attacks against its firewalls. The post Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original …

Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption Read More »

React to this headline:

Loading spinner

Fortinet Patches Critical RCE Vulnerability in FortiClientLinux

Fortinet Patches Critical RCE Vulnerability in FortiClientLinux 2024-04-10 at 15:38 By Ionut Arghire Fortinet has released patches for a dozen vulnerabilities, including a critical-severity remote code execution flaw in FortiClientLinux. The post Fortinet Patches Critical RCE Vulnerability in FortiClientLinux appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source …

Fortinet Patches Critical RCE Vulnerability in FortiClientLinux Read More »

React to this headline:

Loading spinner

Microsoft Patches Two Zero-Days Exploited for Malware Delivery

Microsoft Patches Two Zero-Days Exploited for Malware Delivery 2024-04-10 at 13:27 By Eduard Kovacs Microsoft patches CVE-2024-29988 and CVE-2024-26234, two zero-day vulnerabilities exploited by threat actors to deliver malware. The post Microsoft Patches Two Zero-Days Exploited for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source …

Microsoft Patches Two Zero-Days Exploited for Malware Delivery Read More »

React to this headline:

Loading spinner

Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers

Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers 2024-04-09 at 22:02 By Ryan Naraine Patch Tuesday: Microsoft warns that unauthenticated hackers can take complete control of Azure Kubernetes clusters. The post Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS …

Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers Read More »

React to this headline:

Loading spinner

Patch Tuesday: Code Execution Flaws in Multiple Adobe Software Products

Patch Tuesday: Code Execution Flaws in Multiple Adobe Software Products 2024-04-09 at 20:47 By Ryan Naraine Adobe calls attention to a pair of code execution bugs in Adobe Commerce and Magento Open Source, a product used to manage online stories. The post Patch Tuesday: Code Execution Flaws in Multiple Adobe Software Products appeared first on SecurityWeek. This …

Patch Tuesday: Code Execution Flaws in Multiple Adobe Software Products Read More »

React to this headline:

Loading spinner

SAP’s April 2024 Updates Patch High-Severity Vulnerabilities

SAP’s April 2024 Updates Patch High-Severity Vulnerabilities 2024-04-09 at 16:46 By Ionut Arghire SAP has released 12 new and updated security notes on April 2024 Security Patch Day, including three notes dealing with high-severity vulnerabilities. The post SAP’s April 2024 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek …

SAP’s April 2024 Updates Patch High-Severity Vulnerabilities Read More »

React to this headline:

Loading spinner

Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability

Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability 2024-04-08 at 18:01 By Ionut Arghire Researchers at the Shadowserver Foundation identify thousands of internet-exposed Ivanti VPN appliances likely impacted by a recently disclosed vulnerability leading to remote code execution. The post Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability appeared first on SecurityWeek. This …

Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability Read More »

React to this headline:

Loading spinner

Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits

Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits 2024-04-08 at 15:46 By Ionut Arghire Crowdfense has announced a $30 million exploit acquisition program covering Android, iOS, Chrome, and Safari zero-days. The post Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits appeared first on SecurityWeek. This article is an excerpt from SecurityWeek …

Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits Read More »

React to this headline:

Loading spinner

Cisco Warns of Vulnerability in Discontinued Small Business Routers

Cisco Warns of Vulnerability in Discontinued Small Business Routers 2024-04-05 at 19:02 By Ionut Arghire Cisco says it will not release patches for a cross-site scripting vulnerability impacting end-of-life small business routers. The post Cisco Warns of Vulnerability in Discontinued Small Business Routers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS …

Cisco Warns of Vulnerability in Discontinued Small Business Routers Read More »

React to this headline:

Loading spinner

Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz

Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz 2024-04-04 at 22:31 By Ryan Naraine Ivanti releases a carefully scripted YouTube video and an open letter from chief executive Jeff Abbott vowing to fix the entire security organization. The post Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz appeared first on SecurityWeek. This article is an …

Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz Read More »

React to this headline:

Loading spinner

Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems

Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems 2024-04-04 at 15:33 By Ionut Arghire A critical OS command injection in Progress Flowmon can be exploited to gain remote, unauthenticated access to the system. The post Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems appeared first on SecurityWeek. This article is an …

Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems Read More »

React to this headline:

Loading spinner

Zoom Paid Out $10 Million via Bug Bounty Program Since 2019

Zoom Paid Out $10 Million via Bug Bounty Program Since 2019 2024-04-04 at 13:16 By Eduard Kovacs Video conferencing giant Zoom has paid out $10 million through its bug bounty program since it was launched in 2019. The post Zoom Paid Out $10 Million via Bug Bounty Program Since 2019 appeared first on SecurityWeek. This …

Zoom Paid Out $10 Million via Bug Bounty Program Since 2019 Read More »

React to this headline:

Loading spinner

CVE and NVD – A Weak and Fractured Source of Vulnerability Truth

CVE and NVD – A Weak and Fractured Source of Vulnerability Truth 2024-04-03 at 17:17 By Kevin Townsend MITRE is unable to compile a list of all new vulnerabilities, and NIST is unable to subsequently, and consequently, provide an enriched database of all vulnerabilities. What went wrong, and what can be done? The post CVE …

CVE and NVD – A Weak and Fractured Source of Vulnerability Truth Read More »

React to this headline:

Loading spinner

Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites

Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites 2024-04-03 at 16:16 By Ionut Arghire A critical SQL injection vulnerability in the LayerSlider WordPress plugin allows attackers to extract sensitive information. The post Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites appeared first on SecurityWeek. This article is …

Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites Read More »

React to this headline:

Loading spinner

Google Patches Chrome Flaw That Earned Hackers $42,500 at Pwn2Own

Google Patches Chrome Flaw That Earned Hackers $42,500 at Pwn2Own 2024-04-03 at 14:16 By Ionut Arghire Google pushes a new Chrome update to patch another zero-day vulnerability demonstrated at a hacking contest. The post Google Patches Chrome Flaw That Earned Hackers $42,500 at Pwn2Own appeared first on SecurityWeek. This article is an excerpt from SecurityWeek …

Google Patches Chrome Flaw That Earned Hackers $42,500 at Pwn2Own Read More »

React to this headline:

Loading spinner

Security Flaw in WP-Members Plugin Leads to Script Injection

Security Flaw in WP-Members Plugin Leads to Script Injection 2024-04-02 at 18:46 By Ionut Arghire A cross-site scripting vulnerability in the WP-Members Membership plugin could allow attackers to inject scripts into user profile pages. The post Security Flaw in WP-Members Plugin Leads to Script Injection appeared first on SecurityWeek. This article is an excerpt from …

Security Flaw in WP-Members Plugin Leads to Script Injection Read More »

React to this headline:

Loading spinner
Scroll to Top