Vulnerabilities

Chrome 126 Updates Patch High-Severity Vulnerabilities

Chrome, Vulnerabilities /

Chrome 126 Updates Patch High-Severity Vulnerabilities 2024-07-17 at 13:01 By Ionut Arghire Chrome 126 security updates released this week resolve high-severity vulnerabilities reported by external researchers. The post Chrome 126 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Chrome 126 Updates Patch High-Severity Vulnerabilities Read More »

Organizations Warned of Exploited GeoServer Vulnerability

CISA KEV, exploited, GeoServer, Vulnerabilities /

Organizations Warned of Exploited GeoServer Vulnerability 2024-07-16 at 19:16 By Ionut Arghire CISA says it has evidence that a recent critical-severity vulnerability in GeoServer is exploited in the wild. The post Organizations Warned of Exploited GeoServer Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Organizations Warned of Exploited GeoServer Vulnerability Read More »

Microsoft Says Windows Not Impacted by regreSSHion as Second OpenSSH Bug Is Found

OpenSSH, regreSSHion, Vulnerabilities /

Microsoft Says Windows Not Impacted by regreSSHion as Second OpenSSH Bug Is Found 2024-07-15 at 14:31 By Eduard Kovacs A second remote code execution vulnerability, tracked as CVE-2024-6409, was found in OpenSSH during an analysis of the regreSSHion flaw. The post Microsoft Says Windows Not Impacted by regreSSHion as Second OpenSSH Bug Is Found appeared

React to this headline:

Loading spinner

Microsoft Says Windows Not Impacted by regreSSHion as Second OpenSSH Bug Is Found Read More »

Critical Exim Flaw Allows Attackers to Deliver Malicious Executables to Mailboxes

email security, Exim, Vulnerabilities, vulnerability /

Critical Exim Flaw Allows Attackers to Deliver Malicious Executables to Mailboxes 2024-07-12 at 18:31 By Ionut Arghire Successful exploitation could allow attackers to deliver executable attachments to inboxes. The post Critical Exim Flaw Allows Attackers to Deliver Malicious Executables to Mailboxes appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Critical Exim Flaw Allows Attackers to Deliver Malicious Executables to Mailboxes Read More »

GitLab Ships Update for Critical Pipeline Execution Vulnerability

CVE-2024-5655, CVE-2024-6385, GitLab, Supply Chain Security, Vulnerabilities /

GitLab Ships Update for Critical Pipeline Execution Vulnerability 2024-07-11 at 18:01 By Ionut Arghire GitLab issues an advisory for a critical-severity vulnerability that allows an attacker to trigger a pipeline as another user. The post GitLab Ships Update for Critical Pipeline Execution Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

GitLab Ships Update for Critical Pipeline Execution Vulnerability Read More »

Palo Alto Networks Addresses BlastRADIUS Vulnerability, Fixes Critical Bug in Expedition Tool

BlastRADIUS, Network Security, Vulnerabilities /

Palo Alto Networks Addresses BlastRADIUS Vulnerability, Fixes Critical Bug in Expedition Tool 2024-07-11 at 14:01 By Ionut Arghire Palo Alto Networks patched a critical vulnerability in its Expedition tool and addressed the impact of the recently disclosed BlastRADIUS vulnerability. The post Palo Alto Networks Addresses BlastRADIUS Vulnerability, Fixes Critical Bug in Expedition Tool appeared first

React to this headline:

Loading spinner

Palo Alto Networks Addresses BlastRADIUS Vulnerability, Fixes Critical Bug in Expedition Tool Read More »

VMware Patches Critical SQL-Injection Flaw in Aria Automation

Data Protection, SQL injection, VMWare, VMware Aria Automation, Vulnerabilities /

VMware Patches Critical SQL-Injection Flaw in Aria Automation 2024-07-10 at 20:01 By Ryan Naraine VMware warns that authenticated malicious users could enter specially crafted SQL queries and perform unauthorized read/write operations in the database. The post VMware Patches Critical SQL-Injection Flaw in Aria Automation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

VMware Patches Critical SQL-Injection Flaw in Aria Automation Read More »

Citrix Patches Critical NetScaler Console Vulnerability

Citrix, cloud security, NetScaler, Patch Tuesday, Vulnerabilities /

Citrix Patches Critical NetScaler Console Vulnerability 2024-07-10 at 16:46 By Ionut Arghire Citrix rolls out patches for multiple security vulnerabilities, including critical and high-severity issues in the NetScaler product line. The post Citrix Patches Critical NetScaler Console Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Citrix Patches Critical NetScaler Console Vulnerability Read More »

ICS Patch Tuesday: Siemens, Schneider Electric, CISA Issue Advisories

ICS, ICS/OT, OT, Schneider Electric, Siemens, Vulnerabilities /

ICS Patch Tuesday: Siemens, Schneider Electric, CISA Issue Advisories 2024-07-10 at 15:01 By Ionut Arghire Several ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in industrial and OT products. The post ICS Patch Tuesday: Siemens, Schneider Electric, CISA Issue Advisories appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

ICS Patch Tuesday: Siemens, Schneider Electric, CISA Issue Advisories Read More »

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited

Adobe, Hyper-V, Incident Response, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities, Zero-Day /

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited 2024-07-09 at 22:04 By Ryan Naraine Patch Tuesday: Microsoft patches more than 140 security vulnerabilities in the Windows ecosystem, including a pair of exploited zero-days. The post Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited Read More »

BlastRADIUS Attack Exposes Critical Flaw in 30-Year-Old RADIUS Protocol

BlastRADIUS, Featured, Identity & Access, InkBridge Networks, man-in-the-middle, Network Security, RADIUS, Vulnerabilities /

BlastRADIUS Attack Exposes Critical Flaw in 30-Year-Old RADIUS Protocol 2024-07-09 at 20:22 By Ryan Naraine Security vendor InkBridge Networks calls urgent attention to the discovery of a decades-old design flaw (CVE-2024-3596) in the popular RADIUS protocol. The post BlastRADIUS Attack Exposes Critical Flaw in 30-Year-Old RADIUS Protocol appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

BlastRADIUS Attack Exposes Critical Flaw in 30-Year-Old RADIUS Protocol Read More »

SAP Patches High-Severity Vulnerabilities in PDCE, Commerce

Application Security, Patch Tuesday, SAP, Vulnerabilities /

SAP Patches High-Severity Vulnerabilities in PDCE, Commerce 2024-07-09 at 20:22 By Ionut Arghire Patch Tuesday: Enterprise software vendor SAP releases patches for high-severity vulnerabilities in multiple products and tools. The post SAP Patches High-Severity Vulnerabilities in PDCE, Commerce appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

SAP Patches High-Severity Vulnerabilities in PDCE, Commerce Read More »

Adobe Issues Critical Patches for Multiple Products, Warns of Code Execution Risks

Adobe, Adobe Commerce, Malware & Threats, Patch Tuesday, Vulnerabilities /

Adobe Issues Critical Patches for Multiple Products, Warns of Code Execution Risks 2024-07-09 at 19:49 By Ryan Naraine Adobe documents at least seven code execution bugs affecting Adobe Premiere Pro, Adobe InDesign and Adobe Bridge on Windows and macOS. The post Adobe Issues Critical Patches for Multiple Products, Warns of Code Execution Risks appeared first

React to this headline:

Loading spinner

Adobe Issues Critical Patches for Multiple Products, Warns of Code Execution Risks Read More »

Attackers Exploiting Remote Code Execution Vulnerability in Ghostscript

CVE-2024-29510, Vulnerabilities, vulnerability /

Attackers Exploiting Remote Code Execution Vulnerability in Ghostscript 2024-07-08 at 15:01 By Ionut Arghire Vulnerability in Ghostscript (CVE-2024-29510) allows attackers to bypass sandbox for remote code execution. The post Attackers Exploiting Remote Code Execution Vulnerability in Ghostscript appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Attackers Exploiting Remote Code Execution Vulnerability in Ghostscript Read More »

In Other News: Microsoft Details ICS Flaws, Smart Grill Hacking, Predator Spyware Activity

In Other News, Vulnerabilities /

In Other News: Microsoft Details ICS Flaws, Smart Grill Hacking, Predator Spyware Activity 2024-07-05 at 15:02 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Microsoft details Rockwell HMI vulnerabilities, smart grills hacked, Predator spyware activity drops.  The post In Other News: Microsoft Details ICS Flaws, Smart Grill Hacking, Predator Spyware Activity

React to this headline:

Loading spinner

In Other News: Microsoft Details ICS Flaws, Smart Grill Hacking, Predator Spyware Activity Read More »

regreSSHion OpenSSH Flaw: Potential Exploitation Attempts Seen, but Mass Attacks Unlikely

OpenSSH, regreSSHion, Vulnerabilities, vulnerability /

regreSSHion OpenSSH Flaw: Potential Exploitation Attempts Seen, but Mass Attacks Unlikely 2024-07-03 at 13:31 By Eduard Kovacs The critical OpenSSH vulnerability tracked as regreSSHion and CVE-2024-6387 may already be targeted by attackers, but mass exploitation is unlikely. The post regreSSHion OpenSSH Flaw: Potential Exploitation Attempts Seen, but Mass Attacks Unlikely appeared first on SecurityWeek. This

React to this headline:

Loading spinner

regreSSHion OpenSSH Flaw: Potential Exploitation Attempts Seen, but Mass Attacks Unlikely Read More »

Google Patches 25 Android Flaws, Including Critical Privilege Escalation Bug

Android, Google, Google Pixel, Mobile & Wireless, Vulnerabilities /

Google Patches 25 Android Flaws, Including Critical Privilege Escalation Bug 2024-07-02 at 18:16 By Ionut Arghire Google ships an Android security update with fixes for 15 vulnerabilities, including a critical-severity flaw in Framework. The post Google Patches 25 Android Flaws, Including Critical Privilege Escalation Bug appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Google Patches 25 Android Flaws, Including Critical Privilege Escalation Bug Read More »

Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain Attacks 

Application Security, Vulnerabilities, vulnerability /

Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain Attacks  2024-07-02 at 16:31 By Ionut Arghire EVA Information Security has shared details on three CocoaPods vulnerabilities impacting millions of macOS and iOS applications. The post Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain Attacks  appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain Attacks  Read More »

Splunk Patches High-Severity Vulnerabilities in Enterprise Product

Splunk, Vulnerabilities /

Splunk Patches High-Severity Vulnerabilities in Enterprise Product 2024-07-02 at 16:31 By Ionut Arghire Splunk has patched multiple vulnerabilities in Splunk Enterprise, including high-severity remote code execution bugs. The post Splunk Patches High-Severity Vulnerabilities in Enterprise Product appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Splunk Patches High-Severity Vulnerabilities in Enterprise Product Read More »

Google Offering $250,000 for Full VM Escape in New KVM Bug Bounty Program

bug bounty program, Google, KVM, Vulnerabilities /

Google Offering $250,000 for Full VM Escape in New KVM Bug Bounty Program 2024-07-01 at 17:01 By Eduard Kovacs Google has announced a new KVM bug bounty program named kvmCTF with rewards of up to $250,000 for a full VM escape. The post Google Offering $250,000 for Full VM Escape in New KVM Bug Bounty

React to this headline:

Loading spinner

Google Offering $250,000 for Full VM Escape in New KVM Bug Bounty Program Read More »

Scroll to Top