Vulnerabilities

Splunk Patches High-Severity Vulnerabilities in Enterprise Product

Splunk, Vulnerabilities /

Splunk Patches High-Severity Vulnerabilities in Enterprise Product 2024-07-02 at 16:31 By Ionut Arghire Splunk has patched multiple vulnerabilities in Splunk Enterprise, including high-severity remote code execution bugs. The post Splunk Patches High-Severity Vulnerabilities in Enterprise Product appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this […]

React to this headline:

Loading spinner

Splunk Patches High-Severity Vulnerabilities in Enterprise Product Read More »

Google Offering $250,000 for Full VM Escape in New KVM Bug Bounty Program

bug bounty program, Google, KVM, Vulnerabilities /

Google Offering $250,000 for Full VM Escape in New KVM Bug Bounty Program 2024-07-01 at 17:01 By Eduard Kovacs Google has announced a new KVM bug bounty program named kvmCTF with rewards of up to $250,000 for a full VM escape. The post Google Offering $250,000 for Full VM Escape in New KVM Bug Bounty

React to this headline:

Loading spinner

Google Offering $250,000 for Full VM Escape in New KVM Bug Bounty Program Read More »

Millions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion Attack

Featured, OpenSSH, regreSSHion, Vulnerabilities /

Millions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion Attack 2024-07-01 at 15:31 By Eduard Kovacs Millions of OpenSSH servers could be vulnerable to unauthenticated remote code execution due to a vulnerability tracked as regreSSHion and CVE-2024-6387. The post Millions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion Attack appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Millions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion Attack Read More »

Juniper Networks Warns of Critical Authentication Bypass Vulnerability

Juniper, Vulnerabilities, vulnerability /

Juniper Networks Warns of Critical Authentication Bypass Vulnerability 2024-07-01 at 14:31 By Ionut Arghire Juniper Networks warns of a critical authentication bypass flaw impacting Session Smart routers and conductors. The post Juniper Networks Warns of Critical Authentication Bypass Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Juniper Networks Warns of Critical Authentication Bypass Vulnerability Read More »

Fortra Patches Critical SQL Injection in FileCatalyst Workflow

Fortra, Vulnerabilities, vulnerability /

Fortra Patches Critical SQL Injection in FileCatalyst Workflow 2024-06-28 at 14:16 By Ionut Arghire Fortra has patched a critical-severity vulnerability in FileCatalyst Workflow leading to the creation of administrator accounts. The post Fortra Patches Critical SQL Injection in FileCatalyst Workflow appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Fortra Patches Critical SQL Injection in FileCatalyst Workflow Read More »

GitLab Security Updates Patch 14 Vulnerabilities

GitLab, Vulnerabilities /

GitLab Security Updates Patch 14 Vulnerabilities 2024-06-27 at 17:01 By Ionut Arghire GitLab CE and EE updates resolve 14 vulnerabilities, including a critical- and three high-severity bugs. The post GitLab Security Updates Patch 14 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

GitLab Security Updates Patch 14 Vulnerabilities Read More »

CISA Warns of Exploited GeoServer, Linux Kernel, and Roundcube Vulnerabilities

CISA KEV, exploited, Vulnerabilities, vulnerability /

CISA Warns of Exploited GeoServer, Linux Kernel, and Roundcube Vulnerabilities 2024-06-27 at 15:31 By Ionut Arghire CISA on Wednesday warned that three older flaws in GeoServer, Linux kernel, and Roundcube webmail are exploited in the wild. The post CISA Warns of Exploited GeoServer, Linux Kernel, and Roundcube Vulnerabilities appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

CISA Warns of Exploited GeoServer, Linux Kernel, and Roundcube Vulnerabilities Read More »

Exploitation Attempts Target New MOVEit Transfer Vulnerability

exploited, MOVEit, Progress Software, Vulnerabilities /

Exploitation Attempts Target New MOVEit Transfer Vulnerability 2024-06-26 at 13:01 By Eduard Kovacs Exploitation attempts targeting CVE-2024-5806, a critical MOVEit Transfer vulnerability patched recently, have started. The post Exploitation Attempts Target New MOVEit Transfer Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Exploitation Attempts Target New MOVEit Transfer Vulnerability Read More »

Meta’s Virtual Reality Headset Vulnerable to Ransomware Attacks: Researcher

Featured, Meta, Ransomware, vr, Vulnerabilities /

Meta’s Virtual Reality Headset Vulnerable to Ransomware Attacks: Researcher 2024-06-25 at 15:01 By Kevin Townsend Researcher shows how hackers could use social engineering to deliver ransomware and other malware to Meta’s Quest 3 VR headset. The post Meta’s Virtual Reality Headset Vulnerable to Ransomware Attacks: Researcher appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Meta’s Virtual Reality Headset Vulnerable to Ransomware Attacks: Researcher Read More »

Chrome 126 Update Patches Memory Safety Bugs

Chrome, Vulnerabilities /

Chrome 126 Update Patches Memory Safety Bugs 2024-06-25 at 11:01 By Ionut Arghire Google has released a Chrome security update to resolve four high-severity use-after-free vulnerabilities. The post Chrome 126 Update Patches Memory Safety Bugs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Chrome 126 Update Patches Memory Safety Bugs Read More »

New SnailLoad Attack Relies on Network Latency Variations to Infer User Activity

Featured, side-channel attack, Vulnerabilities /

New SnailLoad Attack Relies on Network Latency Variations to Infer User Activity 2024-06-24 at 19:31 By Eduard Kovacs New attack named SnailLoad allows a remote attacker to infer websites and videos viewed by a user without direct access to network traffic. The post New SnailLoad Attack Relies on Network Latency Variations to Infer User Activity

React to this headline:

Loading spinner

New SnailLoad Attack Relies on Network Latency Variations to Infer User Activity Read More »

EFF Issues New Warning After Discovery of Automated License Plate Reader Vulnerabilities

EFF, Privacy, surveillance, Vulnerabilities /

EFF Issues New Warning After Discovery of Automated License Plate Reader Vulnerabilities 2024-06-24 at 18:31 By Eduard Kovacs The EFF has issued a warning over the use of automated license plate readers following the discovery of serious vulnerabilities.  The post EFF Issues New Warning After Discovery of Automated License Plate Reader Vulnerabilities appeared first on

React to this headline:

Loading spinner

EFF Issues New Warning After Discovery of Automated License Plate Reader Vulnerabilities Read More »

Recent SolarWinds Serv-U Vulnerability Exploited in the Wild

exploited, SolarWinds, Vulnerabilities /

Recent SolarWinds Serv-U Vulnerability Exploited in the Wild 2024-06-21 at 16:32 By Ionut Arghire Threat actors are exploiting a recent path traversal vulnerability in SolarWinds Serv-U using public PoC code. The post Recent SolarWinds Serv-U Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Recent SolarWinds Serv-U Vulnerability Exploited in the Wild Read More »

In Other News: Microsoft Email Spoofing, Snowflake Hack Ransoms, LogoFail Follow-Up

In Other News, Vulnerabilities /

In Other News: Microsoft Email Spoofing, Snowflake Hack Ransoms, LogoFail Follow-Up 2024-06-21 at 16:32 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Microsoft email spoofing vulnerability, Snowflake hack victims get ransom demands, LogoFail still around. The post In Other News: Microsoft Email Spoofing, Snowflake Hack Ransoms, LogoFail Follow-Up appeared first on

React to this headline:

Loading spinner

In Other News: Microsoft Email Spoofing, Snowflake Hack Ransoms, LogoFail Follow-Up Read More »

Atlassian Patches High-Severity Vulnerabilities in Confluence, Crucible, Jira

Atlassian, Vulnerabilities, vulnerability /

Atlassian Patches High-Severity Vulnerabilities in Confluence, Crucible, Jira 2024-06-20 at 14:01 By Ionut Arghire Atlassian has released Confluence, Crucible, and Jira updates to address multiple high-severity vulnerabilities. The post Atlassian Patches High-Severity Vulnerabilities in Confluence, Crucible, Jira appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Atlassian Patches High-Severity Vulnerabilities in Confluence, Crucible, Jira Read More »

Chrome 126 Update Patches Vulnerability Exploited at Hacking Competition

Chrome, Vulnerabilities, vulnerability /

Chrome 126 Update Patches Vulnerability Exploited at Hacking Competition 2024-06-19 at 14:31 By Ionut Arghire Google has released a Chrome 126 security update with six fixes, including four for externally reported high-severity flaws. The post Chrome 126 Update Patches Vulnerability Exploited at Hacking Competition appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Chrome 126 Update Patches Vulnerability Exploited at Hacking Competition Read More »

Rockwell Automation Patches High-Severity Vulnerabilities in FactoryTalk View SE

ICS, ICS/OT, Rockwell Automation, Vulnerabilities, vulnerability /

Rockwell Automation Patches High-Severity Vulnerabilities in FactoryTalk View SE 2024-06-14 at 13:46 By Eduard Kovacs Rockwell Automation has patched three high-severity vulnerabilities in its FactoryTalk View SE HMI software. The post Rockwell Automation Patches High-Severity Vulnerabilities in FactoryTalk View SE appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Rockwell Automation Patches High-Severity Vulnerabilities in FactoryTalk View SE Read More »

French Bug Bounty Platform YesWeHack Raises $28 Million

bug bounty program, Funding/M&A, Series C, Vulnerabilities, YesWeHack /

French Bug Bounty Platform YesWeHack Raises $28 Million 2024-06-14 at 10:01 By Ionut Arghire YesWeHack has raised more than $52 million to date to build and market a crowdsourced vulnerability reporting platform. The post French Bug Bounty Platform YesWeHack Raises $28 Million appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

French Bug Bounty Platform YesWeHack Raises $28 Million Read More »

Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation

CVE-2024-32896, CVE-2024-4610, Google, Google Pixel, Malware & Threats, Mobile & Wireless, Vulnerabilities, Zero-Day /

Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation 2024-06-12 at 21:16 By Ryan Naraine The zero-day is tagged as CVE-2024-32896 and described as an elevation of privilege issue in Pixel Firmware. The post Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation Read More »

Fortinet Patches Code Execution Vulnerability in FortiOS

Fortinet, Vulnerabilities /

Fortinet Patches Code Execution Vulnerability in FortiOS 2024-06-12 at 19:46 By Ionut Arghire Fortinet has patched multiple vulnerabilities in FortiOS, including a high-severity code execution security flaw. The post Fortinet Patches Code Execution Vulnerability in FortiOS appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Fortinet Patches Code Execution Vulnerability in FortiOS Read More »

Scroll to Top