Vulnerabilities

Ivanti Patches Critical Vulnerability in Endpoint Manager

Ivanti, Vulnerabilities /

Ivanti Patches Critical Vulnerability in Endpoint Manager 2024-01-05 at 14:17 By Ionut Arghire CVE-2023-39336, a critical vulnerability in Ivanti EPM, may lead to device takeover and code execution on the server. The post Ivanti Patches Critical Vulnerability in Endpoint Manager appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original […]

React to this headline:

Loading spinner

Ivanti Patches Critical Vulnerability in Endpoint Manager Read More »

Google Patches Six Vulnerabilities With First Chrome Update of 2024

Chrome, Vulnerabilities /

Google Patches Six Vulnerabilities With First Chrome Update of 2024 2024-01-04 at 17:20 By Ionut Arghire Google has released a Chrome 120 update to resolve six vulnerabilities, including four reported by external researchers. The post Google Patches Six Vulnerabilities With First Chrome Update of 2024 appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Google Patches Six Vulnerabilities With First Chrome Update of 2024 Read More »

New DLL Search Order Hijacking Technique Targets WinSxS folder

DLL hijacking, Vulnerabilities /

New DLL Search Order Hijacking Technique Targets WinSxS folder 2024-01-02 at 17:31 By Ionut Arghire Attackers can abuse a new DLL search order hijacking technique to execute code in applications within the WinSxS folder. The post New DLL Search Order Hijacking Technique Targets WinSxS folder appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

New DLL Search Order Hijacking Technique Targets WinSxS folder Read More »

Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover

cloud security, GKE, Kubernetes, Vulnerabilities /

Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover 2023-12-29 at 14:02 By Ionut Arghire Two flaws in Google Kubernetes Engine could be exploited to escalate privileges and take over the Kubernetes cluster. The post Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover Read More »

Critical Apache OFBiz Vulnerability in Attacker Crosshairs

Apache, exploited, Featured, Vulnerabilities /

Critical Apache OFBiz Vulnerability in Attacker Crosshairs 2023-12-29 at 13:17 By Eduard Kovacs Shadowserver sees possible in-the-wild exploitation of a critical Apache OFBiz vulnerability tracked as CVE-2023-49070. The post Critical Apache OFBiz Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Critical Apache OFBiz Vulnerability in Attacker Crosshairs Read More »

In Other News: Crypto Exchange Hack Guilty Plea, Rating AI Vulnerabilities, Intellexa Spyware 

In Other News, Vulnerabilities /

In Other News: Crypto Exchange Hack Guilty Plea, Rating AI Vulnerabilities, Intellexa Spyware  2023-12-22 at 16:32 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Cryptocurrency exchange hacker pleads guilty, rating LLM vulnerabilities, Intellexa spyware analysis. The post In Other News: Crypto Exchange Hack Guilty Plea, Rating AI Vulnerabilities, Intellexa Spyware  appeared

React to this headline:

Loading spinner

In Other News: Crypto Exchange Hack Guilty Plea, Rating AI Vulnerabilities, Intellexa Spyware  Read More »

Ivanti Patches Dozen Critical Vulnerabilities in Avalanche MDM Product

Ivanti, Vulnerabilities, vulnerability /

Ivanti Patches Dozen Critical Vulnerabilities in Avalanche MDM Product 21/12/2023 at 15:32 By Eduard Kovacs Ivanti has patched 20 vulnerabilities in its Avalanche MDM product, including a dozen remote code execution flaws rated critical. The post Ivanti Patches Dozen Critical Vulnerabilities in Avalanche MDM Product appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Ivanti Patches Dozen Critical Vulnerabilities in Avalanche MDM Product Read More »

Google Rushes to Patch Eighth Chrome Zero-Day This Year

Chrome, Featured, Vulnerabilities, Zero-Day /

Google Rushes to Patch Eighth Chrome Zero-Day This Year 21/12/2023 at 13:48 By Ionut Arghire Google warns of in-the-wild exploitation of CVE-2023-7024, a new Chrome vulnerability, the eighth documented this year. The post Google Rushes to Patch Eighth Chrome Zero-Day This Year appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Google Rushes to Patch Eighth Chrome Zero-Day This Year Read More »

Mozilla Patches Firefox Vulnerability Allowing Remote Code Execution, Sandbox Escape

Firefox, Vulnerabilities /

Mozilla Patches Firefox Vulnerability Allowing Remote Code Execution, Sandbox Escape 20/12/2023 at 18:32 By Ionut Arghire Firefox and Thunderbird security updates released this week address multiple memory safety bugs in both products. The post Mozilla Patches Firefox Vulnerability Allowing Remote Code Execution, Sandbox Escape appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Mozilla Patches Firefox Vulnerability Allowing Remote Code Execution, Sandbox Escape Read More »

Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE

Akamai, Malware & Threats, Microsoft, Microsoft Outlook, Vulnerabilities, Zero-Day /

Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE 19/12/2023 at 23:55 By Ionut Arghire Akamai researchers document more vulnerabilities and patch bypasses leading to zero-click remote code execution in Microsoft Outlook. The post Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE Read More »

CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance

CISA, healthcare, Network Security, penetration testing, Vulnerabilities /

CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance 18/12/2023 at 18:16 By Ionut Arghire The US cybersecurity agency CISA issues cybersecurity recommendations for the healthcare and public health sector. The post CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance Read More »

3CX Urges Customers to Disable Integration Due to Potential Vulnerability

3CX, Vulnerabilities /

3CX Urges Customers to Disable Integration Due to Potential Vulnerability 18/12/2023 at 13:31 By Ionut Arghire 3CX tells customers to temporarily disable SQL Database integration to mitigate a potential vulnerability. The post 3CX Urges Customers to Disable Integration Due to Potential Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

3CX Urges Customers to Disable Integration Due to Potential Vulnerability Read More »

In Other News: Ukraine Hacks Russia, CVE for Water ICS Attacks, New Intel Xeon CPUs 

cybercrime, In Other News, Vulnerabilities /

In Other News: Ukraine Hacks Russia, CVE for Water ICS Attacks, New Intel Xeon CPUs  15/12/2023 at 17:50 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Ukraine hacks Russia’s federal tax agency, CVE assigned to PLC exploit, security in new Intel CPU. The post In Other News: Ukraine Hacks Russia, CVE

React to this headline:

Loading spinner

In Other News: Ukraine Hacks Russia, CVE for Water ICS Attacks, New Intel Xeon CPUs  Read More »

Zoom Unveils Open Source Vulnerability Impact Scoring System

Risk Management, Vulnerabilities, Zoom /

Zoom Unveils Open Source Vulnerability Impact Scoring System 15/12/2023 at 16:33 By Eduard Kovacs Zoom launches an open source Vulnerability Impact Scoring System (VISS) tested within its bug bounty program. The post Zoom Unveils Open Source Vulnerability Impact Scoring System appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Zoom Unveils Open Source Vulnerability Impact Scoring System Read More »

Recent Apache Struts 2 Vulnerability in Attacker Crosshairs

Apache, exploited, Struts, Vulnerabilities /

Recent Apache Struts 2 Vulnerability in Attacker Crosshairs 15/12/2023 at 14:55 By Ionut Arghire Attackers are attempting to exploit a critical RCE flaw in Apache Struts 2 after researchers publish PoC code. The post Recent Apache Struts 2 Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Recent Apache Struts 2 Vulnerability in Attacker Crosshairs Read More »

Dell Urges Customers to Patch Vulnerabilities in PowerProtect Products

Data Protection, Dell, Vulnerabilities /

Dell Urges Customers to Patch Vulnerabilities in PowerProtect Products 14/12/2023 at 15:23 By Eduard Kovacs Dell is informing PowerProtect DD product customers about 8 vulnerabilities, including many rated ‘high severity’, and urging them to install patches. The post Dell Urges Customers to Patch Vulnerabilities in PowerProtect Products appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Dell Urges Customers to Patch Vulnerabilities in PowerProtect Products Read More »

Chrome 120 Update Patches High-Severity Vulnerabilities

Chrome, Vulnerabilities /

Chrome 120 Update Patches High-Severity Vulnerabilities 13/12/2023 at 15:01 By Ionut Arghire A Chrome 120 security update resolves nine vulnerabilities, including five high-severity flaws reported externally. The post Chrome 120 Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Chrome 120 Update Patches High-Severity Vulnerabilities Read More »

Sophos Patches EOL Firewalls Against Exploited Vulnerability

exploited, Sophos, Vulnerabilities /

Sophos Patches EOL Firewalls Against Exploited Vulnerability 13/12/2023 at 13:46 By Ionut Arghire Sophos has patched EOL Firewall versions against a critical flaw exploited in the wild, after identifying a new exploit. The post Sophos Patches EOL Firewalls Against Exploited Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Sophos Patches EOL Firewalls Against Exploited Vulnerability Read More »

Microsoft Patch Tuesday: Critical Spoofing and Remote Code Execution Flaws

Microsoft, Patch Tuesday, phishing, remote code execution, Vulnerabilities, Windows MSHTML /

Microsoft Patch Tuesday: Critical Spoofing and Remote Code Execution Flaws 12/12/2023 at 23:47 By Ryan Naraine Microsoft warns of critical spoofing and remote code execution bugs in the Windows MSHTML Platform and Microsoft Power Platform Connector. The post Microsoft Patch Tuesday: Critical Spoofing and Remote Code Execution Flaws appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Microsoft Patch Tuesday: Critical Spoofing and Remote Code Execution Flaws Read More »

Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle

Adobe, Application Security, Illustrator, Malware & Threats, Patch Tuesday, Vulnerabilities /

Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle 12/12/2023 at 23:47 By Ryan Naraine Adobe warned users on both Windows and macOS systems about exposure to code execution, memory leaks and denial-of-service security issues. The post Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle Read More »

Scroll to Top