Vulnerabilities

Cisco Patches Webex Bugs Following Exposure of German Government Meetings

Cisco, Featured, Germany, Government, Vulnerabilities, Webex /

Cisco Patches Webex Bugs Following Exposure of German Government Meetings 2024-06-05 at 13:02 By Eduard Kovacs Cisco has released a security advisory after researchers discovered that the German government’s Webex meetings were exposed. The post Cisco Patches Webex Bugs Following Exposure of German Government Meetings appeared first on SecurityWeek. This article is an excerpt from […]

React to this headline:

Loading spinner

Cisco Patches Webex Bugs Following Exposure of German Government Meetings Read More »

Details of Atlassian Confluence RCE Vulnerability Disclosed

Atlassian, Vulnerabilities, vulnerability /

Details of Atlassian Confluence RCE Vulnerability Disclosed 2024-06-04 at 17:16 By Ionut Arghire SonicWall has shared technical details on a recently addressed high-severity remote code execution flaw in Confluence. The post Details of Atlassian Confluence RCE Vulnerability Disclosed appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Details of Atlassian Confluence RCE Vulnerability Disclosed Read More »

Progress Patches Critical Vulnerability in Telerik Report Server

Vulnerabilities, vulnerability /

Progress Patches Critical Vulnerability in Telerik Report Server 2024-06-04 at 15:46 By Ionut Arghire A critical vulnerability in the Progress Telerik Report Server could allow unauthenticated attackers to access restricted functionality. The post Progress Patches Critical Vulnerability in Telerik Report Server appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Progress Patches Critical Vulnerability in Telerik Report Server Read More »

CISA Warns of Exploited Linux Kernel Vulnerability

CISA KEV, exploited, kernel, Linux, Vulnerabilities /

CISA Warns of Exploited Linux Kernel Vulnerability 2024-05-31 at 14:46 By Ionut Arghire CISA instructs federal agencies to mitigate CVE-2024-1086, a Linux kernel flaw leading to privilege escalation. The post CISA Warns of Exploited Linux Kernel Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

CISA Warns of Exploited Linux Kernel Vulnerability Read More »

Critical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and Backdoors

CVE-2023-40000, CVE-2023-6961, CVE-2024-2194, Fastly, Malware & Threats, Vulnerabilities, WordPress /

Critical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and Backdoors 2024-05-30 at 18:17 By Ionut Arghire Malicious campaign exploits high-severity XSS flaws in three WordPress plugins to backdoor websites. The post Critical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and Backdoors appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Critical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and Backdoors Read More »

NIST Getting Outside Help for National Vulnerability Database

CVE, Government, NIST, NVD, Vulnerabilities /

NIST Getting Outside Help for National Vulnerability Database 2024-05-30 at 18:17 By Eduard Kovacs NIST is receiving support to get the NVD and CVE processing back on track within the next few months. The post NIST Getting Outside Help for National Vulnerability Database appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

NIST Getting Outside Help for National Vulnerability Database Read More »

Vulnerabilities in Eclipse ThreadX Could Lead to Code Execution

Vulnerabilities, vulnerability /

Vulnerabilities in Eclipse ThreadX Could Lead to Code Execution 2024-05-29 at 18:01 By Ionut Arghire Vulnerabilities in the real-time IoT operating system Eclipse ThreadX before version 6.4 could lead to denial-of-service and code execution. The post Vulnerabilities in Eclipse ThreadX Could Lead to Code Execution appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Vulnerabilities in Eclipse ThreadX Could Lead to Code Execution Read More »

Netflix Paid Out Over $1 Million via Bug Bounty Program

bug bounty program, Featured, Netflix, Vulnerabilities /

Netflix Paid Out Over $1 Million via Bug Bounty Program 2024-05-29 at 12:31 By Eduard Kovacs Netflix has paid out more than $1 million for vulnerabilities found in its products since the launch of its bug bounty program in 2016. The post Netflix Paid Out Over $1 Million via Bug Bounty Program appeared first on

React to this headline:

Loading spinner

Netflix Paid Out Over $1 Million via Bug Bounty Program Read More »

JAVS Courtroom Audio-Visual Software Installer Serves Backdoor

CVE-2024-4978, ICS/OT, JAVS, Malware & Threats, Rapid7, Vulnerabilities /

JAVS Courtroom Audio-Visual Software Installer Serves Backdoor 2024-05-24 at 16:31 By Ionut Arghire Backdoored JAVS courtroom recording and management software installer puts thousands at risk of complete takeover. The post JAVS Courtroom Audio-Visual Software Installer Serves Backdoor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

JAVS Courtroom Audio-Visual Software Installer Serves Backdoor Read More »

Google Patches Fourth Chrome Zero-Day in Two Weeks

Chrome, CVE-2024-5274, Featured, Vulnerabilities, vulnerability, Zero-Day /

Google Patches Fourth Chrome Zero-Day in Two Weeks 2024-05-24 at 12:16 By Ionut Arghire Exploited in the wild, Chrome vulnerability CVE-2024-5274 is a high-severity flaw described as a type confusion in the V8 JavaScript and WebAssembly engine. The post Google Patches Fourth Chrome Zero-Day in Two Weeks appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Google Patches Fourth Chrome Zero-Day in Two Weeks Read More »

Zero-Day Attacks and Supply Chain Compromises Surge, MFA Remains Underutilized: Rapid7 Report

report, Supply Chain Security, Threat Intelligence, Vulnerabilities /

Zero-Day Attacks and Supply Chain Compromises Surge, MFA Remains Underutilized: Rapid7 Report 2024-05-23 at 14:31 By Kevin Townsend Attackers are getting more sophisticated, better armed, and faster. Nothing in Rapid7’s 2024 Attack Intelligence Report suggests that this will change. The post Zero-Day Attacks and Supply Chain Compromises Surge, MFA Remains Underutilized: Rapid7 Report appeared first

React to this headline:

Loading spinner

Zero-Day Attacks and Supply Chain Compromises Surge, MFA Remains Underutilized: Rapid7 Report Read More »

Critical Authentication Bypass Resolved in GitHub Enterprise Server

GitHub, Vulnerabilities, vulnerability /

Critical Authentication Bypass Resolved in GitHub Enterprise Server 2024-05-22 at 16:01 By Ionut Arghire Critical vulnerability in GitHub Enterprise Server allows unauthenticated attackers to obtain administrative privileges. The post Critical Authentication Bypass Resolved in GitHub Enterprise Server appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Critical Authentication Bypass Resolved in GitHub Enterprise Server Read More »

Critical Veeam Vulnerability Leads to Authentication Bypass

Veeam, Vulnerabilities, vulnerability /

Critical Veeam Vulnerability Leads to Authentication Bypass 2024-05-22 at 16:01 By Ionut Arghire Veeam Backup Enterprise Manager update resolves multiple vulnerabilities, including a critical authentication bypass. The post Critical Veeam Vulnerability Leads to Authentication Bypass appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Veeam Vulnerability Leads to Authentication Bypass Read More »

Ivanti Patches Critical Code Execution Vulnerabilities in Endpoint Manager

Ivanti, Vulnerabilities, vulnerability /

Ivanti Patches Critical Code Execution Vulnerabilities in Endpoint Manager 2024-05-22 at 14:46 By Ionut Arghire Ivanti has released product updates to resolve multiple vulnerabilities, including critical code execution flaws in Endpoint Manager. The post Ivanti Patches Critical Code Execution Vulnerabilities in Endpoint Manager appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Ivanti Patches Critical Code Execution Vulnerabilities in Endpoint Manager Read More »

Chrome 125 Update Patches High-Severity Vulnerabilities

Chrome, Vulnerabilities /

Chrome 125 Update Patches High-Severity Vulnerabilities 2024-05-22 at 13:32 By Ionut Arghire Google released a Chrome 125 update to resolve four high-severity vulnerabilities reported by external researchers. The post Chrome 125 Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Chrome 125 Update Patches High-Severity Vulnerabilities Read More »

QNAP Rushes Patch for Code Execution Flaw in NAS Devices

exploit code, NAS, Network Security, QNAP, remote code execution, Vulnerabilities /

QNAP Rushes Patch for Code Execution Flaw in NAS Devices 2024-05-21 at 19:46 By Ionut Arghire QNAP rolls out patches for multiple vulnerabilities after proof-of-concept exploit published for a remote code execution vulnerability. The post QNAP Rushes Patch for Code Execution Flaw in NAS Devices appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

QNAP Rushes Patch for Code Execution Flaw in NAS Devices Read More »

CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw

CISA KEV, exploited, Featured, Government, healthcare, Vulnerabilities /

CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw 2024-05-21 at 14:31 By Eduard Kovacs CISA has added CVE-2023-43208, an unauthenticated remote code execution vulnerability, to its KEV catalog.  The post CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw Read More »

Vulnerability Found in Fluent Bit Utility Used by Major Cloud, Tech Companies

cloud security, Vulnerabilities, vulnerability /

Vulnerability Found in Fluent Bit Utility Used by Major Cloud, Tech Companies 2024-05-20 at 18:46 By Eduard Kovacs Linguistic Lumberjack (CVE-2024-4323) is a critical vulnerability in the Fluent Bit logging utility that can allow DoS, information disclosure and possibly RCE. The post Vulnerability Found in Fluent Bit Utility Used by Major Cloud, Tech Companies appeared first

React to this headline:

Loading spinner

Vulnerability Found in Fluent Bit Utility Used by Major Cloud, Tech Companies Read More »

CISA Warns of Exploited Vulnerabilities in EOL D-Link Products

CISA KEV, D-Link, router, Vulnerabilities, vulnerability /

CISA Warns of Exploited Vulnerabilities in EOL D-Link Products 2024-05-17 at 17:01 By Ionut Arghire CISA has added two vulnerabilities in discontinued D-Link products to its KEV catalog, including a decade-old flaw. The post CISA Warns of Exploited Vulnerabilities in EOL D-Link Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

CISA Warns of Exploited Vulnerabilities in EOL D-Link Products Read More »

Third Chrome Zero-Day Patched by Google Within One Week

Chrome, exploited, Vulnerabilities, Zero-Day /

Third Chrome Zero-Day Patched by Google Within One Week 2024-05-16 at 12:16 By Ionut Arghire Google releases Chrome 125 to the stable channel with patches for nine vulnerabilities, including a zero-day. The post Third Chrome Zero-Day Patched by Google Within One Week appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Third Chrome Zero-Day Patched by Google Within One Week Read More »

Scroll to Top