Vulnerabilities

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars

D-Link, exploited, IoT Security, Vulnerabilities /

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars 2024-04-12 at 14:31 By Eduard Kovacs Second identifier, CVE-2024-3272, assigned to unpatched D-Link NAS device vulnerabilities, just as exploitation attempts soar.  The post Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source […]

React to this headline:

Loading spinner

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars Read More »

Google Pays Out $41,000 for Three Serious Chrome Vulnerabilities

Chrome, Vulnerabilities /

Google Pays Out $41,000 for Three Serious Chrome Vulnerabilities 2024-04-11 at 15:31 By Ionut Arghire Google releases a Chrome 123 update to resolve three high-severity memory safety vulnerabilities. The post Google Pays Out $41,000 for Three Serious Chrome Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Google Pays Out $41,000 for Three Serious Chrome Vulnerabilities Read More »

Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption

Palo Alto Networks, Vulnerabilities /

Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption 2024-04-11 at 13:16 By Eduard Kovacs Palo Alto Networks patches several high-severity vulnerabilities, including ones that allow DoS attacks against its firewalls. The post Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption Read More »

Fortinet Patches Critical RCE Vulnerability in FortiClientLinux

Fortinet, Vulnerabilities /

Fortinet Patches Critical RCE Vulnerability in FortiClientLinux 2024-04-10 at 15:38 By Ionut Arghire Fortinet has released patches for a dozen vulnerabilities, including a critical-severity remote code execution flaw in FortiClientLinux. The post Fortinet Patches Critical RCE Vulnerability in FortiClientLinux appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Fortinet Patches Critical RCE Vulnerability in FortiClientLinux Read More »

Microsoft Patches Two Zero-Days Exploited for Malware Delivery

exploited, Malware & Threats, Vulnerabilities, Zero-Day /

Microsoft Patches Two Zero-Days Exploited for Malware Delivery 2024-04-10 at 13:27 By Eduard Kovacs Microsoft patches CVE-2024-29988 and CVE-2024-26234, two zero-day vulnerabilities exploited by threat actors to deliver malware. The post Microsoft Patches Two Zero-Days Exploited for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Microsoft Patches Two Zero-Days Exploited for Malware Delivery Read More »

Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers

cloud security, CVE-2024-29990, Kubernetes, Microsoft, Patch Tuesday, Vulnerabilities /

Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers 2024-04-09 at 22:02 By Ryan Naraine Patch Tuesday: Microsoft warns that unauthenticated hackers can take complete control of Azure Kubernetes clusters. The post Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers Read More »

Patch Tuesday: Code Execution Flaws in Multiple Adobe Software Products

Adobe Commerce, magento, Malware & Threats, Patch Tuesday, Vulnerabilities /

Patch Tuesday: Code Execution Flaws in Multiple Adobe Software Products 2024-04-09 at 20:47 By Ryan Naraine Adobe calls attention to a pair of code execution bugs in Adobe Commerce and Magento Open Source, a product used to manage online stories. The post Patch Tuesday: Code Execution Flaws in Multiple Adobe Software Products appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Patch Tuesday: Code Execution Flaws in Multiple Adobe Software Products Read More »

SAP’s April 2024 Updates Patch High-Severity Vulnerabilities

SAP, Vulnerabilities /

SAP’s April 2024 Updates Patch High-Severity Vulnerabilities 2024-04-09 at 16:46 By Ionut Arghire SAP has released 12 new and updated security notes on April 2024 Security Patch Day, including three notes dealing with high-severity vulnerabilities. The post SAP’s April 2024 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

SAP’s April 2024 Updates Patch High-Severity Vulnerabilities Read More »

Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability

CVE-2024-21894, Ivanti, Network Security, VPN, Vulnerabilities /

Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability 2024-04-08 at 18:01 By Ionut Arghire Researchers at the Shadowserver Foundation identify thousands of internet-exposed Ivanti VPN appliances likely impacted by a recently disclosed vulnerability leading to remote code execution. The post Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability Read More »

Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits

exploit, Featured, Vulnerabilities /

Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits 2024-04-08 at 15:46 By Ionut Arghire Crowdfense has announced a $30 million exploit acquisition program covering Android, iOS, Chrome, and Safari zero-days. The post Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits Read More »

Cisco Warns of Vulnerability in Discontinued Small Business Routers

Cisco, CVE-2024-20362, KV Botnet, Network Security, routers, Vulnerabilities /

Cisco Warns of Vulnerability in Discontinued Small Business Routers 2024-04-05 at 19:02 By Ionut Arghire Cisco says it will not release patches for a cross-site scripting vulnerability impacting end-of-life small business routers. The post Cisco Warns of Vulnerability in Discontinued Small Business Routers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Cisco Warns of Vulnerability in Discontinued Small Business Routers Read More »

Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz

CVE-2023-46805, CVE-2024-21887, Government, Ivanti, Nation-State, Pulse Secure, Vulnerabilities, Zero-Day /

Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz 2024-04-04 at 22:31 By Ryan Naraine Ivanti releases a carefully scripted YouTube video and an open letter from chief executive Jeff Abbott vowing to fix the entire security organization. The post Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz Read More »

Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems

Vulnerabilities, vulnerability /

Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems 2024-04-04 at 15:33 By Ionut Arghire A critical OS command injection in Progress Flowmon can be exploited to gain remote, unauthenticated access to the system. The post Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems Read More »

Zoom Paid Out $10 Million via Bug Bounty Program Since 2019

bug bounty program, Vulnerabilities, Zoom /

Zoom Paid Out $10 Million via Bug Bounty Program Since 2019 2024-04-04 at 13:16 By Eduard Kovacs Video conferencing giant Zoom has paid out $10 million through its bug bounty program since it was launched in 2019. The post Zoom Paid Out $10 Million via Bug Bounty Program Since 2019 appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Zoom Paid Out $10 Million via Bug Bounty Program Since 2019 Read More »

CVE and NVD – A Weak and Fractured Source of Vulnerability Truth

CVE, Featured, MITRE, NVD, Vulnerabilities /

CVE and NVD – A Weak and Fractured Source of Vulnerability Truth 2024-04-03 at 17:17 By Kevin Townsend MITRE is unable to compile a list of all new vulnerabilities, and NIST is unable to subsequently, and consequently, provide an enriched database of all vulnerabilities. What went wrong, and what can be done? The post CVE

React to this headline:

Loading spinner

CVE and NVD – A Weak and Fractured Source of Vulnerability Truth Read More »

Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites

Vulnerabilities, vulnerability, WordPress /

Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites 2024-04-03 at 16:16 By Ionut Arghire A critical SQL injection vulnerability in the LayerSlider WordPress plugin allows attackers to extract sensitive information. The post Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites Read More »

Google Patches Chrome Flaw That Earned Hackers $42,500 at Pwn2Own

Chrome, Pwn2Own, Vulnerabilities /

Google Patches Chrome Flaw That Earned Hackers $42,500 at Pwn2Own 2024-04-03 at 14:16 By Ionut Arghire Google pushes a new Chrome update to patch another zero-day vulnerability demonstrated at a hacking contest. The post Google Patches Chrome Flaw That Earned Hackers $42,500 at Pwn2Own appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Google Patches Chrome Flaw That Earned Hackers $42,500 at Pwn2Own Read More »

Security Flaw in WP-Members Plugin Leads to Script Injection

Application Security, CVE-2024-1852, Vulnerabilities, Wordfence, WordPress, WP-Members /

Security Flaw in WP-Members Plugin Leads to Script Injection 2024-04-02 at 18:46 By Ionut Arghire A cross-site scripting vulnerability in the WP-Members Membership plugin could allow attackers to inject scripts into user profile pages. The post Security Flaw in WP-Members Plugin Leads to Script Injection appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Security Flaw in WP-Members Plugin Leads to Script Injection Read More »

Hotel Self Check-In Kiosks Exposed Room Access Codes

door hack, hotel, IoT Security, Vulnerabilities /

Hotel Self Check-In Kiosks Exposed Room Access Codes 2024-04-02 at 17:01 By Eduard Kovacs Self check-in kiosks at Ibis Budget hotels were affected by a vulnerability that exposed keypad codes that could be used to enter rooms.  The post Hotel Self Check-In Kiosks Exposed Room Access Codes appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Hotel Self Check-In Kiosks Exposed Room Access Codes Read More »

Scroll to Top