Vulnerabilities

Dozens of RCE Vulnerabilities Impact Milesight Industrial Router

ICS/OT, Industrial, router, Vulnerabilities /

Dozens of RCE Vulnerabilities Impact Milesight Industrial Router 03/08/2023 at 17:47 By Ionut Arghire Cisco Talos researchers warn of dozens of critical- and high-severity vulnerabilities in the Milesight UR32L industrial router leading to code execution. The post Dozens of RCE Vulnerabilities Impact Milesight Industrial Router appeared first on SecurityWeek. This article is an excerpt from […]

React to this headline:

Loading spinner

Dozens of RCE Vulnerabilities Impact Milesight Industrial Router Read More »

Google Awards Over $60,000 for V8 Vulnerabilities Patched With Chrome 115 Update

Chrome, Vulnerabilities /

Google Awards Over $60,000 for V8 Vulnerabilities Patched With Chrome 115 Update 03/08/2023 at 12:47 By Ionut Arghire Google has paid out over $60,000 for three high-severity type confusion vulnerabilities in Chrome’s V8 engine. The post Google Awards Over $60,000 for V8 Vulnerabilities Patched With Chrome 115 Update appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Google Awards Over $60,000 for V8 Vulnerabilities Patched With Chrome 115 Update Read More »

Firefox 116 Patches High-Severity Vulnerabilities

Vulnerabilities /

Firefox 116 Patches High-Severity Vulnerabilities 02/08/2023 at 15:42 By Ionut Arghire Firefox 116 was released with patches for 14 CVEs, including nine high-severity vulnerabilities, some of which can lead to remote code execution or sandbox escapes. The post Firefox 116 Patches High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Firefox 116 Patches High-Severity Vulnerabilities Read More »

Hacker Conversations: Youssef Sammouda, Bug Bounty Hunter

Hacker Conversations, Vulnerabilities /

Hacker Conversations: Youssef Sammouda, Bug Bounty Hunter 01/08/2023 at 15:49 By Kevin Townsend SecurityWeek speaks to Youssef Sammouda about using cybersecurity research and bug bounties as a way of life and source of income. The post Hacker Conversations: Youssef Sammouda, Bug Bounty Hunter appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Hacker Conversations: Youssef Sammouda, Bug Bounty Hunter Read More »

Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks

Featured, Ivanti, Malware & Threats, Vulnerabilities, Zero-Day /

Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks 31/07/2023 at 13:31 By Eduard Kovacs Ivanti EPMM customers have been warned of CVE-2023-35081, a second zero-day vulnerability that has been exploited in targeted attacks. The post Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks Read More »

In Other News: Data Breach Cost Rises, Russia Targets Diplomats, Tracker Alerts in Android 

Data Breaches, In Other News, Mobile & Wireless, Vulnerabilities /

In Other News: Data Breach Cost Rises, Russia Targets Diplomats, Tracker Alerts in Android  28/07/2023 at 19:17 By SecurityWeek News Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of July 24, 2023. The post In Other News: Data Breach Cost Rises, Russia

React to this headline:

Loading spinner

In Other News: Data Breach Cost Rises, Russia Targets Diplomats, Tracker Alerts in Android  Read More »

US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications

Government, guidance, Vulnerabilities, web security /

US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications 28/07/2023 at 19:17 By Ionut Arghire US and Australian government agencies provide guidance on addressing access control vulnerabilities in web applications. The post US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications Read More »

Zimbra Patches Exploited Zero-Day Vulnerability

Vulnerabilities, Zero-Day, Zimbra /

Zimbra Patches Exploited Zero-Day Vulnerability 28/07/2023 at 15:47 By Ionut Arghire Zimbra has released patches for a cross-site scripting (XSS) vulnerability that has been exploited in malicious attacks. The post Zimbra Patches Exploited Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Zimbra Patches Exploited Zero-Day Vulnerability Read More »

Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads

cloud security, Featured, Ubuntu, Vulnerabilities, vulnerability /

Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads 27/07/2023 at 17:20 By Kevin Townsend Researchers discovered two vulnerabilities in the Ubuntu OverlayFS module: CVE-2023-2640 and CVE-2023-32629 (together dubbed ‘GameOver(lay)’). The post Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads Read More »

Wiz Says 62% of AWS Environments Exposed to Zenbleed Exploitation

Amd, cloud security, CVE-2023-20593, Project Zero, Tavis Ormandy, Vulnerabilities, zenbleed /

Wiz Says 62% of AWS Environments Exposed to Zenbleed Exploitation 27/07/2023 at 04:18 By Ryan Naraine Researchers say a whopping 62 percent of AWS environments may be exposed to the newly documented AMD ‘Zenbleed’ information leak flaw. The post Wiz Says 62% of AWS Environments Exposed to Zenbleed Exploitation appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Wiz Says 62% of AWS Environments Exposed to Zenbleed Exploitation Read More »

Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks

Microsoft, MSMQ, Vulnerabilities /

Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks 26/07/2023 at 17:34 By Ionut Arghire Fortinet has published details on a series of critical- and high-severity vulnerabilities in the Microsoft Message Queuing service. The post Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks Read More »

TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems

ICS, ICS/OT, Vulnerabilities, vulnerability /

TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems 25/07/2023 at 19:32 By Kevin Townsend TETRA:BURST – vulnerabilities in widely used radio standard could threaten military and law enforcement communications, as well as ICS. The post TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems Read More »

AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information

Endpoint Security, Vulnerabilities /

AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information 25/07/2023 at 15:48 By Eduard Kovacs AMD has released microcode patches to address Zenbleed, a vulnerability in its Zen 2 CPUs that can allow an attacker to access sensitive information. The post AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information Read More »

Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government

cybercrime, exploited, Featured, Ivanti, Vulnerabilities, Zero-Day /

Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government 25/07/2023 at 13:04 By Eduard Kovacs An Ivanti EPMM product zero-day vulnerability tracked as CVE-2023-35078 has been exploited in an attack aimed at the Norwegian government. The post Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government Read More »

Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks

apple, Government, iOS, Mobile & Wireless, Vulnerabilities, Zero-Day /

Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks 25/07/2023 at 03:03 By Ryan Naraine Apple patches another zero-day flaw used in the ‘Operation Triangulation’ exploit chain. iOS and macOS-powered devices are affected. The post Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks Read More »

Over 20,000 Citrix Appliances Vulnerable to New Exploit

Citrix, exploit, Vulnerabilities /

Over 20,000 Citrix Appliances Vulnerable to New Exploit 24/07/2023 at 17:02 By Ionut Arghire Over 20,000 appliances are vulnerable to a new exploit technique targeting a recent Citrix ADC zero-day vulnerability CVE-2023-3519. The post Over 20,000 Citrix Appliances Vulnerable to New Exploit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Over 20,000 Citrix Appliances Vulnerable to New Exploit Read More »

Perimeter81 Vulnerability Disclosed After Botched Disclosure Process

Vulnerabilities, vulnerability /

Perimeter81 Vulnerability Disclosed After Botched Disclosure Process 24/07/2023 at 14:30 By Eduard Kovacs Cybersecurity firm Perimeter81 appears to have botched the responsible disclosure process for a privilege escalation vulnerability found in its macOS application. The post Perimeter81 Vulnerability Disclosed After Botched Disclosure Process appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Perimeter81 Vulnerability Disclosed After Botched Disclosure Process Read More »

Atlassian Patches Remote Code Execution Vulnerabilities in Confluence, Bamboo

Atlassian, Confluence, Vulnerabilities /

Atlassian Patches Remote Code Execution Vulnerabilities in Confluence, Bamboo 24/07/2023 at 14:30 By Ionut Arghire Atlassian patches high-severity remote code execution vulnerabilities in Confluence and Bamboo products. The post Atlassian Patches Remote Code Execution Vulnerabilities in Confluence, Bamboo appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Atlassian Patches Remote Code Execution Vulnerabilities in Confluence, Bamboo Read More »

OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers

Vulnerabilities, vulnerability /

OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers 21/07/2023 at 16:03 By Ionut Arghire Three vulnerabilities in Apache OpenMeetings could be exploited by attackers to take over an administrator account and execute arbitrary code remotely. The post OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers appeared first on SecurityWeek.

React to this headline:

Loading spinner

OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers Read More »

Citrix Zero-Day Exploited Against Critical Infrastructure Organization

Citrix, exploited, Featured, Vulnerabilities, Zero-Day /

Citrix Zero-Day Exploited Against Critical Infrastructure Organization 21/07/2023 at 13:33 By Eduard Kovacs CISA says the new Citrix zero day vulnerability tracked as CVE-2023-3519 has been exploited against a critical infrastructure organization. The post Citrix Zero-Day Exploited Against Critical Infrastructure Organization appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Citrix Zero-Day Exploited Against Critical Infrastructure Organization Read More »

Scroll to Top