Vulnerabilities

Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability 

Linux, Vulnerabilities, vulnerability /

Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability  2024-02-07 at 16:31 By Ionut Arghire A critical remote code execution vulnerability in Shim could allow attackers to take over vulnerable Linux systems. The post Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability  appeared first on SecurityWeek. This article is an excerpt from […]

React to this headline:

Loading spinner

Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability  Read More »

JetBrains Patches Critical Authentication Bypass in TeamCity

TeamCity, Vulnerabilities /

JetBrains Patches Critical Authentication Bypass in TeamCity 2024-02-07 at 16:31 By Ionut Arghire JetBrains releases patches for a critical-severity TeamCity authentication bypass leading to remote code execution. The post JetBrains Patches Critical Authentication Bypass in TeamCity appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

JetBrains Patches Critical Authentication Bypass in TeamCity Read More »

Fortinet Patches Critical Vulnerabilities in FortiSIEM

Fortinet, Vulnerabilities /

Fortinet Patches Critical Vulnerabilities in FortiSIEM 2024-02-07 at 14:16 By Ionut Arghire Two critical OS command injection flaws in FortiSIEM could allow remote attackers to execute arbitrary code. The post Fortinet Patches Critical Vulnerabilities in FortiSIEM appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Fortinet Patches Critical Vulnerabilities in FortiSIEM Read More »

Canon Patches 7 Critical Vulnerabilities in Small Office Printers

Canon, printer, Vulnerabilities /

Canon Patches 7 Critical Vulnerabilities in Small Office Printers 2024-02-06 at 16:01 By Ionut Arghire Canon announces patches for seven critical-severity remote code execution flaws impacting small office printer models. The post Canon Patches 7 Critical Vulnerabilities in Small Office Printers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Canon Patches 7 Critical Vulnerabilities in Small Office Printers Read More »

Critical Remote Code Execution Vulnerability Patched in Android

Android, Vulnerabilities /

Critical Remote Code Execution Vulnerability Patched in Android 2024-02-06 at 14:46 By Ionut Arghire Android’s February 2024 security patches resolve 46 vulnerabilities, including a critical remote code execution bug. The post Critical Remote Code Execution Vulnerability Patched in Android appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Critical Remote Code Execution Vulnerability Patched in Android Read More »

QNAP Patches High-Severity Bugs in QTS, Qsync Central

QNAP, Vulnerabilities /

QNAP Patches High-Severity Bugs in QTS, Qsync Central 2024-02-05 at 16:46 By Ionut Arghire Two high-severity vulnerabilities in QNAP’s operating system could lead to command execution over the network. The post QNAP Patches High-Severity Bugs in QTS, Qsync Central appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

QNAP Patches High-Severity Bugs in QTS, Qsync Central Read More »

CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products

CISA KEV, Ivanti, Malware & Threats, VPN, Vulnerabilities, Zero-Day /

CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products 2024-02-01 at 19:01 By Ryan Naraine In an unprecedented move, CISA is demanding that federal agencies disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours. The post CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products appeared first

React to this headline:

Loading spinner

CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products Read More »

‘Leaky Vessels’ Container Escape Vulnerabilities Impact Docker, Others 

cloud security, container, Docker, Vulnerabilities, vulnerability /

‘Leaky Vessels’ Container Escape Vulnerabilities Impact Docker, Others  2024-02-01 at 18:01 By Eduard Kovacs Snyk discloses information on Leaky Vessels, several potentially serious container escape vulnerabilities affecting Docker and others. The post ‘Leaky Vessels’ Container Escape Vulnerabilities Impact Docker, Others  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

‘Leaky Vessels’ Container Escape Vulnerabilities Impact Docker, Others  Read More »

Apple Patches Vision Pro Vulnerability as CISA Warns of iOS Flaw Exploitation

IoT Security, Vulnerabilities /

Apple Patches Vision Pro Vulnerability as CISA Warns of iOS Flaw Exploitation 2024-02-01 at 12:47 By Eduard Kovacs Apple releases first security update for Vision Pro VR headset as CISA issues warning about exploitation of iOS vulnerability. The post Apple Patches Vision Pro Vulnerability as CISA Warns of iOS Flaw Exploitation appeared first on SecurityWeek.

React to this headline:

Loading spinner

Apple Patches Vision Pro Vulnerability as CISA Warns of iOS Flaw Exploitation Read More »

GNU C Library Vulnerability Leads to Full Root Access

CVE-2023-6246, GNU C, Linux, Qualys, Security Architecture, Vulnerabilities /

GNU C Library Vulnerability Leads to Full Root Access 2024-01-31 at 19:47 By Ionut Arghire Researchers at Qualys call attention to a vulnerability in Linux’s GNU C Library (glibc) that allows full root access to a system. The post GNU C Library Vulnerability Leads to Full Root Access appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

GNU C Library Vulnerability Leads to Full Root Access Read More »

After Delays, Ivanti Patches Zero-Days and Confirms New Exploit

CISA KEV, CVE-2023-46805, CVE-2024-21887, CVE-2024-21893, Featured, Ivanti, Malware & Threats, Vulnerabilities /

After Delays, Ivanti Patches Zero-Days and Confirms New Exploit 2024-01-31 at 19:47 By Ryan Naraine Ivanti documents a brand-new zero-day and belatedly ships patches; Mandiant is reporting “broad exploitation activity.” The post After Delays, Ivanti Patches Zero-Days and Confirms New Exploit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

After Delays, Ivanti Patches Zero-Days and Confirms New Exploit Read More »

Tor Code Audit Finds 17 Vulnerabilities

Application Security, audit, Tor, Vulnerabilities /

Tor Code Audit Finds 17 Vulnerabilities 2024-01-31 at 15:47 By Eduard Kovacs Over a dozen vulnerabilities discovered in Tor audit, including a high-risk flaw that can be exploited to inject arbitrary bridges.  The post Tor Code Audit Finds 17 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Tor Code Audit Finds 17 Vulnerabilities Read More »

45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation

exploited, Jenkins, Vulnerabilities /

45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation 2024-01-31 at 14:40 By Eduard Kovacs Shadowserver Foundation has seen 45,000 Jenkins instances affected by CVE-2024-23897, which may already be exploited in attacks. The post 45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation Read More »

Juniper Networks Patches Vulnerabilities in Switches, Firewalls

Juniper, Vulnerabilities /

Juniper Networks Patches Vulnerabilities in Switches, Firewalls 2024-01-30 at 16:46 By Ionut Arghire A high-severity flaw in the J-Web interface of Juniper’s Junos OS could lead to arbitrary command execution, remotely. The post Juniper Networks Patches Vulnerabilities in Switches, Firewalls appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Juniper Networks Patches Vulnerabilities in Switches, Firewalls Read More »

Ivanti Struggling to Hit Zero-Day Patch Release Schedule

CISA, CVE-2023-46805, CVE-2024-21887, Ivanti, Nation-State, Volexity, Vulnerabilities /

Ivanti Struggling to Hit Zero-Day Patch Release Schedule 2024-01-29 at 22:15 By Ryan Naraine Ivanti is struggling to hit its own timeline for the delivery of patches for critical — and already exploited — flaws in its flagship VPN appliances. The post Ivanti Struggling to Hit Zero-Day Patch Release Schedule appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Ivanti Struggling to Hit Zero-Day Patch Release Schedule Read More »

Vulnerabilities in WatchGuard, Panda Security Products Lead to Code Execution

Vulnerabilities, vulnerability /

Vulnerabilities in WatchGuard, Panda Security Products Lead to Code Execution 2024-01-29 at 18:21 By Ionut Arghire Two memory safety vulnerabilities in WatchGuard and Panda Security products could lead to code execution with System privileges. The post Vulnerabilities in WatchGuard, Panda Security Products Lead to Code Execution appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Vulnerabilities in WatchGuard, Panda Security Products Lead to Code Execution Read More »

PoC Exploit Published for Critical Jenkins Vulnerability

Jenkins, PoC, Vulnerabilities /

PoC Exploit Published for Critical Jenkins Vulnerability 2024-01-29 at 18:21 By Ionut Arghire PoC exploit code targeting a critical Jenkins vulnerability patched last week is already publicly available. The post PoC Exploit Published for Critical Jenkins Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

PoC Exploit Published for Critical Jenkins Vulnerability Read More »

Critical Jenkins Vulnerability Leads to Remote Code Execution

Vulnerabilities, vulnerability /

Critical Jenkins Vulnerability Leads to Remote Code Execution 2024-01-26 at 14:02 By Ionut Arghire A critical vulnerability in Jenkins’ built-in CLI allows remote attackers to obtain cryptographic keys and execute arbitrary code. The post Critical Jenkins Vulnerability Leads to Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Critical Jenkins Vulnerability Leads to Remote Code Execution Read More »

Hackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own Automotive

car hacking, Featured, IoT Security, Pwn2Own, Vulnerabilities /

Hackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own Automotive 2024-01-26 at 11:05 By Eduard Kovacs Participants have earned more than $1.3 million for hacking Teslas, EV chargers and infotainment systems at Pwn2Own Automotive. The post Hackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own Automotive appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Hackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own Automotive Read More »

New Offerings From Protect AI, Venafi Tackle Software Supply Chain Security

open source, Supply Chain Security, Vulnerabilities /

New Offerings From Protect AI, Venafi Tackle Software Supply Chain Security 2024-01-25 at 16:46 By Kevin Townsend Two new products aim to secure the traditional OSS supply chain, and the new AI model software supply chain. The post New Offerings From Protect AI, Venafi Tackle Software Supply Chain Security appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

New Offerings From Protect AI, Venafi Tackle Software Supply Chain Security Read More »

Scroll to Top