Vulnerabilities

Vulnerabilities Expose PAX Payment Terminals to Hacking

PoS, Vulnerabilities /

Vulnerabilities Expose PAX Payment Terminals to Hacking 2024-01-16 at 18:16 By Ionut Arghire Vulnerabilities in Android-based PoS terminals from PAX can be exploited to downgrade bootloaders, execute arbitrary code. The post Vulnerabilities Expose PAX Payment Terminals to Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React […]

React to this headline:

Loading spinner

Vulnerabilities Expose PAX Payment Terminals to Hacking Read More »

Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation

Microsoft, Network Security, Pixiefail, Quarkslab, Supply Chain Security, Tianocore, UEFI, Vulnerabilities /

Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation 2024-01-16 at 16:16 By Ryan Naraine Quarkslab finds serious, remotely exploitable vulnerabilities in EDK II, the de-facto open source reference implementation of the UEFI spec. The post Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation Read More »

180k Internet-Exposed SonicWall Firewalls Vulnerable to DoS Attacks, Possibly RCE

SonicWall, Vulnerabilities /

180k Internet-Exposed SonicWall Firewalls Vulnerable to DoS Attacks, Possibly RCE 2024-01-16 at 16:16 By Ionut Arghire Two DoS vulnerabilities patched in 2022 and 2023 haunt nearly 180,000 internet-exposed SonicWall firewalls. The post 180k Internet-Exposed SonicWall Firewalls Vulnerable to DoS Attacks, Possibly RCE appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

180k Internet-Exposed SonicWall Firewalls Vulnerable to DoS Attacks, Possibly RCE Read More »

Remote Code Execution Vulnerability Found in Opera File Sharing Feature

Opera, Vulnerabilities, vulnerability /

Remote Code Execution Vulnerability Found in Opera File Sharing Feature 2024-01-16 at 16:16 By Ionut Arghire A vulnerability in Opera browser’s file sharing feature My Flow could be exploited for remote code execution. The post Remote Code Execution Vulnerability Found in Opera File Sharing Feature appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Remote Code Execution Vulnerability Found in Opera File Sharing Feature Read More »

VMware Urges Customers to Patch Critical Aria Automation Vulnerability 

VMWare, Vulnerabilities, vulnerability /

VMware Urges Customers to Patch Critical Aria Automation Vulnerability  2024-01-16 at 16:16 By Eduard Kovacs Aria Automation is affected by a critical vulnerability that could be exploited to gain access to remote organizations and workflows. The post VMware Urges Customers to Patch Critical Aria Automation Vulnerability  appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

VMware Urges Customers to Patch Critical Aria Automation Vulnerability  Read More »

GitLab Patches Critical Password Reset Vulnerability

GitLab, Vulnerabilities, vulnerability /

GitLab Patches Critical Password Reset Vulnerability 2024-01-15 at 13:46 By Ionut Arghire GitLab has resolved a critical authentication vulnerability allowing attackers to hijack password reset emails. The post GitLab Patches Critical Password Reset Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

GitLab Patches Critical Password Reset Vulnerability Read More »

Juniper Networks Patches Critical Remote Code Execution Flaw in Firewalls, Switches

Juniper, Vulnerabilities /

Juniper Networks Patches Critical Remote Code Execution Flaw in Firewalls, Switches 2024-01-15 at 13:18 By Eduard Kovacs Juniper Networks patches over 100 vulnerabilities, including a critical flaw that can be exploited for remote code execution against firewalls and switches. The post Juniper Networks Patches Critical Remote Code Execution Flaw in Firewalls, Switches appeared first on

React to this headline:

Loading spinner

Juniper Networks Patches Critical Remote Code Execution Flaw in Firewalls, Switches Read More »

Apple Patches Keystroke Injection Vulnerability in Magic Keyboard

apple, keyboard, Vulnerabilities /

Apple Patches Keystroke Injection Vulnerability in Magic Keyboard 2024-01-12 at 13:16 By Ionut Arghire Apple’s latest Magic Keyboard firmware addresses a recently disclosed Bluetooth keyboard injection vulnerability. The post Apple Patches Keystroke Injection Vulnerability in Magic Keyboard appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Apple Patches Keystroke Injection Vulnerability in Magic Keyboard Read More »

Intel, AMD, Zoom, Splunk Release Patch Tuesday Security Advisories

Amd, Intel, Patch Tuesday, Splunk, Vulnerabilities, Zoom /

Intel, AMD, Zoom, Splunk Release Patch Tuesday Security Advisories 2024-01-11 at 16:32 By Eduard Kovacs Intel, AMD, Zoom and Splunk released security advisories on Patch Tuesday to inform customers about vulnerabilities found in their products. The post Intel, AMD, Zoom, Splunk Release Patch Tuesday Security Advisories appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Intel, AMD, Zoom, Splunk Release Patch Tuesday Security Advisories Read More »

Cisco Patches Critical Vulnerability in Unity Connection Product

Cisco, Vulnerabilities /

Cisco Patches Critical Vulnerability in Unity Connection Product 2024-01-11 at 14:32 By Ionut Arghire Cisco Unity Connection flaw could allow remote, unauthenticated attackers to upload arbitrary files and execute commands on the system. The post Cisco Patches Critical Vulnerability in Unity Connection Product appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Cisco Patches Critical Vulnerability in Unity Connection Product Read More »

Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days

Ivanti, Nation-State, Volexity, VPN, Vulnerabilities, Zero-Day /

Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days 2024-01-11 at 00:01 By Ryan Naraine Ivanti confirms active zero-day exploits, ships pre-patch mitigations, but says comprehensive fixes won’t be available until January 22. The post Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days Read More »

Kyocera Device Manager Vulnerability Exposes Enterprise Credentials

printer, Vulnerabilities /

Kyocera Device Manager Vulnerability Exposes Enterprise Credentials 2024-01-10 at 15:32 By Ionut Arghire An improper input validation flaw in Kyocera Device Manager allows attackers to capture credentials, compromise accounts. The post Kyocera Device Manager Vulnerability Exposes Enterprise Credentials appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Kyocera Device Manager Vulnerability Exposes Enterprise Credentials Read More »

SAP’s First Patches of 2024 Resolve Critical Vulnerabilities

SAP, Vulnerabilities /

SAP’s First Patches of 2024 Resolve Critical Vulnerabilities 2024-01-10 at 15:32 By Ionut Arghire SAP has released patches for critical vulnerabilities in Business Application Studio, Web IDE, and Edge Integration Cell. The post SAP’s First Patches of 2024 Resolve Critical Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

SAP’s First Patches of 2024 Resolve Critical Vulnerabilities Read More »

Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V

Hyper-V, Kerberos, Microsoft, Network Security, Patch Tuesday, Vulnerabilities /

Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V 2024-01-09 at 21:02 By Ryan Naraine Patch Tuesday: Redmond patches critical, remote code execution vulnerabilities haunting Windows Kerberos and Windows Hyper-V. The post Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V Read More »

Adobe Patches Code Execution Flaws in Substance 3D Stager

Adobe, Malware & Threats, memory corruption, Patch Tuesday, Substance 3D Stager, Vulnerabilities /

Adobe Patches Code Execution Flaws in Substance 3D Stager 2024-01-09 at 20:02 By Ryan Naraine Patch Tuesday: Adobe patches six security flaws in the Substance 3D Stager product and warned of code execution risks on Windows and macOS. The post Adobe Patches Code Execution Flaws in Substance 3D Stager appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Adobe Patches Code Execution Flaws in Substance 3D Stager Read More »

CISA Warns of Apache Superset Vulnerability Exploitation

Apache, CISA KEV, exploited, Vulnerabilities /

CISA Warns of Apache Superset Vulnerability Exploitation 2024-01-09 at 20:02 By Ionut Arghire CISA has added a critical-severity Apache Superset flaw (CVE-2023-27524) to its Known Exploited Vulnerabilities catalog. The post CISA Warns of Apache Superset Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

CISA Warns of Apache Superset Vulnerability Exploitation Read More »

QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products

QNAP, Vulnerabilities, vulnerability /

QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products 2024-01-08 at 17:01 By Ionut Arghire QNAP has released patches for a dozen vulnerabilities in its products, including several high-severity flaws. The post QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products Read More »

Vulnerability Handling in 2023: 28,000 New CVEs, 84 New CNAs

Vulnerabilities, vulnerability /

Vulnerability Handling in 2023: 28,000 New CVEs, 84 New CNAs 2024-01-08 at 13:31 By Eduard Kovacs A total of more than 28,000 CVE IDs were assigned in 2023 and 84 new CVE Numbering Authorities (CNAs) were named.  The post Vulnerability Handling in 2023: 28,000 New CVEs, 84 New CNAs appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Vulnerability Handling in 2023: 28,000 New CVEs, 84 New CNAs Read More »

Ivanti Patches Critical Vulnerability in Endpoint Manager

Ivanti, Vulnerabilities /

Ivanti Patches Critical Vulnerability in Endpoint Manager 2024-01-05 at 14:17 By Ionut Arghire CVE-2023-39336, a critical vulnerability in Ivanti EPM, may lead to device takeover and code execution on the server. The post Ivanti Patches Critical Vulnerability in Endpoint Manager appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Ivanti Patches Critical Vulnerability in Endpoint Manager Read More »

Google Patches Six Vulnerabilities With First Chrome Update of 2024

Chrome, Vulnerabilities /

Google Patches Six Vulnerabilities With First Chrome Update of 2024 2024-01-04 at 17:20 By Ionut Arghire Google has released a Chrome 120 update to resolve six vulnerabilities, including four reported by external researchers. The post Google Patches Six Vulnerabilities With First Chrome Update of 2024 appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Google Patches Six Vulnerabilities With First Chrome Update of 2024 Read More »

Scroll to Top