Vulnerabilities

MITRE Updates CWE Top 25 Most Dangerous Software Weaknesses

Application Security, CWE, MITRE, Vulnerabilities, vulnerability /

MITRE Updates CWE Top 25 Most Dangerous Software Weaknesses 30/06/2023 at 15:16 By Ionut Arghire Use-after-free and OS command injection vulnerabilities reach the top five most dangerous software weaknesses in the 2023 CWE Top 25 list. The post MITRE Updates CWE Top 25 Most Dangerous Software Weaknesses appeared first on SecurityWeek. This article is an […]

React to this headline:

Loading spinner

MITRE Updates CWE Top 25 Most Dangerous Software Weaknesses Read More »

Serious Vulnerability Exposes Admin Interface of Arcserve UDP Backup Solution

Arcserve, Vulnerabilities, vulnerability /

Serious Vulnerability Exposes Admin Interface of Arcserve UDP Backup Solution 29/06/2023 at 16:47 By Ionut Arghire Researchers publish PoC for a high-severity authentication bypass vulnerability in the Arcserve UDP data backup solution. The post Serious Vulnerability Exposes Admin Interface of Arcserve UDP Backup Solution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Serious Vulnerability Exposes Admin Interface of Arcserve UDP Backup Solution Read More »

Chrome 114 Update Patches High-Severity Vulnerabilities

Vulnerabilities /

Chrome 114 Update Patches High-Severity Vulnerabilities 27/06/2023 at 15:18 By Ionut Arghire Google says it handed out $35,000 in bug bounty rewards for three high-severity vulnerabilities in Chrome 114. The post Chrome 114 Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Chrome 114 Update Patches High-Severity Vulnerabilities Read More »

Fortinet Patches Critical RCE Vulnerability in FortiNAC

Vulnerabilities /

Fortinet Patches Critical RCE Vulnerability in FortiNAC 26/06/2023 at 18:36 By Ionut Arghire Fortinet releases patches for a critical FortiNAC vulnerability leading to remote code execution without authentication. The post Fortinet Patches Critical RCE Vulnerability in FortiNAC appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Fortinet Patches Critical RCE Vulnerability in FortiNAC Read More »

Remotely Exploitable DoS Vulnerabilities Patched in BIND

Vulnerabilities /

Remotely Exploitable DoS Vulnerabilities Patched in BIND 26/06/2023 at 14:47 By Ionut Arghire The latest BIND updates address three high-severity, remotely exploitable vulnerabilities leading to denial-of-service (DoS). The post Remotely Exploitable DoS Vulnerabilities Patched in BIND appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Remotely Exploitable DoS Vulnerabilities Patched in BIND Read More »

NSA Issues Guidance on Mitigating BlackLotus Bootkit Infections

bootkit, firmware, Malware & Threats, NSA, UEFI, Vulnerabilities /

NSA Issues Guidance on Mitigating BlackLotus Bootkit Infections 23/06/2023 at 20:58 By Ionut Arghire The National Security Agency (NSA) has released mitigation guidance to help organizations stave off BlackLotus UEFI bootkit infections. The post NSA Issues Guidance on Mitigating BlackLotus Bootkit Infections appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

NSA Issues Guidance on Mitigating BlackLotus Bootkit Infections Read More »

CISA Tells US Agencies to Patch Exploited Roundcube, VMware Flaws

and CVE-2021-44026, CISA, CVE-2020-12641, CVE-2020-35730, Government, Incident Response, KEV catalog, Vulnerabilities /

CISA Tells US Agencies to Patch Exploited Roundcube, VMware Flaws 23/06/2023 at 18:43 By Ionut Arghire The US government’s cybersecurity agency adds VMware and Roundcube server flaws to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Tells US Agencies to Patch Exploited Roundcube, VMware Flaws appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

CISA Tells US Agencies to Patch Exploited Roundcube, VMware Flaws Read More »

VMware Patches Code Execution Vulnerabilities in vCenter Server

VMWare, Vulnerabilities /

VMware Patches Code Execution Vulnerabilities in vCenter Server 23/06/2023 at 17:19 By Ionut Arghire VMware published software updates to address multiple memory corruption vulnerabilities in vCenter Server that could lead to remote code execution. The post VMware Patches Code Execution Vulnerabilities in vCenter Server appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

VMware Patches Code Execution Vulnerabilities in vCenter Server Read More »

The Benefits of Red Zone Threat Intelligence

Threat Intelligence, Vulnerabilities /

The Benefits of Red Zone Threat Intelligence 22/06/2023 at 16:31 By Derek Manky Incorporating Red Zone threat intelligence into your security strategy will help you stay on top of the latest threats and better protect your organization. The post The Benefits of Red Zone Threat Intelligence appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

The Benefits of Red Zone Threat Intelligence Read More »

PoC Exploit Published for Cisco AnyConnect Secure Vulnerability

Cisco, exploit, Vulnerabilities /

PoC Exploit Published for Cisco AnyConnect Secure Vulnerability 22/06/2023 at 16:31 By Ionut Arghire A security researcher has published proof-of-concept (PoC) exploit code targeting a recent high-severity vulnerability (CVE-2023-20178) in Cisco AnyConnect Secure. The post PoC Exploit Published for Cisco AnyConnect Secure Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

PoC Exploit Published for Cisco AnyConnect Secure Vulnerability Read More »

Apple Patches iOS Flaws Used in Kaspersky ‘Operation Triangulation’ 

CVE-2023-32434, CVE-2023-32435, Nation-State, Vulnerabilities, Zero-Day /

Apple Patches iOS Flaws Used in Kaspersky ‘Operation Triangulation’  21/06/2023 at 22:52 By Ionut Arghire Apple ships major iOS security updates to cover code execution vulnerabilities already exploited in the wild. The post Apple Patches iOS Flaws Used in Kaspersky ‘Operation Triangulation’  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Apple Patches iOS Flaws Used in Kaspersky ‘Operation Triangulation’  Read More »

Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites

Application Security, CVE-2023-2834, CVE-2023-2986, CVSS 9.8, Vulnerabilities, WooCommerce, WordPress /

Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites 21/06/2023 at 19:14 By Ionut Arghire Two critical-severity authentication bypass vulnerabilities in WordPress plugins with tens of thousands of installations. The post Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites Read More »

Enphase Ignores CISA Request to Fix Remotely Exploitable Flaws

CISA, Enphase, ICS/OT, IoT Security, Vulnerabilities /

Enphase Ignores CISA Request to Fix Remotely Exploitable Flaws 21/06/2023 at 19:14 By Ionut Arghire Enphase Energy has ignored CISA requests to fix remotely exploitable vulnerabilities in Enphase products. The post Enphase Ignores CISA Request to Fix Remotely Exploitable Flaws appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Enphase Ignores CISA Request to Fix Remotely Exploitable Flaws Read More »

Chrome and Its Vulnerabilities – Is the Web Browser Safe to Use?

Chrome, Featured, Google Chrome, Vulnerabilities /

Chrome and Its Vulnerabilities – Is the Web Browser Safe to Use? 21/06/2023 at 15:33 By Kevin Townsend Why are there so many vulnerabilities in Chrome? Is it realistically safe to use? Can Google do anything to make the web browser safer? The post Chrome and Its Vulnerabilities – Is the Web Browser Safe to

React to this headline:

Loading spinner

Chrome and Its Vulnerabilities – Is the Web Browser Safe to Use? Read More »

VMware Confirms Live Exploits Hitting Just-Patched Security Flaw

Aria Operations for Networks, Malware & Threats, Network Security, virtualization, VMWare, Vulnerabilities /

VMware Confirms Live Exploits Hitting Just-Patched Security Flaw 21/06/2023 at 03:16 By Ryan Naraine VMware updates a critical-level bulletin: “VMware has confirmed that exploitation of CVE-2023-20887 has occurred in the wild.” The post VMware Confirms Live Exploits Hitting Just-Patched Security Flaw appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

VMware Confirms Live Exploits Hitting Just-Patched Security Flaw Read More »

Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps

Azure, cloud security, Microsoft, noAuth, OAuth, Vulnerabilities /

Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps 20/06/2023 at 23:24 By Ryan Naraine Businesses using ‘Log in with Microsoft’ could be exposed to privilege escalation and full account takeover exploits. The post Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps Read More »

Asus Patches Highly Critical WiFi Router Flaws

Asus, CVE-2018-1160, CVE-2022-26376, firmware, Mobile & Wireless, router, Vulnerabilities /

Asus Patches Highly Critical WiFi Router Flaws 20/06/2023 at 00:17 By Ryan Naraine Asus patches nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks. The post Asus Patches Highly Critical WiFi Router Flaws appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Asus Patches Highly Critical WiFi Router Flaws Read More »

Western Digital Blocks Unpatched Devices From Cloud Services

CVE-2022-36327, Endpoint Security, firmware, Vulnerabilities, Western Digital /

Western Digital Blocks Unpatched Devices From Cloud Services 19/06/2023 at 18:08 By Ionut Arghire Western Digital is blocking access to its cloud services for devices running firmware versions impacted by a critical security vulnerability. The post Western Digital Blocks Unpatched Devices From Cloud Services appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Western Digital Blocks Unpatched Devices From Cloud Services Read More »

MOVEit Customers Urged to Patch Third Critical Vulnerability

Featured, MOVEit, Vulnerabilities /

MOVEit Customers Urged to Patch Third Critical Vulnerability 19/06/2023 at 14:17 By Ionut Arghire A critical vulnerability (CVE-2023-35708) in MOVEit software could allow unauthenticated attackers to access database content. The post MOVEit Customers Urged to Patch Third Critical Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

MOVEit Customers Urged to Patch Third Critical Vulnerability Read More »

SquareX Launches Bug Bounty Program for Browser Security Product

bug bounty program, SquareX, Vulnerabilities /

SquareX Launches Bug Bounty Program for Browser Security Product 15/06/2023 at 18:28 By Ionut Arghire Cybersecurity startup SquareX launches a temporary bug bounty program for its cloud-based browser security solution. The post SquareX Launches Bug Bounty Program for Browser Security Product appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

SquareX Launches Bug Bounty Program for Browser Security Product Read More »

Scroll to Top