Vulnerabilities - Security Ticks

Cisco Says PoC Exploit Available for Newly Patched IMC Vulnerability

Cisco, Vulnerabilities, vulnerability / SecurityTicks

Cisco Says PoC Exploit Available for Newly Patched IMC Vulnerability 2024-04-18 at 15:46 By Ionut Arghire Cisco patches a high-severity Integrated Management Controller vulnerability for which PoC exploit code is available. The post Cisco Says PoC Exploit Available for Newly Patched IMC Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS […]

Cisco Says PoC Exploit Available for Newly Patched IMC Vulnerability Read More »

Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product

Ivanti, Vulnerabilities / SecurityTicks

Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product 2024-04-17 at 15:46 By Ionut Arghire Ivanti releases patches for 27 vulnerabilities in the Avalanche MDM product, including critical flaws leading to command execution. The post Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product Read More »

Oracle Patches 230 Vulnerabilities With April 2024 CPU

Featured, Oracle, Vulnerabilities / SecurityTicks

Oracle Patches 230 Vulnerabilities With April 2024 CPU 2024-04-17 at 14:31 By Ionut Arghire Oracle releases 441 new security patches to address 230 vulnerabilities as part of its April 2024 Critical Patch Update. The post Oracle Patches 230 Vulnerabilities With April 2024 CPU appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

Oracle Patches 230 Vulnerabilities With April 2024 CPU Read More »

Critical PuTTY Vulnerability Allows Secret Key Recovery

Encryption, PuTTY, Vulnerabilities / SecurityTicks

Critical PuTTY Vulnerability Allows Secret Key Recovery 2024-04-16 at 20:01 By Eduard Kovacs PuTTY vulnerability CVE-2024-31497 allows attackers to compromise private keys and use them to forge signatures. The post Critical PuTTY Vulnerability Allows Secret Key Recovery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Critical PuTTY Vulnerability Allows Secret Key Recovery Read More »

Delinea Scrambles to Patch Critical Flaw After Failed Responsible Disclosure Attempt

Delinea, Featured, Vulnerabilities, vulnerability / SecurityTicks

Delinea Scrambles to Patch Critical Flaw After Failed Responsible Disclosure Attempt 2024-04-16 at 13:46 By Eduard Kovacs PAM company Delinea over the weekend rushed to patch a critical authentication bypass vulnerability after it apparently ignored the researcher who found the flaw. The post Delinea Scrambles to Patch Critical Flaw After Failed Responsible Disclosure Attempt appeared

Delinea Scrambles to Patch Critical Flaw After Failed Responsible Disclosure Attempt Read More »

Juniper Networks Publishes Dozens of New Security Advisories

Juniper, Vulnerabilities, vulnerability / SecurityTicks

Juniper Networks Publishes Dozens of New Security Advisories 2024-04-15 at 17:04 By Ionut Arghire Juniper Networks patches dozens of vulnerabilities in Junos OS, Junos OS Evolved, and other products. The post Juniper Networks Publishes Dozens of New Security Advisories appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Juniper Networks Publishes Dozens of New Security Advisories Read More »

Palo Alto Networks Warns of Exploited Firewall Vulnerability

exploited, Featured, firewall, Palo Alto Networks, Vulnerabilities / SecurityTicks

Palo Alto Networks Warns of Exploited Firewall Vulnerability 2024-04-12 at 14:31 By Ionut Arghire Palo Alto Networks warns of limited exploitation of a critical command injection vulnerability leading to code execution on firewalls. The post Palo Alto Networks Warns of Exploited Firewall Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

Palo Alto Networks Warns of Exploited Firewall Vulnerability Read More »

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars

D-Link, exploited, IoT Security, Vulnerabilities / SecurityTicks

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars 2024-04-12 at 14:31 By Eduard Kovacs Second identifier, CVE-2024-3272, assigned to unpatched D-Link NAS device vulnerabilities, just as exploitation attempts soar. The post Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars Read More »

Google Pays Out $41,000 for Three Serious Chrome Vulnerabilities

Chrome, Vulnerabilities / SecurityTicks

Google Pays Out $41,000 for Three Serious Chrome Vulnerabilities 2024-04-11 at 15:31 By Ionut Arghire Google releases a Chrome 123 update to resolve three high-severity memory safety vulnerabilities. The post Google Pays Out $41,000 for Three Serious Chrome Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Google Pays Out $41,000 for Three Serious Chrome Vulnerabilities Read More »

Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption

Palo Alto Networks, Vulnerabilities / SecurityTicks

Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption 2024-04-11 at 13:16 By Eduard Kovacs Palo Alto Networks patches several high-severity vulnerabilities, including ones that allow DoS attacks against its firewalls. The post Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption Read More »

Fortinet Patches Critical RCE Vulnerability in FortiClientLinux

Fortinet, Vulnerabilities / SecurityTicks

Fortinet Patches Critical RCE Vulnerability in FortiClientLinux 2024-04-10 at 15:38 By Ionut Arghire Fortinet has released patches for a dozen vulnerabilities, including a critical-severity remote code execution flaw in FortiClientLinux. The post Fortinet Patches Critical RCE Vulnerability in FortiClientLinux appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Fortinet Patches Critical RCE Vulnerability in FortiClientLinux Read More »

Microsoft Patches Two Zero-Days Exploited for Malware Delivery

exploited, Malware & Threats, Vulnerabilities, Zero-Day / SecurityTicks

Microsoft Patches Two Zero-Days Exploited for Malware Delivery 2024-04-10 at 13:27 By Eduard Kovacs Microsoft patches CVE-2024-29988 and CVE-2024-26234, two zero-day vulnerabilities exploited by threat actors to deliver malware. The post Microsoft Patches Two Zero-Days Exploited for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Microsoft Patches Two Zero-Days Exploited for Malware Delivery Read More »

Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers

cloud security, CVE-2024-29990, Kubernetes, Microsoft, Patch Tuesday, Vulnerabilities / SecurityTicks

Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers 2024-04-09 at 22:02 By Ryan Naraine Patch Tuesday: Microsoft warns that unauthenticated hackers can take complete control of Azure Kubernetes clusters. The post Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers Read More »

Patch Tuesday: Code Execution Flaws in Multiple Adobe Software Products

Adobe Commerce, magento, Malware & Threats, Patch Tuesday, Vulnerabilities / SecurityTicks

Patch Tuesday: Code Execution Flaws in Multiple Adobe Software Products 2024-04-09 at 20:47 By Ryan Naraine Adobe calls attention to a pair of code execution bugs in Adobe Commerce and Magento Open Source, a product used to manage online stories. The post Patch Tuesday: Code Execution Flaws in Multiple Adobe Software Products appeared first on SecurityWeek. This

Patch Tuesday: Code Execution Flaws in Multiple Adobe Software Products Read More »

SAP’s April 2024 Updates Patch High-Severity Vulnerabilities

SAP, Vulnerabilities / SecurityTicks

SAP’s April 2024 Updates Patch High-Severity Vulnerabilities 2024-04-09 at 16:46 By Ionut Arghire SAP has released 12 new and updated security notes on April 2024 Security Patch Day, including three notes dealing with high-severity vulnerabilities. The post SAP’s April 2024 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

SAP’s April 2024 Updates Patch High-Severity Vulnerabilities Read More »

Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability

CVE-2024-21894, Ivanti, Network Security, VPN, Vulnerabilities / SecurityTicks

Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability 2024-04-08 at 18:01 By Ionut Arghire Researchers at the Shadowserver Foundation identify thousands of internet-exposed Ivanti VPN appliances likely impacted by a recently disclosed vulnerability leading to remote code execution. The post Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability appeared first on SecurityWeek. This

Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability Read More »

Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits

exploit, Featured, Vulnerabilities / SecurityTicks

Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits 2024-04-08 at 15:46 By Ionut Arghire Crowdfense has announced a $30 million exploit acquisition program covering Android, iOS, Chrome, and Safari zero-days. The post Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits Read More »

Google Adds V8 Sandbox to Chrome

Chrome, sandbox, Vulnerabilities / SecurityTicks

Google Adds V8 Sandbox to Chrome 2024-04-08 at 14:31 By Ionut Arghire Google fights Chrome V8 engine memory safety bugs with a new sandbox and adds it to the bug bounty program. The post Google Adds V8 Sandbox to Chrome appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

Google Adds V8 Sandbox to Chrome Read More »

Cisco Warns of Vulnerability in Discontinued Small Business Routers

Cisco, CVE-2024-20362, KV Botnet, Network Security, routers, Vulnerabilities / SecurityTicks

Cisco Warns of Vulnerability in Discontinued Small Business Routers 2024-04-05 at 19:02 By Ionut Arghire Cisco says it will not release patches for a cross-site scripting vulnerability impacting end-of-life small business routers. The post Cisco Warns of Vulnerability in Discontinued Small Business Routers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

Cisco Warns of Vulnerability in Discontinued Small Business Routers Read More »

Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz

CVE-2023-46805, CVE-2024-21887, Government, Ivanti, Nation-State, Pulse Secure, Vulnerabilities, Zero-Day / SecurityTicks

Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz 2024-04-04 at 22:31 By Ryan Naraine Ivanti releases a carefully scripted YouTube video and an open letter from chief executive Jeff Abbott vowing to fix the entire security organization. The post Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz appeared first on SecurityWeek. This article is an

Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz Read More »