Vulnerabilities

Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks

Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks 26/07/2023 at 17:34 By Ionut Arghire Fortinet has published details on a series of critical- and high-severity vulnerabilities in the Microsoft Message Queuing service. The post Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks appeared first on SecurityWeek. This article is an excerpt […]

Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks Read More »

TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems

TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems 25/07/2023 at 19:32 By Kevin Townsend TETRA:BURST – vulnerabilities in widely used radio standard could threaten military and law enforcement communications, as well as ICS. The post TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems appeared first on SecurityWeek. This article is an

TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems Read More »

AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information

AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information 25/07/2023 at 15:48 By Eduard Kovacs AMD has released microcode patches to address Zenbleed, a vulnerability in its Zen 2 CPUs that can allow an attacker to access sensitive information. The post AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information appeared first on SecurityWeek. This article is

AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information Read More »

Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government

Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government 25/07/2023 at 13:04 By Eduard Kovacs An Ivanti EPMM product zero-day vulnerability tracked as CVE-2023-35078 has been exploited in an attack aimed at the Norwegian government. The post Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government appeared first on SecurityWeek. This article is an excerpt

Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government Read More »

Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks

Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks 25/07/2023 at 03:03 By Ryan Naraine Apple patches another zero-day flaw used in the ‘Operation Triangulation’ exploit chain. iOS and macOS-powered devices are affected. The post Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks appeared first on SecurityWeek. This article is an excerpt

Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks Read More »

Over 20,000 Citrix Appliances Vulnerable to New Exploit

Over 20,000 Citrix Appliances Vulnerable to New Exploit 24/07/2023 at 17:02 By Ionut Arghire Over 20,000 appliances are vulnerable to a new exploit technique targeting a recent Citrix ADC zero-day vulnerability CVE-2023-3519. The post Over 20,000 Citrix Appliances Vulnerable to New Exploit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

Over 20,000 Citrix Appliances Vulnerable to New Exploit Read More »

Perimeter81 Vulnerability Disclosed After Botched Disclosure Process

Perimeter81 Vulnerability Disclosed After Botched Disclosure Process 24/07/2023 at 14:30 By Eduard Kovacs Cybersecurity firm Perimeter81 appears to have botched the responsible disclosure process for a privilege escalation vulnerability found in its macOS application. The post Perimeter81 Vulnerability Disclosed After Botched Disclosure Process appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

Perimeter81 Vulnerability Disclosed After Botched Disclosure Process Read More »

Atlassian Patches Remote Code Execution Vulnerabilities in Confluence, Bamboo

Atlassian Patches Remote Code Execution Vulnerabilities in Confluence, Bamboo 24/07/2023 at 14:30 By Ionut Arghire Atlassian patches high-severity remote code execution vulnerabilities in Confluence and Bamboo products. The post Atlassian Patches Remote Code Execution Vulnerabilities in Confluence, Bamboo appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Atlassian Patches Remote Code Execution Vulnerabilities in Confluence, Bamboo Read More »

OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers

OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers 21/07/2023 at 16:03 By Ionut Arghire Three vulnerabilities in Apache OpenMeetings could be exploited by attackers to take over an administrator account and execute arbitrary code remotely. The post OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers appeared first on SecurityWeek.

OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers Read More »

Citrix Zero-Day Exploited Against Critical Infrastructure Organization

Citrix Zero-Day Exploited Against Critical Infrastructure Organization 21/07/2023 at 13:33 By Eduard Kovacs CISA says the new Citrix zero day vulnerability tracked as CVE-2023-3519 has been exploited against a critical infrastructure organization. The post Citrix Zero-Day Exploited Against Critical Infrastructure Organization appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

Citrix Zero-Day Exploited Against Critical Infrastructure Organization Read More »

New AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of Devices

New AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of Devices 20/07/2023 at 21:18 By Eduard Kovacs Two new serious vulnerabilities in AMI BMC, which is used by millions of devices, can allow attackers to take control of systems and cause physical damage. The post New AMI BMC Flaws Allowing Takeover and

New AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of Devices Read More »

Adobe Releases New Patches for Exploited ColdFusion Vulnerabilities

Adobe Releases New Patches for Exploited ColdFusion Vulnerabilities 20/07/2023 at 12:20 By Eduard Kovacs Adobe releases a second round of patches for recent ColdFusion vulnerabilities, including flaws that have been exploited in attacks. The post Adobe Releases New Patches for Exploited ColdFusion Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

Adobe Releases New Patches for Exploited ColdFusion Vulnerabilities Read More »

Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned

Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned 19/07/2023 at 13:32 By Eduard Kovacs Citrix has patched several vulnerabilities, including CVE-2023-3519, a critical remote code execution zero-day that has been exploited in attacks. The post Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned appeared first on SecurityWeek. This article is an

Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned Read More »

Oracle Releases 508 New Security Patches With July 2023 CPU

Oracle Releases 508 New Security Patches With July 2023 CPU 19/07/2023 at 13:32 By Ionut Arghire Oracle has released 508 new security patches as part of the July 2023 CPU, including more than 70 that address critical vulnerabilities The post Oracle Releases 508 New Security Patches With July 2023 CPU appeared first on SecurityWeek. This

Oracle Releases 508 New Security Patches With July 2023 CPU Read More »

Two New Adobe ColdFusion Vulnerabilities Exploited in Attacks

Two New Adobe ColdFusion Vulnerabilities Exploited in Attacks 18/07/2023 at 14:19 By Eduard Kovacs At least two new Adobe ColdFusion vulnerabilities have been exploited in the wild, including one that has not been completely patched by the software giant. The post Two New Adobe ColdFusion Vulnerabilities Exploited in Attacks appeared first on SecurityWeek. This article

Two New Adobe ColdFusion Vulnerabilities Exploited in Attacks Read More »

Exploitation of ColdFusion Vulnerability Reported as Adobe Patches Another Critical Flaw

Exploitation of ColdFusion Vulnerability Reported as Adobe Patches Another Critical Flaw 17/07/2023 at 13:31 By Ionut Arghire Adobe patches critical code execution vulnerability in ColdFusion for which a proof-of-concept (PoC) blog exists. The post Exploitation of ColdFusion Vulnerability Reported as Adobe Patches Another Critical Flaw appeared first on SecurityWeek. This article is an excerpt from

Exploitation of ColdFusion Vulnerability Reported as Adobe Patches Another Critical Flaw Read More »

Critical Cisco SD-WAN Vulnerability Leads to Information Leaks

Critical Cisco SD-WAN Vulnerability Leads to Information Leaks 14/07/2023 at 15:34 By Ionut Arghire A critical vulnerability in the Cisco SD-WAN vManage software could allow unauthenticated attackers to retrieve information from vulnerable instances. The post Critical Cisco SD-WAN Vulnerability Leads to Information Leaks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

Critical Cisco SD-WAN Vulnerability Leads to Information Leaks Read More »

Hackers Target Reddit Alternative Lemmy via Zero-Day Vulnerability

Hackers Target Reddit Alternative Lemmy via Zero-Day Vulnerability 14/07/2023 at 14:34 By Eduard Kovacs Several instances of the Reddit alternative Lemmy were hacked in recent days by attackers who had exploited a zero-day vulnerability. The post Hackers Target Reddit Alternative Lemmy via Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Hackers Target Reddit Alternative Lemmy via Zero-Day Vulnerability Read More »

Google Researchers Discover In-the-Wild Exploitation of Zimbra Zero-Day

Google Researchers Discover In-the-Wild Exploitation of Zimbra Zero-Day 14/07/2023 at 13:06 By Eduard Kovacs Google researchers have discovered that a Zimbra zero-day vulnerability has been exploited in the wild, with users being advised to manually patch their installations. The post Google Researchers Discover In-the-Wild Exploitation of Zimbra Zero-Day appeared first on SecurityWeek. This article is

Google Researchers Discover In-the-Wild Exploitation of Zimbra Zero-Day Read More »

Scroll to Top