vulnerability

Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers

MongoDB, Vulnerabilities, vulnerability /

Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers 2025-02-21 at 15:21 By Ionut Arghire OPSWAT details two critical vulnerabilities in the Mongoose ODM library for MongoDB leading to remote code execution on the Node.js server. The post Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers appeared first on SecurityWeek. This article is an […]

React to this headline:

Loading spinner

Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers Read More »

Atlassian Patches Critical Vulnerabilities in Confluence, Crowd

Atlassian, patch, Vulnerabilities, vulnerability /

Atlassian Patches Critical Vulnerabilities in Confluence, Crowd 2025-02-20 at 15:40 By Ionut Arghire Atlassian has released patches for 12 critical- and high-severity vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd, and Jira. The post Atlassian Patches Critical Vulnerabilities in Confluence, Crowd appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Atlassian Patches Critical Vulnerabilities in Confluence, Crowd Read More »

PoC Exploit Published for Critical Ivanti EPM Vulnerabilities

Ivanti, PoC, Vulnerabilities, vulnerability /

PoC Exploit Published for Critical Ivanti EPM Vulnerabilities 2025-02-20 at 13:47 By Ionut Arghire Proof-of-concept (PoC) code and technical details on four critical-severity Ivanti EPM vulnerabilities are now available. The post PoC Exploit Published for Critical Ivanti EPM Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

PoC Exploit Published for Critical Ivanti EPM Vulnerabilities Read More »

Chrome 133, Firefox 135 Updates Patch High-Severity Vulnerabilities

Chrome, Firefox, Vulnerabilities, vulnerability /

Chrome 133, Firefox 135 Updates Patch High-Severity Vulnerabilities 2025-02-19 at 15:01 By Ionut Arghire Google and Mozilla resolve high-severity memory safety vulnerabilities with the latest Chrome and Firefox security updates. The post Chrome 133, Firefox 135 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Chrome 133, Firefox 135 Updates Patch High-Severity Vulnerabilities Read More »

Attackers are chaining flaws to breach Palo Alto Networks firewalls

Assetnote, Don't miss, enterprise, GreyNoise, Hot stuff, News, Palo Alto Networks, vulnerability /

Attackers are chaining flaws to breach Palo Alto Networks firewalls 2025-02-19 at 11:03 By Zeljka Zorz Exploitation attempts targeting CVE-2025-0108, a recently disclosed authentication bypass vulnerability affecting the management web interface of Palo Alto Networks’ firewalls, are ramping up. “GreyNoise now sees 25 malicious IPs actively exploiting CVE-2025-0108, up from 2 on February 13,” the

React to this headline:

Loading spinner

Attackers are chaining flaws to breach Palo Alto Networks firewalls Read More »

Critical Vulnerability Patched in Juniper Session Smart Router

Juniper, Vulnerabilities, vulnerability /

Critical Vulnerability Patched in Juniper Session Smart Router 2025-02-18 at 15:34 By Eduard Kovacs A critical vulnerability tracked as CVE-2025-21589 has been patched in Juniper Networks’ Session Smart Router. The post Critical Vulnerability Patched in Juniper Session Smart Router appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Critical Vulnerability Patched in Juniper Session Smart Router Read More »

Xerox Versalink Printer Vulnerabilities Enable Lateral Movement

Endpoint Security, printer, Vulnerabilities, vulnerability, Xerox /

Xerox Versalink Printer Vulnerabilities Enable Lateral Movement 2025-02-17 at 13:03 By Ionut Arghire Xerox released security updates to resolve pass-back attack vulnerabilities in Versalink multifunction printers. The post Xerox Versalink Printer Vulnerabilities Enable Lateral Movement appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Xerox Versalink Printer Vulnerabilities Enable Lateral Movement Read More »

SonicWall Firewall Vulnerability Exploited After PoC Publication

exploited, firewall, SonicWall, Vulnerabilities, vulnerability /

SonicWall Firewall Vulnerability Exploited After PoC Publication 2025-02-14 at 14:36 By Ionut Arghire The exploitation of a recent SonicWall vulnerability has started shortly after proof-of-concept (PoC) code was published. The post SonicWall Firewall Vulnerability Exploited After PoC Publication appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

SonicWall Firewall Vulnerability Exploited After PoC Publication Read More »

Palo Alto Networks Patches Potentially Serious Firewall Vulnerability

firewall, Palo Alto Networks, PAN-OS, Vulnerabilities, vulnerability /

Palo Alto Networks Patches Potentially Serious Firewall Vulnerability 2025-02-13 at 14:05 By Eduard Kovacs Palo Alto Networks has published 10 new security advisories, including one for a high-severity firewall authentication bypass vulnerability. The post Palo Alto Networks Patches Potentially Serious Firewall Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Palo Alto Networks Patches Potentially Serious Firewall Vulnerability Read More »

CISA Updates Known Exploited Vulnerabilities Catalog with Four Critical Issues

CISA, Exploited Vulnerabilities, vulnerability /

CISA Updates Known Exploited Vulnerabilities Catalog with Four Critical Issues 2025-02-13 at 13:49 By daksh sharma In a recent update to its Known Exploited Vulnerabilities Catalog, the Cybersecurity and Infrastructure Security Agency (CISA) has added four security vulnerabilities that are currently under active exploitation. These vulnerabilities span across multiple platforms and pose substantial security risks

React to this headline:

Loading spinner

CISA Updates Known Exploited Vulnerabilities Catalog with Four Critical Issues Read More »

Exploitation of Old ThinkPHP, OwnCloud Vulnerabilities Surges

exploited, ownCloud, ThinkPHP, Vulnerabilities, vulnerability /

Exploitation of Old ThinkPHP, OwnCloud Vulnerabilities Surges 2025-02-13 at 13:33 By Ionut Arghire Threat actors are increasingly exploiting two old vulnerabilities in ThinkPHP and OwnCloud in their attacks. The post Exploitation of Old ThinkPHP, OwnCloud Vulnerabilities Surges appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Exploitation of Old ThinkPHP, OwnCloud Vulnerabilities Surges Read More »

Cyble Warns of Exposed Medical Imaging, Asset Management Systems

medical imaging, Orthanc, vulnerability /

Cyble Warns of Exposed Medical Imaging, Asset Management Systems 2025-02-13 at 13:18 By daksh sharma Overview Cyble’s weekly industrial control system (ICS) vulnerability report to clients warned about internet-facing medical imaging and critical infrastructure asset management systems that could be vulnerable to cyberattacks. The report examined six ICS, operational technology (OT), and Supervisory Control and

React to this headline:

Loading spinner

Cyble Warns of Exposed Medical Imaging, Asset Management Systems Read More »

Google Pays Out $55,000 Bug Bounty for Chrome Vulnerability

Chrome, Vulnerabilities, vulnerability /

Google Pays Out $55,000 Bug Bounty for Chrome Vulnerability 2025-02-13 at 13:00 By Ionut Arghire Google has released a Chrome 133 update to address four high-severity vulnerabilities reported by external researchers. The post Google Pays Out $55,000 Bug Bounty for Chrome Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Google Pays Out $55,000 Bug Bounty for Chrome Vulnerability Read More »

Cyble Warns of Patient Monitor Risk in ICS Vulnerability Report

ICS Vulnerability, vulnerability /

Cyble Warns of Patient Monitor Risk in ICS Vulnerability Report 2025-02-13 at 06:19 By daksh sharma Cyble’s weekly industrial control system (ICS) vulnerability report to clients included a warning about a severe vulnerability in a patient monitor that could potentially compromise patient safety. In all, the report covered 36 ICS, operational technology (OT) and Supervisory

React to this headline:

Loading spinner

Cyble Warns of Patient Monitor Risk in ICS Vulnerability Report Read More »

Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities

Fortinet, Ivanti, patch, Vulnerabilities, vulnerability /

Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities 2025-02-12 at 15:45 By Ionut Arghire Ivanti and Fortinet on Tuesday released patches for multiple critical- and high-severity vulnerabilities in their products. The post Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities Read More »

High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attacks

OpenSSL, Vulnerabilities, vulnerability /

High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attacks 2025-02-11 at 20:09 By Eduard Kovacs OpenSSL has patched CVE-2024-12797, a high-severity vulnerability found by Apple that can allow man-in-the-middle attacks. The post High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attacks Read More »

SAP Releases 21 Security Patches

Patch Tuesday, SAP, Vulnerabilities, vulnerability /

SAP Releases 21 Security Patches 2025-02-11 at 19:22 By Ionut Arghire SAP has released 19 new and two updated security notes on its February 2025 patch day, including six notes for high-severity vulnerabilities. The post SAP Releases 21 Security Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

SAP Releases 21 Security Patches Read More »

Intel Patched 374 Vulnerabilities in 2024

Intel, Vulnerabilities, vulnerability /

Intel Patched 374 Vulnerabilities in 2024 2025-02-11 at 14:50 By Ionut Arghire Intel says roughly 100 of the 374 vulnerabilities it patched last year were firmware and hardware security defects. The post Intel Patched 374 Vulnerabilities in 2024 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Intel Patched 374 Vulnerabilities in 2024 Read More »

Orthanc Server Vulnerability Poses Risk to Medical Data, Healthcare Operations

healthcare, ICS/OT, medical, Orthanc, OT, vulnerability /

Orthanc Server Vulnerability Poses Risk to Medical Data, Healthcare Operations 2025-02-10 at 15:08 By Eduard Kovacs A critical vulnerability found in Orthanc servers can pose a serious risk to medical data and healthcare operations. The post Orthanc Server Vulnerability Poses Risk to Medical Data, Healthcare Operations appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Orthanc Server Vulnerability Poses Risk to Medical Data, Healthcare Operations Read More »

Swap EOL Zyxel routers, upgrade Netgear ones!

access point, Don't miss, Hot stuff, Netgear, News, router, security update, VulnCheck, vulnerability, Zyxel /

Swap EOL Zyxel routers, upgrade Netgear ones! 2025-02-05 at 16:18 By Zeljka Zorz There will be no patches for EOL Zyxel routers under attack via CVE-2024-40891, the company has confirmed. Meanwhile, Netgear has issued patches for critical flaws affecting its routers and wireless access points. Zyxel vulnerability: Exploited, no patches CVE-2024-40891, a command injection vulnerability

React to this headline:

Loading spinner

Swap EOL Zyxel routers, upgrade Netgear ones! Read More »

Scroll to Top