vulnerability

CISA Adds Progress WhatsUp Gold and MSHTML Vulnerabilities to Known Exploited Vulnerabilities Catalog

MSHTML, vulnerability, WhatsUp Gold /

CISA Adds Progress WhatsUp Gold and MSHTML Vulnerabilities to Known Exploited Vulnerabilities Catalog 2024-09-19 at 09:18 By dakshsharma16 Key Takeaways Overview The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added vulnerabilities affecting the Microsoft Windows MSHTML Platform and Progress WhatsUp Gold network monitoring solution to its Known Exploited Vulnerabilities catalog (KEV) after proofs of […]

React to this headline:

Loading spinner

CISA Adds Progress WhatsUp Gold and MSHTML Vulnerabilities to Known Exploited Vulnerabilities Catalog Read More »

Top ICS Vulnerabilities This Week: Critical Bugs in Rockwell Automation, Siemens, and Viessmann

Rockwell Automation, Siemens, Threat Intelligence, Viessmann, vulnerability /

Top ICS Vulnerabilities This Week: Critical Bugs in Rockwell Automation, Siemens, and Viessmann 2024-09-19 at 09:18 By dakshsharma16 Key Takeaways Overview Cyble Research and Intelligence Labs (CRIL) has observed multiple vulnerabilities in its Weekly Industrial Control System (ICS) Vulnerability Intelligence Report. This report provides a comprehensive overview of critical vulnerabilities disclosed from September 10 to September

React to this headline:

Loading spinner

Top ICS Vulnerabilities This Week: Critical Bugs in Rockwell Automation, Siemens, and Viessmann Read More »

Top ICS Vulnerabilities This Week: Critical Bugs in Rockwell Automation, Siemens, and Viessmann

Rockwell Automation, Siemens, Threat Intelligence, Viessmann, vulnerability /

Top ICS Vulnerabilities This Week: Critical Bugs in Rockwell Automation, Siemens, and Viessmann 2024-09-18 at 22:31 By dakshsharma16 Key Takeaways Overview Cyble Research and Intelligence Labs (CRIL) has observed multiple vulnerabilities in its Weekly Industrial Control System (ICS) Vulnerability Intelligence Report. This report provides a comprehensive overview of critical vulnerabilities disclosed from September 10 to September

React to this headline:

Loading spinner

Top ICS Vulnerabilities This Week: Critical Bugs in Rockwell Automation, Siemens, and Viessmann Read More »

Chrome 129 Patches High-Severity Vulnerability in V8 Engine

Chrome, Vulnerabilities, vulnerability /

Chrome 129 Patches High-Severity Vulnerability in V8 Engine 2024-09-18 at 15:31 By Ionut Arghire Google has released Chrome 129 with patches for nine vulnerabilities, including a high-severity bug in the V8 engine. The post Chrome 129 Patches High-Severity Vulnerability in V8 Engine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Chrome 129 Patches High-Severity Vulnerability in V8 Engine Read More »

CISA Adds Progress WhatsUp Gold and MSHTML Vulnerabilities to Known Exploited Vulnerabilities Catalog

MSHTML, vulnerability, WhatsUp Gold /

CISA Adds Progress WhatsUp Gold and MSHTML Vulnerabilities to Known Exploited Vulnerabilities Catalog 2024-09-17 at 22:16 By dakshsharma16 Key Takeaways Overview The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added vulnerabilities affecting the Microsoft Windows MSHTML Platform and Progress WhatsUp Gold network monitoring solution to its Known Exploited Vulnerabilities catalog (KEV) after proofs of

React to this headline:

Loading spinner

CISA Adds Progress WhatsUp Gold and MSHTML Vulnerabilities to Known Exploited Vulnerabilities Catalog Read More »

CERT India reports vulnerabilities in multiple QNAP products

CVE-2023-34974, Network-Attached Storage, QNAP, vulnerability /

CERT India reports vulnerabilities in multiple QNAP products 2024-09-17 at 19:16 By dakshsharma16 Earlier today, CERT India (CERT-In) released an advisory announcing multiple vulnerabilities in various QNAP products. QNAP is best known for the Network-Attached Storage (NAS) systems used by firms with their enterprise environments. This batch of vulnerabilities primarily affects the QTS and QuTS

React to this headline:

Loading spinner

CERT India reports vulnerabilities in multiple QNAP products Read More »

Dependency Confusion Could Have Led to RCE in Google Cloud Platform

Cloud, cloud security, CloudImposer, Google Cloud, vulnerability /

Dependency Confusion Could Have Led to RCE in Google Cloud Platform 2024-09-17 at 16:25 By Ionut Arghire Tenable shares details on a dependency confusion attack that led to the execution of code on Google’s internal servers. The post Dependency Confusion Could Have Led to RCE in Google Cloud Platform appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Dependency Confusion Could Have Led to RCE in Google Cloud Platform Read More »

PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190)

CVE, Don't miss, enterprise, Horizon3.ai, Hot stuff, Ivanti, News, PoC, secure communications, vulnerability /

PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190) 2024-09-17 at 13:02 By Zeljka Zorz CVE-2024-8190, an OS command injection vulnerability in Ivanti Cloud Services Appliance (CSA) v4.6, is under active exploitation. Details about the attacks are still unknown, but there may be more in the near future: Horizon3.ai researchers have published their

React to this headline:

Loading spinner

PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190) Read More »

CISA Adds Ivanti Cloud Services Appliance Vulnerability to Known Exploited Vulnerabilities Catalog (CVE-2024-8190)

vulnerability /

CISA Adds Ivanti Cloud Services Appliance Vulnerability to Known Exploited Vulnerabilities Catalog (CVE-2024-8190) 2024-09-16 at 17:01 By Cyble Overview  The Cybersecurity and Infrastructure Security Agency (CISA) has recently included a security flaw in Ivanti Cloud Services Appliance (CSA) in its Known Exploited Vulnerabilities (KEV) catalog. This newly cataloged vulnerability, identified as CVE-2024-8190, involves an OS

React to this headline:

Loading spinner

CISA Adds Ivanti Cloud Services Appliance Vulnerability to Known Exploited Vulnerabilities Catalog (CVE-2024-8190) Read More »

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)

0-day, APT, Check Point, CVE, Don't miss, Hot stuff, Microsoft, News, security update, Trend Micro, vulnerability, Windows /

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461) 2024-09-16 at 15:46 By Zeljka Zorz CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering render web pages on Windows – “was exploited as a part of an attack chain relating to CVE-2024-38112, prior to July 2024,”

React to this headline:

Loading spinner

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461) Read More »

SolarWinds Patches Critical Vulnerability in Access Rights Manager

SolarWinds, Vulnerabilities, vulnerability /

SolarWinds Patches Critical Vulnerability in Access Rights Manager 2024-09-16 at 12:31 By Ionut Arghire SolarWinds has announced patches for a critical-severity remote code execution vulnerability in Access Rights Manager. The post SolarWinds Patches Critical Vulnerability in Access Rights Manager appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

SolarWinds Patches Critical Vulnerability in Access Rights Manager Read More »

GitLab Community and Enterprise Editions Receive New Updates to Mitigate Severe Security Risks 

vulnerability /

GitLab Community and Enterprise Editions Receive New Updates to Mitigate Severe Security Risks  2024-09-16 at 09:46 By Cyble GitLab has rolled out essential patch updates for both its Community Edition (CE) and Enterprise Edition (EE), targeting multiple security vulnerabilities and system bugs. These critical updates are crucial for addressing high-severity issues that could jeopardize the

React to this headline:

Loading spinner

GitLab Community and Enterprise Editions Receive New Updates to Mitigate Severe Security Risks  Read More »

GitLab Updates Resolve Critical Pipeline Execution Vulnerability

GitLab, Vulnerabilities, vulnerability /

GitLab Updates Resolve Critical Pipeline Execution Vulnerability 2024-09-13 at 12:16 By Ionut Arghire GitLab has released security updates to resolve multiple vulnerabilities in GitLab CE/EE, including a critical-severity pipeline execution flaw. The post GitLab Updates Resolve Critical Pipeline Execution Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

GitLab Updates Resolve Critical Pipeline Execution Vulnerability Read More »

Palo Alto Networks Patches Dozens of Vulnerabilities 

Palo Alto Networks, Vulnerabilities, vulnerability /

Palo Alto Networks Patches Dozens of Vulnerabilities  2024-09-12 at 16:46 By Eduard Kovacs Palo Alto Networks has fixed medium- and high-severity vulnerabilities in PAN-OS, Cortex XDR, ActiveMQ Content Pack, and Prisma Access Browser. The post Palo Alto Networks Patches Dozens of Vulnerabilities  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Palo Alto Networks Patches Dozens of Vulnerabilities  Read More »

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869)

Adobe, Adobe Reader, Check Point, Don't miss, Expmon, Hot stuff, News, PoC, security update, vulnerability /

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869) 2024-09-12 at 15:16 By Zeljka Zorz Among the security updates released by Adobe on Tuesday are those for various versions of Adobe Acrobat and Reader, which fix two critical flaws that could lead to arbitrary code execution: CVE-2024-45112 and CVE-2024-41869. Nothing in the advisory

React to this headline:

Loading spinner

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869) Read More »

Intel Informs Customers About Over a Dozen Processor Vulnerabilities

Chipmaker Patch Tuesday, Intel, Vulnerabilities, vulnerability /

Intel Informs Customers About Over a Dozen Processor Vulnerabilities 2024-09-11 at 17:16 By Eduard Kovacs Intel on Tuesday published advisories covering more than 20 vulnerabilities affecting processors and other products. The post Intel Informs Customers About Over a Dozen Processor Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Intel Informs Customers About Over a Dozen Processor Vulnerabilities Read More »

Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847)

CVE, Don't miss, endpoint management, Hot stuff, Ivanti, News, vulnerability /

Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847) 2024-09-11 at 15:02 By Zeljka Zorz Ivanti has fixed a slew of vulnerabilities affecting its Endpoint Manager solution, including a maximum severity one (CVE-2024-29847) that may allow unauthenticated attackers to remotely execute code in the context of the vulnerable system, and use it as a beachhead for

React to this headline:

Loading spinner

Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847) Read More »

Ivanti Patches Critical Vulnerabilities in Endpoint Manager

Ivanti, Vulnerabilities, vulnerability /

Ivanti Patches Critical Vulnerabilities in Endpoint Manager 2024-09-11 at 14:01 By Ionut Arghire Ivanti has released patches for multiple vulnerabilities in Endpoint Manager, Cloud Service Appliance, and Workspace Control. The post Ivanti Patches Critical Vulnerabilities in Endpoint Manager appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Ivanti Patches Critical Vulnerabilities in Endpoint Manager Read More »

Chrome 128 Update Resolves High-Severity Vulnerabilities

Chrome, Vulnerabilities, vulnerability /

Chrome 128 Update Resolves High-Severity Vulnerabilities 2024-09-11 at 12:16 By Ionut Arghire Google has released a Chrome 128 security update to resolve high-severity memory safety vulnerabilities. The post Chrome 128 Update Resolves High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Chrome 128 Update Resolves High-Severity Vulnerabilities Read More »

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes

0-day, CVE, Don't miss, Elastic, Hot stuff, Immersive Labs, News, Patch Tuesday, SharePoint, Tenable, Trend Micro, vulnerability, Windows /

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes 2024-09-10 at 22:46 By Zeljka Zorz September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, CVE-2024-43461) exploited by attackers in the wild, and a Windows 10 code defect

React to this headline:

Loading spinner

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes Read More »

Scroll to Top