Vulnerabilities
-
4.5KResearchers Develop RCE Exploit for the Latest F5 BIG-IP Vulnerability
Days after F5 released patches for a critical remote code execution vulnerability affecting its BIG-IP family of products, security researchers are warning...
-
2.0KQNAP Releases Firmware Patches for 9 New Flaws Affecting NAS Devices
QNAP, Taiwanese maker of network-attached storage (NAS) devices, on Friday released security updates to patch nine security weaknesses, including a critical issue...
-
3.1KGoogle Releases Android Update to Patch Actively Exploited Vulnerability
Google has released monthly security patches for Android with fixes for 37 flaws across different components, one of which is a fix...
-
992Critical TLStorm 2.0 Bugs Affect Widely-Used Aruba and Avaya Network Switches
Cybersecurity researchers have detailed as many as five severe security flaws in the implementation of TLS protocol in several models of Aruba...
-
4.3KWhich Hole to Plug First? Solving Chronic Vulnerability Patching Overload
According to folklore, witches were able to sail in a sieve, a strainer with holes in the bottom. Unfortunately, witches don’t work...
-
2.9KMicrosoft Discovers New Privilege Escalation Flaws in Linux Operating System
Microsoft on Tuesday disclosed a set of two privilege escalation vulnerabilities in the Linux operating system that could potentially allow threat actors...
-
1.2KIranian Hackers Exploiting VMware RCE Bug to Deploy ‘Core Impact’ Backdoor
An Iranian-linked threat actor known as Rocket Kitten has been observed actively exploiting a recently patched VMware vulnerability to gain initial access...
-
3.6KAtlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability
Atlassian has published a security advisory warning of a critical vulnerability in its Jira software that could be abused by a remote,...
-
662Critical remote code execution vulnerability in Atlassian Bitbucket Data Center: Update immediately
This week Atlassian issued a security report announcing the fix of CVE-2022-26133, a remote code execution vulnerability in Atlassian Bitbucket Data Center,...
-
5.0KResearcher Releases PoC for Recent Java Cryptographic Vulnerability
A proof-of-concept (PoC) code demonstrating a newly disclosed digital signature bypass vulnerability in Java has been shared online. The high-severity flaw in...
-
2.2KAWS patches to fix Log4j vulnerabilities could be exploited for privilege escalation or container escape attacks
Cybersecurity specialists from Palo Alto Networks mention that patches released by Amazon Web Services (AWS) to address vulnerabilities in Log4j could be...
-
3.8KNew Oracle update fixes 520 vulnerabilities in 12 products: Three critical flaws with CVSS scores of 10 and 70 flaws with 9.8/10 score
In its quarterly Critical Patch Update (CPU), Oracle has included a total of 520 patches to address all sorts of vulnerabilities. This...
-
3.3KResearchers Detail Bug That Could Paralyze Snort Intrusion Detection System
Details have emerged about a now-patched security vulnerability in the Snort intrusion detection and prevention system that could trigger a denial-of-service (DoS)...
-
4.5KHackers Exploiting Recently Reported Windows Print Spooler Vulnerability in the Wild
A security flaw in the Windows Print Spooler component that was patched by Microsoft in February is being actively exploited in the...
-
4.5K30 vulnerabilities in different Juniper products could allow the total takeover of the affected network. Update immediately
Cybersecurity specialists from Juniper Networks announced the release of multiple security patches to address more than 30 flaws in their products, including...
-
3.6KCritical RCE Flaw Reported in WordPress Elementor Website Builder Plugin
Elementor, a WordPress website builder plugin with over five million active installations, has been found to be vulnerable to an authenticated remote...
-
3.4KCritical VMware Workspace ONE Access Flaw Under Active Exploitation in the Wild
A week after VMware released patches to remediate eight security vulnerabilities in VMware Workspace ONE Access, threat actors have begun to actively...
