Browsing tag
Cisco has released patches to address a critical security flaw impacting Unified Communications and Contact Center Solutions products that could permit an unauthenticated, remote attacker to execute arbitrary code on an affected device. Tracked as CVE-2024-20253 (CVSS score: 9.9), the issue stems from improper processing of user-provided data that a threat actor could abuse to […]
Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that could be exploited to result in program crashes […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors to gain initial access to government servers. “The vulnerability in ColdFusion (CVE-2023-26360) presents as an improper access control issue and exploitation of this CVE can result in arbitrary code execution,” CISA said, adding […]
Two critical security flaws discovered in the open-source CasaOS personal cloud software could be successfully exploited by attackers to achieve arbitrary code execution and take over susceptible systems. The vulnerabilities, tracked as CVE-2023-37265 and CVE-2023-37266, both carry a CVSS score of 9.8 out of a maximum of 10. Sonar security researcher Thomas Chauchefoin, who discovered […]
Cybersecurity researchers today uncovered details of two new vulnerabilities in the GoAhead web server software, a tiny application widely embedded in hundreds of millions of Internet-connected smart devices. One of the two vulnerabilities, assigned as CVE-2019-5096, is a critical code execution flaw that can be exploited by attackers to execute malicious code on vulnerable devices […]
Researchers discovered a previously undetected multi-platform malware called ACbackdoor that has both Linux and Windows Variant to infect the respective users and steal sensitive information. Dubbed ACbackdoor Linux variant has a completely no detection rate while the Windows variant has a higher detection rate than the Linux variant. Researchers believe that the ACbackdoor variant is […]
Cybersecurity researchers from Intego are warning about possible active exploitation of an unpatched security vulnerability in Apple’s macOS Gatekeeper security feature details and PoC for which were publicly disclosed late last month. Intego team last week discovered four samples of new macOS malware on VirusTotal that leverage the GateKeeper bypass vulnerability to execute untrusted code […]
Its time for hackers to hack your PC using malformed video file, yes, critical vulnerabilities in VLC media Player let attackers load specially crafted video files in the vulnerable system to execute the arbitrary code. VideoLAN released a security update for VLC Media player with the fixes for two vulnerabilities that allow attackers to execute […]
Cisco released patches for 34 vulnerabilities affecting multiple products that include 5 critical vulnerabilities, 20 High severity vulnerabilities and 9 medium level vulnerabilities. Critical Vulnerabilities Cisco patched 5 critical Vulnerabilities in FXOS and NX-OS Software that allows attackers to execute a remote arbitrary code that causing a buffer overflow, denial of service (DoS), to read […]