All posts tagged "vulnerability"
-
3.6KVulnerabilitiesCritical RCE Flaw Reported in Spotify’s Backstage Software Catalog and Developer Platform
Spotify’s Backstage has been discovered as vulnerable to a severe security flaw that could be exploited to gain remote code execution by...
-
3.9KVulnerabilitiesPCspooF: New Vulnerability Affects Networking Tech Used by Spacecraft and Aircraft
Credit: Marina Minkin A novel attack method has been disclosed against a crucial piece of technology called time-triggered ethernet (TTE) that’s used...
-
3.6KVulnerabilitiesCitrix Issues Patches for Critical Flaw Affecting ADC and Gateway Products
Citrix has released security updates to address a critical authentication bypass flaw in the application delivery controller (ADC) and Gateway products that...
-
4.5KVulnerabilitiesHigh-Severity Flaw Reported in Critical System Used by Oil and Gas Companies
Cybersecurity researchers have disclosed details of a new vulnerability in a system used across oil and gas organizations that could be exploited...
-
4.0KVulnerabilitiesVMware Warns of 3 New Critical Flaws Affecting Workspace ONE Assist Software
VMware has patched five security flaws affecting its Workspace ONE Assist solution, some of which could be exploited to bypass authentication and...
-
1.3KVulnerabilitiesMicrosoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities
Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments. The tech...
-
151VulnerabilitiesCISA Warns of Critical Vulnerabilities in 3 Industrial Control System Software
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published three Industrial Control Systems (ICS) advisories about multiple vulnerabilities in software from...
-
1.9KVulnerabilitiesMultiple Vulnerabilities Reported in Checkmk IT Infrastructure Monitoring Software
Multiple vulnerabilities have been disclosed in Checkmk IT Infrastructure monitoring software that could be chained together by an unauthenticated, remote attacker to...
-
2.2KVulnerabilitiesOpenSSL Releases Patch for 2 New High-Severity Vulnerabilities
The OpenSSL project has rolled out fixes to contain two high-severity flaws in its widely used cryptography library that could result in...
-
Vulnerabilities
Researchers Disclose Details of Critical ‘CosMiss’ RCE Flaw Affecting Azure Cosmos DB
Microsoft on Tuesday said it addressed an authentication bypass vulnerability in Jupyter Notebooks for Azure Cosmos DB that enabled full read and...
-
3.5KVulnerabilitiesLast Years Open Source – Tomorrow’s Vulnerabilities
Linus Torvalds, the creator of Linux and Git, has his own law in software development, and it goes like this: “given enough...
-
3.0KVulnerabilitiesHackers Actively Exploiting Cisco AnyConnect and GIGABYTE Drivers Vulnerabilities
Cisco has warned of active exploitation attempts targeting a pair of two-year-old security flaws in the Cisco AnyConnect Secure Mobility Client for...
-
1.8KVulnerabilitiesVMware Releases Patch for Critical RCE Flaw in Cloud Foundation Platform
VMware on Tuesday shipped security updates to address a critical security flaw in its VMware Cloud Foundation product. Tracked as CVE-2021-39144, the...
-
3.9KVulnerabilities22-Year-Old Vulnerability Reported in Widely Used SQLite Database Library
A high-severity vulnerability has been disclosed in the SQLite database library, which was introduced as part of a code change dating all...
-
2.3KVulnerabilitiesApple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability
Tech giant Apple on Monday rolled out updates to remediate a zero-day flaw in iOS and iPadOS that it said has been...
-
507VulnerabilitiesHackers Started Exploiting Critical “Text4Shell” Apache Commons Text Vulnerability
WordPress security company Wordfence on Thursday said it started detecting exploitation attempts targeting the newly disclosed flaw in Apache Commons Text on...
-
4.2KVulnerabilitiesCritical RCE Vulnerability Discovered in Popular Cobalt Strike Hacking Software
HelpSystems, the company behind the Cobalt Strike software platform, has released an out-of-band security update to address a remote code execution vulnerability...
-
1.1KVulnerabilitiesResearchers Say Microsoft Office 365 Uses Broken Email Encryption to Secure Messages
New research has disclosed what’s being called a security vulnerability in Microsoft 365 that could be exploited to infer message contents due...
-
3.4KVulnerabilitiesCritical Bug in Siemens SIMATIC PLCs Could Let Attackers Steal Cryptographic Keys
A vulnerability in Siemens Simatic programmable logic controller (PLC) can be exploited to retrieve the hard-coded, global private cryptographic keys and seize...
-
4.7KVulnerabilitiesFortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug
Fortinet on Monday revealed that the newly patched critical security vulnerability impacting its firewall and proxy products is being actively exploited in...
-
598VulnerabilitiesDetails Released for Recently Patched new macOS Archive Utility Vulnerability
Security researchers have shared details about a now-addressed security flaw in Apple’s macOS operating system that could be potentially exploited to run...
