In a security advisory released today, GitLab, the popular web-based DevOps platform, disclosed several critical vulnerabilities affecting various versions of their Community Edition (CE) and Enterprise Edition (EE) products. The...
Germany’s CERT@VDE has issued a warning about a series of critical security flaws impacting ifm Smart PLC controllers running firmware versions up to 4.3.17. These vulnerabilities, assigned CVEs 2024-28747 through...
Recorded Future’s Insikt Group has exposed “Vortax,” a seemingly legitimate virtual meeting software, as a sophisticated front for a massive malware operation targeting cryptocurrency users. This elaborate scheme, primarily disseminated...
Security researcher Janggggg has disclosed proof-of-concept (PoC) exploit code for three vulnerabilities (CVE-2024-38023, CVE-2024-38024, CVE-2024-38094) in Microsoft SharePoint Server. Although the researcher has not disclosed detailed technical information, the available...
Cloud Software Group, the entity behind Citrix products, has issued a critical security advisory warning users of severe vulnerabilities discovered in their widely-used NetScaler products. The vulnerabilities, tracked as CVE-2024-6235...
OpenVPN, a leading provider of virtual private network (VPN) solutions, has refuted claims of zero-day vulnerabilities in its OpenVPN2 software, alleged to allow an attack named OVPNX. These claims, made...
The Evmos project, renowned for being the first decentralized Ethereum Virtual Machine (EVM) chain on the Cosmos Network, has issued a critical security advisory concerning a severe vulnerability in its...
A recently discovered, severe security vulnerability (CVE-2023-46685) is putting thousands of LevelOne WBR-6013 routers at risk of complete takeover. Cybersecurity researcher Francesco Benvenuto at Talos has uncovered a hard-coded password...
A new, insidious phishing scam impersonating India’s Regional Transport Office (RTO) has been detected, preying on unsuspecting Android users via WhatsApp. The scam, disguised as an official notice about traffic...
Cybersecurity researchers at Morphisec have discovered a critical zero-click remote code execution (RCE) vulnerability, CVE-2024-38021, affecting most Microsoft Outlook applications. This vulnerability allows attackers to execute malicious code on a...
Cybersecurity researchers at Check Point Research have uncovered a novel zero-day exploit that weaponizes seemingly innocuous Windows Internet Shortcut files (.url) to target unsuspecting users. This sophisticated attack resurrects the...
A newly discovered vulnerability in OpenSSH, tracked as CVE-2024-6409, has been found to expose systems to potential remote code execution (RCE) due to a race condition in signal handling. This...
A proof-of-concept (PoC) exploit has been released, targeting a recently patched high-severity vulnerability (CVE-2024-22274) in the VMware vCenter Server. With a CVSS score of 7.2, the flaw allows attackers with...
The Node.js Project has released a security update to address multiple vulnerabilities, including a high-severity flaw that could allow attackers to bypass security measures and execute arbitrary code. The most...
The Apache Software Foundation has issued an urgent security advisory, disclosing two critical vulnerabilities (CVE-2024-38346 and CVE-2024-39864) affecting the widely used open-source cloud computing platform, Apache CloudStack. These vulnerabilities pose...
Support Securityonline.info site. Thanks!
Urgent Security Update: Guix System Patches Critical Vulnerability
October 22, 2024
