Vulnerability Archives • Page 131 of 193 • Cybersecurity News

CVE-2023-36741: An Elevation of Privilege Vulnerability in Microsoft Edge (Chromium-based)

do son August 28, 2023

Designated as CVE-2023-36741 and bearing a CVSS score of 8.3, the vulnerability identified within the Chromium-based Microsoft...

Microsoft Releases Mitigation Notes for Windows Downfall Vulnerability Mitigation Downfall Vulnerability

Microsoft Releases Mitigation Notes for Windows Downfall Vulnerability

do son August 28, 2023

At the onset of this month, security researchers under Google’s aegis revealed a new transient execution vulnerability...

CVE-2023-41080: Apache Tomcat Open Redirect Vulnerability

do son August 26, 2023

Web servers are at the heart of our online experiences. They serve web pages, host web applications,...

CVE-2023-41106: Zimbra Collaboration Suite Vulnerability Could Allow Unauthenticated Access

do son August 24, 2023

A critical security vulnerability has been discovered in the Zimbra Collaboration Suite that could allow an unauthenticated...

CVE-2023-32315 & CVE-2023-38831 Vulnerabilities Actively Exploited, CISA Requires Patches by September 14

do son August 24, 2023

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical security vulnerabilities to its Known...

CVE-2023-40217: A High Severity Vulnerability in Python’s SSLSocket

do son August 24, 2023

A critical security vulnerability has been discovered in Python’s SSLSocket module. This vulnerability, CVE-2023-40217, allows an attacker...

CISA Alert: CVE-2023-27532 & CVE-2023-38035 Vulnerabilities Being Exploited in Attacks CVE-2023-27532 & CVE-2024-37383

CISA Alert: CVE-2023-27532 & CVE-2023-38035 Vulnerabilities Being Exploited in Attacks

do son August 23, 2023

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical vulnerabilities impacting Veeam Backup &...

CVE-2023-39026: FileMage Gateway Directory Traversal Vulnerability

do son August 23, 2023

A critical security vulnerability has been identified in FileMage Gateway, a cloud-based file transfer solution. The vulnerability,...

CVE-2023-32184: openSUSE Welcome Privilege Escalation Vulnerability

do son August 23, 2023

A local privilege escalation vulnerability, labeled CVE-2023-32184, has been discovered in openSUSE Welcome, a small Qt program...

WordPress custom field plugin bug (CVE-2023-40068) exposes 1M sites to XSS attacks

do son August 21, 2023

A cross-site scripting (XSS) vulnerability has been found in the Advanced Custom Fields (ACF) and Advanced Custom...

CISA warns of critical Adobe ColdFusion flaw (CVE-2023-26359) exploited in the wild

do son August 21, 2023

The Cybersecurity & Infrastructure Security Agency (CISA), a key player in ensuring America’s cyber front remains secure,...

CVE-2023-38035: Ivanti Sentry API Authentication Bypass Vulnerability Being Exploited in the Wild

do son August 21, 2023

Ivanti, a US-based IT software company, has warned customers that a critical vulnerability in its Sentry API...

CVE-2022-46751: Apache Ivy XML External Entity Injections Vulnerability

do son August 20, 2023

Apache Ivy is a popular dependency manager used by many software projects. However, a vulnerability -CVE-2022-46751- in...

PoC exploit for 0-day Windows Error Reporting Service bug (CVE-2023-36874) releases CVE-2023-36874 PoC

PoC exploit for 0-day Windows Error Reporting Service bug (CVE-2023-36874) releases

do son August 20, 2023

Proof-of-concept (PoC) exploit code will be released for a zero-day vulnerability (CVE-2023-36874) allowing privilege escalation in Microsoft...

CVE-2023-40477: WinRAR Code Execution Vulnerability

do son August 18, 2023

WinRAR is a popular file archiver program that is used by millions of people around the world....