Vulnerability Archives • Page 40 of 192 • Cybersecurity News

CVE-2024-7490: Urgent Warning for IoT Devices Using Microchip ASF, No Patch Available tinydhcp server - CVE-2024-7490

CVE-2024-7490: Urgent Warning for IoT Devices Using Microchip ASF, No Patch Available

do son September 22, 2024

The latest vulnerability disclosure identifies a significant security flaw in the Microchip Advanced Software Framework (ASF), specifically...

Critical Dragonfly2 Flaw CVE-2023-27584: Hardcoded Key Threatens Admin Access

do son September 22, 2024

A serious security flaw has been uncovered in Dragonfly2, an open-source, peer-to-peer-based file distribution and image acceleration...

CVE-2024-8986 (CVSS 9.1): Critical Grafana Plugin SDK Flaw Exposes Sensitive Information CVE-2024-8986 - grafana plugin SDK

CVE-2024-8986 (CVSS 9.1): Critical Grafana Plugin SDK Flaw Exposes Sensitive Information

do son September 22, 2024

In a concerning development for Grafana users, a critical security vulnerability has been discovered in the Grafana...

CVE-2024-8698: Keycloak Vulnerability Puts SAML Authentication at Risk CVE-2024-8698 - Keycloak

CVE-2024-8698: Keycloak Vulnerability Puts SAML Authentication at Risk

do son September 22, 2024

In a concerning development for organizations relying on Keycloak for secure identity and access management, a high-severity...

Versa Networks Exposes Critical API Vulnerability in Versa Director (CVE-2024-45229)

do son September 20, 2024

Versa Networks has issued a security advisory regarding a vulnerability discovered in its Versa Director product, CVE-2024-45229....

Critical Security Flaws in Camaleon CMS Put Web Servers at Risk – Users Urged to Upgrade Immediately Camaleon CMS - CVE-2024-46986

Critical Security Flaws in Camaleon CMS Put Web Servers at Risk – Users Urged to Upgrade Immediately

do son September 20, 2024

In a significant development for website owners and administrators using Camaleon CMS, a critical security update has...

Critical Flaw in Ivanti CSA 4.6: CVE-2024-8963 Actively Exploited, Urgent Upgrade Required

do son September 19, 2024

Ivanti, a leader in enterprise software, has disclosed a critical vulnerability in its Ivanti Connect Secure Appliance...

Ransomware Groups Exploit Veeam Flaw CVE-2023-27532 in Nigerian Cyber Infrastructure Phobos ransomware group

Ransomware Groups Exploit Veeam Flaw CVE-2023-27532 in Nigerian Cyber Infrastructure

do son September 19, 2024

The Nigeria Computer Emergency Response Team (ngCERT) has issued an urgent alert warning of ransomware groups actively...

Tor Project Responds to De-Anonymization Report: Network Remains Secure for Most Users

do son September 19, 2024

In response to an investigative report revealing a law enforcement de-anonymization attack on a Tor user, the...

CVE-2023-48788 Exploited: Researcher Details Cyberattacks on Fortinet EMS Fortinet EMS - CVE-2023-48788

CVE-2023-48788 Exploited: Researcher Details Cyberattacks on Fortinet EMS

do son September 19, 2024

In a concerning new development, cybersecurity researchers at Darktrace have unveiled a report detailing the exploitation of...

Google Warns: Dependency Scanners Often Misreport Vulnerabilities

do son September 19, 2024

The AutoVM team at Google has discovered that dependency scanning tools often mistakenly report vulnerabilities in software....

PoC Exploit Releases for Exploited Vulnerability CVE-2024-8190 in Ivanti Cloud Services Appliance CVE-2024-8190 PoC exploit

PoC Exploit Releases for Exploited Vulnerability CVE-2024-8190 in Ivanti Cloud Services Appliance

do son September 19, 2024

A proof-of-concept (PoC) exploit for CVE-2024-8190, an exploited OS command injection vulnerability in Ivanti Cloud Services Appliance,...

Acronis Backup Plugins Hit by CVE-2024-8767: CVSS 9.9 Severity Alert

do son September 19, 2024

In a recent advisory published on September 16th, data protection powerhouse Acronis disclosed a critical security vulnerability...

Stealthy Persistence: Microsoft Entra ID’s Administrative Units Weaponized Microsoft Entra ID - Sticky Backdoor

Stealthy Persistence: Microsoft Entra ID’s Administrative Units Weaponized

do son September 19, 2024

In recent research, Datadog Security Labs has shed light on a potential security risk within Microsoft Entra...

Sophisticated Cyber Espionage: Earth Baxia Uses CVE-2024-36401 and Cobalt Strike to Infiltrate APAC

do son September 19, 2024

In a recent report from Trend Micro, the cyber espionage group Earth Baxia has been identified targeting...