A newly identified vulnerability in Apache OFBiz, the widely adopted open-source enterprise resource planning (ERP) platform, has prompted urgent security advisories due to the potential for unauthorized code execution. Tracked...
Cybersecurity researchers have uncovered two critical security vulnerabilities (CVE-2024-37906 and CVE-2024-38529) in Admidio, a popular open-source user management system used by organizations and groups worldwide. These vulnerabilities could potentially allow...
Security researchers Lukas Maar, Stefan Gast, Martin Unterguggenberger, Mathias Oberhuber, and Stefan Mangard from the Graz University of Technology have discovered a new way to exploit vulnerabilities in the Linux...
A new report from Check Point Research (CPR) reveals that over 20,000 Ubiquiti devices, including the popular G4 Instant Camera and other models, remain susceptible to cyberattacks. The vulnerabilities, stemming...
A security flaw tracked as CVE-2024-7339, has been discovered in a wide range of popular DVR (Digital Video Recorder) devices, including models from TVT, Provision-ISR, AVISION, and others. This vulnerability...
Bitdefender, a leading cybersecurity solutions provider, has issued an urgent patch for a critical vulnerability (CVE-2024-6980) in its GravityZone Update Server. The vulnerability, discovered by Nicolas VERDIER of n1nj4sec, could...
Security researchers have identified a vulnerability, tracked as CVE-2024-7120, in RAISECOM Gateway devices, exposing over 25,000 devices worldwide to potential remote attacks. The flaw, a command injection vulnerability, resides in...
A critical vulnerability (CVE-2024-6220, CVSS 9.8) in the popular Keydatas (简数采集器) WordPress plugin is being actively exploited, putting thousands of websites at risk of complete takeover. This flaw allows unauthenticated...
In recent weeks, security researchers have observed an alarming uptick in scanning attempts for the CVE-2024-32113 vulnerability in Apache OFBiz, a widely used suite of enterprise software tools. The flaw,...
A severe security vulnerability, identified as CVE-2024-41667 and rated with a CVSS score of 8.8, has been discovered in Open Identity Platform OpenAM, a comprehensive access management solution. This flaw...
Dahua Technology, a leading provider of video surveillance solutions, has released a security advisory addressing multiple vulnerabilities in their network video recorders (NVRs) and IP cameras. These vulnerabilities, with CVSS...
A vulnerability in VMware’s ESXi virtualization platform continues to leave thousands of servers exposed to ransomware attacks, despite active exploitation by cybercriminals and warnings from major security organizations. Researchers from...
eWeLink, the popular smart home platform, has issued a critical security advisory warning users of a vulnerability in their cloud service. The flaw, designated as CVE-2024-7205 (CVSS 9.4), could potentially...
A new tool called Specula is transforming Microsoft Outlook from a productivity tool into a potent weapon for cybercriminals. Developed by TrustedSec, Specula allows attackers to remotely execute code on...
Security threat monitoring platform Shadowserver has revealed that 6,284 GeoServer instances exposed to the Internet are vulnerable to critical remote code execution (RCE) attacks. This vulnerability, tracked as CVE-2024-36401, was...
Support Securityonline.info site. Thanks!
