Vulnerability Archives • Page 61 of 190 • Daily CyberSecurity

CVE-2024-31141: Apache Kafka Vulnerability Exposes User Data to Potential Attackers Kafka Authentication Bypass JWT Signature Validation Apache Kafka - CVE-2024-27309 & CVE-2024-31141

Kafka Authentication Bypass JWT Signature Validation Apache Kafka - CVE-2024-27309 & CVE-2024-31141

CVE-2024-31141: Apache Kafka Vulnerability Exposes User Data to Potential Attackers

Ddos November 18, 2024

A newly discovered vulnerability in Apache Kafka, the popular open-source event streaming platform, could allow attackers to...

Critical Vulnerabilities Found in Baxter Life2000 Ventilation System WAGO, vulnerability, industrial automation BlockBlasters, Steam malware Baxter Life2000 Ventilation System - CVE-2024-48966

WAGO, vulnerability, industrial automation BlockBlasters, Steam malware Baxter Life2000 Ventilation System - CVE-2024-48966

Critical Vulnerabilities Found in Baxter Life2000 Ventilation System

Ddos November 18, 2024

The Baxter Life2000 Ventilation System, a key healthcare device used in critical infrastructure sectors, has been found...

CVE-2024-0012 and CVE-2024-9474: Actively Exploited Vulnerabilities Impact Palo Alto Networks PAN-OS

Ddos November 18, 2024

Palo Alto Networks has issued critical advisories regarding two actively exploited vulnerabilities in their PAN-OS software, posing...

Critical Vulnerabilities in Citrix Virtual Apps and Desktops Actively Exploited CVE-2024-8068 & CVE-2024-8069 - Citrix Session Recording Manager

CVE-2024-8068 & CVE-2024-8069 - Citrix Session Recording Manager

Critical Vulnerabilities in Citrix Virtual Apps and Desktops Actively Exploited

Ddos November 18, 2024

Two vulnerabilities in Citrix’s “Virtual Apps and Desktops” remote access solution, CVE-2024-8068 and CVE-2024-8069, are actively being...

PoC Exploit Releases for Zero-Day CVE-2024-47575 Flaw in Fortinet FortiManager CVE-2024-47575 PoC exploit

PoC Exploit Releases for Zero-Day CVE-2024-47575 Flaw in Fortinet FortiManager

Ddos November 17, 2024

Security researcher Sina Kheirkhah from watchTowr recently published technical details and a proof-of-concept (PoC) exploit for a...

Sonatype Nexus Repository 2 Hit By RCE (CVE-2024-5082) and XSS (CVE-2024-5083) Flaws Nexus Repository RCE Supply Chain Security Nexus Repository Manager - CVE-2024-5082 & CVE-2024-5083

Sonatype Nexus Repository 2 Hit By RCE (CVE-2024-5082) and XSS (CVE-2024-5083) Flaws

Ddos November 17, 2024

Sonatype has issued two security advisories for its Nexus Repository Manager 2.x, a popular repository manager used...

PostgreSQL Releases Security Update Addressing Multiple Vulnerabilities PostgreSQL Security Update 2026 PostgreSQL CVE-2026-6637 Patch CVE-2024-10979 PostgreSQL vulnerability

PostgreSQL Security Update 2026 PostgreSQL CVE-2026-6637 Patch CVE-2024-10979 PostgreSQL vulnerability

PostgreSQL Releases Security Update Addressing Multiple Vulnerabilities

Ddos November 17, 2024

The PostgreSQL Global Development Group has issued an important update addressing four security vulnerabilities across all supported...

CVE-2024-10217 & CVE-2024-10218: TIBCO Hawk Faces Critical Security Risks TIBCO Operational Intelligence Hawk - CVE-2024-10217 & CVE-2024-10218

CVE-2024-10217 & CVE-2024-10218: TIBCO Hawk Faces Critical Security Risks

Ddos November 17, 2024

TIBCO, a prominent provider of enterprise integration and management software, has issued urgent security advisories addressing two...

Apache Traffic Server Patches Critical Vulnerabilities in Latest Release Apache Traffic Server - CVE-2024-50306

Apache Traffic Server Patches Critical Vulnerabilities in Latest Release

Ddos November 17, 2024

The Apache Software Foundation has released a security update for Apache Traffic Server, addressing three critical vulnerabilities...

CVE-2024-8856: WP Time Capsule Plugin Vulnerability Exposes 20,000+ Sites to TakeOver Backup and Staging - CVE-2024-8856

CVE-2024-8856: WP Time Capsule Plugin Vulnerability Exposes 20,000+ Sites to TakeOver

Ddos November 16, 2024

A high-severity vulnerability in WP Time Capsule, a popular WordPress backup plugin, has left over 20,000 websites...

CVE-2024-45784: Apache Airflow Vulnerability Exposes Sensitive Data in Logs Airflow Credential Leak, UI Redaction Failure CVE-2024-39877 & CVE-2024-45784 Airflow Connection Leak, CVE-2025-54831

Airflow Credential Leak, UI Redaction Failure CVE-2024-39877 & CVE-2024-45784 Airflow Connection Leak, CVE-2025-54831

CVE-2024-45784: Apache Airflow Vulnerability Exposes Sensitive Data in Logs

Ddos November 16, 2024

A vulnerability in the popular workflow management platform Apache Airflow could inadvertently expose sensitive configuration data, potentially...

Zero-Day Vulnerability in FortiClient Exploited by BrazenBamboo APT BrazenBamboo - DEEPPOST malware

Zero-Day Vulnerability in FortiClient Exploited by BrazenBamboo APT

Ddos November 15, 2024

Cybersecurity firm Volexity has uncovered a zero-day vulnerability in Fortinet’s Windows VPN client, FortiClient, being exploited by...

CVE-2024-49369 (CVSS 9.8): Critical Flaw in Icinga 2 Allows for Impersonation and RCE

Ddos November 15, 2024

Icinga releases urgent security updates to address a critical TLS certificate validation bypass vulnerability affecting all versions...

Palo Alto Networks Raises Alarm on Firewall Vulnerability Following Active Exploitation Palo Alto Networks Exploitation

Palo Alto Networks Raises Alarm on Firewall Vulnerability Following Active Exploitation

Ddos November 15, 2024

Today, Palo Alto Networks, a leading cybersecurity firm, has issued an urgent update to a recent security...

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

CVE-2024-11120 (CVSS 9.8): OS Command Injection Flaw in GeoVision Devices Actively Exploited, No Patch

Ddos November 15, 2024

The Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) has issued a warning about an actively...

Synology Issues Patches for Critical Camera Flaws Discovered at Pwn2Own Synology vulnerability

Synology Issues Patches for Critical Camera Flaws Discovered at Pwn2Own

Ddos November 14, 2024

Synology, a leading provider of network-attached storage (NAS) solutions, has released urgent security updates to address multiple...

Critical Laravel Flaw (CVE-2024-52301) Exposes Millions of Web Applications to Attack

Ddos November 14, 2024

A critical security vulnerability, CVE-2024-52301, has been identified in the Laravel framework, a popular web application framework...

CVE-2024-10924 (CVSS 9.8): Authentication Bypass in Really Simple Security Plugin Affects 4 Million Sites

Ddos November 14, 2024

The Wordfence Threat Intelligence team identified a severe authentication bypass vulnerability (CVE-2024-10924) in the Really Simple Security...

CISA Flags Critical Exploits in Palo Alto Networks’ Expedition with Public PoC Code DELMIA Apriso RCE, CISA KEV Exploitation ServiceNow Vulnerabilities

DELMIA Apriso RCE, CISA KEV Exploitation ServiceNow Vulnerabilities

CISA Flags Critical Exploits in Palo Alto Networks’ Expedition with Public PoC Code

Ddos November 14, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about two critical vulnerabilities in...

macOS Security Compromised: Novel Exploit Bypasses Sandbox Protections

Ddos November 14, 2024

A newly discovered vulnerability in macOS could allow attackers to bypass critical security mechanisms and gain unauthorized...

Critical Alert 1 Active Exploit Detected Today