Vulnerability Archives • Page 82 of 190 • Daily CyberSecurity

CISA Warns of Actively Exploited Apache OFBiz CVE-2024-38856 Vulnerability, PoC Available CVE-2024-38856 Apache OFBiz vulnerability

CISA Warns of Actively Exploited Apache OFBiz CVE-2024-38856 Vulnerability, PoC Available

Ddos August 27, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about an actively exploited...

Chinese Hackers Deploy VersaMem Web Shell via Versa Director Zero-Day (CVE-2024-39717)

Ddos August 27, 2024

Black Lotus Labs, a threat intelligence team within Lumen Technologies, has uncovered the active exploitation of a...

CVE-2024-31214 & CVE-2024-24809: Traccar Users Urged to Update Immediately CVE-2024-24809 & CVE-2024-31214 Traccar

CVE-2024-31214 & CVE-2024-24809: Traccar Users Urged to Update Immediately

Ddos August 27, 2024

Two critical vulnerabilities have been discovered in the popular GPS tracking system Traccar, which is used for...

CVE-2024-42531 (CVSS 9.8): Ezviz Camera Flaw Exposes Live Feeds to Unauthenticated Access CVE-2024-42531 Ezviz Internet PT Camera

CVE-2024-42531 (CVSS 9.8): Ezviz Camera Flaw Exposes Live Feeds to Unauthenticated Access

Ddos August 26, 2024

A critical vulnerability, identified as CVE-2024-42531 and rated with a CVSS score of 9.8 (Critical), has been...

Zero-Click Windows RCE Threat: Researcher Publishes PoC Exploit for CVE-2024-38063 CVE-2024-38063 PoC exploit

Zero-Click Windows RCE Threat: Researcher Publishes PoC Exploit for CVE-2024-38063

Ddos August 26, 2024

In a significant development for cybersecurity professionals, security researcher Ynwarcs has published an in-depth analysis and proof-of-concept...

CVE-2024-6386 (CVSS 9.9) in WPML Plugin Exposes Millions of WordPress Sites to RCE Attacks

Ddos August 26, 2024

A severe security flaw (CVE-2024-6386, CVSS 9.9) has been discovered in the widely-used WPML plugin for WordPress,...

Google Chrome Faces Double Blow with New Zero-Day Flaw Exploits: CVE-2024-7965 and CVE-2024-7971

Ddos August 26, 2024

In a significant update to its security advisory, Google has confirmed that CVE-2024-7965, a high-severity zero-day vulnerability...

Digital Wallets: Unveiling Critical Security Risks

Ddos August 26, 2024

A group of security researchers has uncovered vulnerabilities in Apple Pay, Google Pay, and PayPal systems, which...

Centreon Issues Critical Security Update: SQL Injection Vulnerabilities Threaten IT Monitoring Centreon RCE CVE-2026-2749 CVE-2024-33852 & CVE-2024-33853 Centreon Web

Centreon RCE CVE-2026-2749 CVE-2024-33852 & CVE-2024-33853 Centreon Web

Centreon Issues Critical Security Update: SQL Injection Vulnerabilities Threaten IT Monitoring

Ddos August 26, 2024

Centreon, a widely-used open-source monitoring solution, has issued a critical security bulletin addressing multiple SQL injection vulnerabilities...

Hillstone Networks Addresses Critical RCE Vulnerability in WAF (CVE-2024-8073, CVSS 9.8) CVE-2024-8073 Hillstone Networks Web Application Firewall

CVE-2024-8073 Hillstone Networks Web Application Firewall

Hillstone Networks Addresses Critical RCE Vulnerability in WAF (CVE-2024-8073, CVSS 9.8)

Ddos August 26, 2024

Hillstone Networks, a global leader in network security solutions, has released a security advisory addressing a critical...

Hacking the Hacker: Researcher Found Critical Flaw (CVE-2024-45163) in Mirai Botnet

Ddos August 25, 2024

Security researcher Jacob Masse has exposed a critical vulnerability within the Mirai botnet, the infamous malware that...

China-Nexus Group Velvet Ant Exploits Cisco Zero-Day (CVE-2024-20399) CVE-2020-3259 Router Smishing, Grooza Cluster

China-Nexus Group Velvet Ant Exploits Cisco Zero-Day (CVE-2024-20399)

Ddos August 25, 2024

At the beginning of 2024, the Chinese group Velvet Ant exploited a patched zero-day vulnerability (CVE-2024-20399, CVSS...

CVE-2024-43399: Critical Zip Slip Vulnerability Discovered in Mobile Security Framework (MobSF)

Ddos August 25, 2024

A serious security flaw has been uncovered in Mobile Security Framework (MobSF), a widely-used open-source tool for...

CVE-2024-39717: Versa Networks Director GUI Flaw Under Active Attack, CISA Issues Urgent Patching Directive Versa Director GUI - CVE-2024-39717

CVE-2024-39717: Versa Networks Director GUI Flaw Under Active Attack, CISA Issues Urgent Patching Directive

Ddos August 23, 2024

In a recent cybersecurity alert, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has highlighted the active...

ALBeast Vulnerability Exposes Thousands of AWS Applications to Critical AuthN/AuthZ Bypass

Ddos August 23, 2024

A new configuration-based vulnerability, dubbed ALBeast, has been uncovered by Miggo Research, affecting a staggering number of...

Urgent Edge Security Update: Microsoft Patches Zero-day & RCE Vulnerabilities Microsoft Edge cleartext credentials memory dump Microsoft Edge auto-startup Microsoft Edge Collections sunset, export Edge Collections CSV Edge IE Mode Zero-Day, Chakra Exploit Windows Search, Microsoft Edge AI video translation, Edge browser Microsoft Editor, Edge Edge Developer tools Windows 10 ESU, Microsoft Edge Microsoft Edge, FCP Optimization CVE-2023-36735 Edge, AI Search

Microsoft Edge cleartext credentials memory dump Microsoft Edge auto-startup Microsoft Edge Collections sunset, export Edge Collections CSV Edge IE Mode Zero-Day, Chakra Exploit Windows Search, Microsoft Edge AI video translation, Edge browser Microsoft Editor, Edge Edge Developer tools Windows 10 ESU, Microsoft Edge Microsoft Edge, FCP Optimization CVE-2023-36735 Edge, AI Search

Urgent Edge Security Update: Microsoft Patches Zero-day & RCE Vulnerabilities

Ddos August 23, 2024

Microsoft has released an urgent security update for its Edge browser, patching a critical vulnerability that is...

Exploit for CVE-2024-38054 Released: Elevation of Privilege Flaw in Windows Kernel Streaming WOW Thunk CVE-2024-38054 exploit

Exploit for CVE-2024-38054 Released: Elevation of Privilege Flaw in Windows Kernel Streaming WOW Thunk

Ddos August 22, 2024

Security researcher ‘Frost’ has released proof-of-concept exploit code for the CVE-2024-38054 vulnerability, escalating concerns over a recently...

Critical Vulnerabilities Uncovered in Progress WhatsUp Gold (CVE-2024-6670 & CVE-2024-6671) MOVEit Automation Vulnerability CVE-2026-4670 CVE-2024-6670 & CVE-2024-6671 Progress WhatsUp Gold

MOVEit Automation Vulnerability CVE-2026-4670 CVE-2024-6670 & CVE-2024-6671 Progress WhatsUp Gold

Critical Vulnerabilities Uncovered in Progress WhatsUp Gold (CVE-2024-6670 & CVE-2024-6671)

Ddos August 22, 2024

The Progress WhatsUp Gold team has recently disclosed multiple critical vulnerabilities affecting all versions of the software...

SonicWall Issues Urgent Patch for Critical Firewall Vulnerability (CVE-2024-40766) SonicWall Firewall CVE-2024-40766 SonicWall SMA Vulnerabilities, Web Interface Flaws

SonicWall Firewall CVE-2024-40766 SonicWall SMA Vulnerabilities, Web Interface Flaws

SonicWall Issues Urgent Patch for Critical Firewall Vulnerability (CVE-2024-40766)

Ddos August 22, 2024

SonicWall, a prominent network security provider, has released a security advisory warning users of a critical vulnerability...

CVE-2024-38206: SSRF Vulnerability in Microsoft Copilot Studio Exposes Internal Infrastructure Windows 11 26H1, Copilot+ PC AI content, monetization AI Code Review, Microsoft Engineering Microsoft Copilot Studio Uninstall Copilot AI Windows 11 LTSC

Windows 11 26H1, Copilot+ PC AI content, monetization AI Code Review, Microsoft Engineering Microsoft Copilot Studio Uninstall Copilot AI Windows 11 LTSC

CVE-2024-38206: SSRF Vulnerability in Microsoft Copilot Studio Exposes Internal Infrastructure

Ddos August 22, 2024

Tenable Research has discovered a critical server-side request forgery (SSRF) vulnerability in Microsoft’s Copilot Studio, potentially allowing...

Critical Alert 1 Active Exploit Detected Today