Vulnerability Archives • Page 17 of 191 • Cybersecurity News

CVE-2024-9478 & CVE-2024-9479: upKeeper IPA Flaws Rated CVSSv4 10 Now Resolved

do son November 21, 2024

upKeeper, a provider of privileged access management solutions, has recently addressed two critical vulnerabilities in their Instant...

Volt Typhoon: Chinese State-Sponsored APT Targets U.S. Critical Infrastructure Volt Typhoon APT group

Volt Typhoon: Chinese State-Sponsored APT Targets U.S. Critical Infrastructure

do son November 21, 2024

The Tenable Security Response Team has uncovered critical details about Volt Typhoon, a state-sponsored Advanced Persistent Threat...

CVE-2024-52067: Sensitive Data Exposed in Apache NiFi Debug Logs CVE-2024-52067 - CVE-2024-56512

CVE-2024-52067: Sensitive Data Exposed in Apache NiFi Debug Logs

do son November 21, 2024

A newly discovered vulnerability in Apache NiFi could inadvertently expose sensitive parameter values in debug logs, potentially...

Critical VMware vCenter Server Flaws Under Active Attack: CISA Issues Urgent Warning

do son November 21, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding two critical vulnerabilities...

CVE-2024-52940: AnyDesk Vulnerability Exposes User IP Addresses, PoC Published

do son November 21, 2024

A newly discovered vulnerability in popular remote desktop software AnyDesk could allow attackers to uncover users’ IP...

CVE-2024-10220: Kubernetes Vulnerability Allows Arbitrary Command Execution

do son November 20, 2024

A high-severity vulnerability has been discovered in Kubernetes, potentially allowing attackers to execute arbitrary commands outside of...

CVE-2024-42450 (CVSS 10): Versa Networks Addresses Critical Vulnerability in Versa Director CVE-2024-42450 - Versa Director

CVE-2024-42450 (CVSS 10): Versa Networks Addresses Critical Vulnerability in Versa Director

do son November 20, 2024

Versa Networks has issued a security advisory addressing a critical vulnerability (CVE-2024-42450) affecting its Versa Director software....

2024 CWE Top 25: Critical Software Weaknesses Revealed

do son November 20, 2024

The Common Weakness Enumeration (CWE) Top 25 list for 2024 has been released, and it provides a...

WorkflowKit Race Vulnerability (CVE-2024-27821): Researcher Reveals Exploit that Let Malicious Apps Hijack Shortcuts WorkflowKit, CVE-2024-27821

WorkflowKit Race Vulnerability (CVE-2024-27821): Researcher Reveals Exploit that Let Malicious Apps Hijack Shortcuts

do son November 20, 2024

Security researcher Snoolie K has published an in-depth analysis of a significant security flaw in WorkflowKit, which...

Veritas Enterprise Vault Vulnerability Could Allow Remote Code Execution Veritas Enterprise Vault server

Veritas Enterprise Vault Vulnerability Could Allow Remote Code Execution

do son November 20, 2024

Veritas has released a security advisory regarding a critical remote code execution (RCE) vulnerability affecting multiple versions...

Ruckus Networks Issues Security Advisory for Critical RCE Vulnerability in Access Points Ruckus AP Vulnerability

Ruckus Networks Issues Security Advisory for Critical RCE Vulnerability in Access Points

do son November 20, 2024

Ruckus APs running specific software versions are vulnerable to unauthenticated remote code execution attacks. Ruckus Networks has...

Critical Vulnerability in D-Link EOL Routers Allows Remote Code Execution D-Link Vulnerability - End-of-Life Routers

Critical Vulnerability in D-Link EOL Routers Allows Remote Code Execution

do son November 20, 2024

D-Link has issued a security announcement concerning several End-of-Life (EOL) and End-of-Service (EOS) router models, including the...

Five Critical Privilege Escalation Vulnerabilities Found in Ubuntu’s Default Utility, needrestart CVE-2024-48990 and CVE-2024-48922

Five Critical Privilege Escalation Vulnerabilities Found in Ubuntu’s Default Utility, needrestart

do son November 20, 2024

Qualys Threat Research Unit uncovers five local privilege escalation flaws, enabling unprivileged users to gain root access....

CVE-2024-51503: Trend Micro Deep Security Agent RCE Vulnerability Fixed Trend Micro Deep Security - CVE-2024-48904 & CVE-2024-51503

CVE-2024-51503: Trend Micro Deep Security Agent RCE Vulnerability Fixed

do son November 20, 2024

A recently discovered vulnerability in the Trend Micro Deep Security 20 Agent could have allowed attackers to...

Analysis & PoC Exploits Released for Palo Alto Zero-Days – CVE-2024-0012 and CVE-2024-9474

do son November 19, 2024

In a recent analysis, security researcher Sonny from watchTowr unveiled the technical intricacies of two zero-day vulnerabilities...