Vulnerability

CVE-2024-44308 and CVE-2024-44309: Apple Addresses Zero-Day Vulnerabilities

• Vulnerability

CVE-2024-44308 and CVE-2024-44309: Apple Addresses Zero-Day Vulnerabilities

do son November 19, 2024

Apple users are urged to update their devices immediately following the discovery of two critical zero-day vulnerabilities...

Read More Read more about CVE-2024-44308 and CVE-2024-44309: Apple Addresses Zero-Day Vulnerabilities

CISA Warns of Actively Exploited Vulnerabilities in Kemp LoadMaster and Palo Alto Networks PAN-OS

• Vulnerability

CISA Warns of Actively Exploited Vulnerabilities in Kemp LoadMaster and Palo Alto Networks PAN-OS

do son November 19, 2024

Critical flaws in widely-used networking and security products demand immediate attention from administrators. The Cybersecurity and Infrastructure...

Read More Read more about CISA Warns of Actively Exploited Vulnerabilities in Kemp LoadMaster and Palo Alto Networks PAN-OS

From CVE to PoC: A Collection Maps Windows Privilege Escalation Landscape

• Vulnerability

From CVE to PoC: A Collection Maps Windows Privilege Escalation Landscape

do son November 18, 2024

Security researcher Michael Zhmaylo has assembled a comprehensive collection of publicly disclosed exploits for Local Privilege Escalation...

Read More Read more about From CVE to PoC: A Collection Maps Windows Privilege Escalation Landscape

CVE-2024-52308: GitHub CLI Vulnerability Could Allow Remote Code Execution

• Vulnerability

CVE-2024-52308: GitHub CLI Vulnerability Could Allow Remote Code Execution

do son November 18, 2024

A critical security vulnerability (CVE-2024-52308) in the GitHub Command Line Interface (CLI) has been identified, potentially enabling...

Read More Read more about CVE-2024-52308: GitHub CLI Vulnerability Could Allow Remote Code Execution

LibreNMS Vulnerability (CVE-2024-51092): Mitigating the Risk of Server Compromise

• Vulnerability

LibreNMS Vulnerability (CVE-2024-51092): Mitigating the Risk of Server Compromise

do son November 18, 2024

A recent security advisory from the LibreNMS project has revealed a severe vulnerability (CVE-2024-51092) affecting versions up...

Read More Read more about LibreNMS Vulnerability (CVE-2024-51092): Mitigating the Risk of Server Compromise

Actively Exploited VMware Vulnerabilities (CVE-2024-38812 & CVE-2024-38813) Threaten Virtualized Infrastructure

• Vulnerability

Actively Exploited VMware Vulnerabilities (CVE-2024-38812 & CVE-2024-38813) Threaten Virtualized Infrastructure

do son November 18, 2024

Broadcom has updated an urgent security advisory following confirmation of in-the-wild exploitation of two critical vulnerabilities affecting...

Read More Read more about Actively Exploited VMware Vulnerabilities (CVE-2024-38812 & CVE-2024-38813) Threaten Virtualized Infrastructure

Trio of Apache Tomcat Flaws Disclosed: Authentication Bypass, HTTP/2 Request Mix-Up, and XSS Flaw

• Vulnerability

Trio of Apache Tomcat Flaws Disclosed: Authentication Bypass, HTTP/2 Request Mix-Up, and XSS Flaw

do son November 18, 2024

The Apache Software Foundation has recently disclosed three new vulnerabilities affecting Apache Tomcat, a widely-used open-source web...

Read More Read more about Trio of Apache Tomcat Flaws Disclosed: Authentication Bypass, HTTP/2 Request Mix-Up, and XSS Flaw

CVE-2024-31141: Apache Kafka Vulnerability Exposes User Data to Potential Attackers

• Vulnerability

CVE-2024-31141: Apache Kafka Vulnerability Exposes User Data to Potential Attackers

do son November 18, 2024

A newly discovered vulnerability in Apache Kafka, the popular open-source event streaming platform, could allow attackers to...

Read More Read more about CVE-2024-31141: Apache Kafka Vulnerability Exposes User Data to Potential Attackers

Critical Vulnerabilities Found in Baxter Life2000 Ventilation System

• Vulnerability

Critical Vulnerabilities Found in Baxter Life2000 Ventilation System

do son November 18, 2024

The Baxter Life2000 Ventilation System, a key healthcare device used in critical infrastructure sectors, has been found...

Read More Read more about Critical Vulnerabilities Found in Baxter Life2000 Ventilation System

CVE-2024-0012 and CVE-2024-9474: Actively Exploited Vulnerabilities Impact Palo Alto Networks PAN-OS

• Vulnerability

CVE-2024-0012 and CVE-2024-9474: Actively Exploited Vulnerabilities Impact Palo Alto Networks PAN-OS

do son November 18, 2024

Palo Alto Networks has issued critical advisories regarding two actively exploited vulnerabilities in their PAN-OS software, posing...

Read More Read more about CVE-2024-0012 and CVE-2024-9474: Actively Exploited Vulnerabilities Impact Palo Alto Networks PAN-OS

Critical Vulnerabilities in Citrix Virtual Apps and Desktops Actively Exploited

• Vulnerability

Critical Vulnerabilities in Citrix Virtual Apps and Desktops Actively Exploited

do son November 18, 2024

Two vulnerabilities in Citrix’s “Virtual Apps and Desktops” remote access solution, CVE-2024-8068 and CVE-2024-8069, are actively being...

Read More Read more about Critical Vulnerabilities in Citrix Virtual Apps and Desktops Actively Exploited

PoC Exploit Releases for Zero-Day CVE-2024-47575 Flaw in Fortinet FortiManager

• Vulnerability

PoC Exploit Releases for Zero-Day CVE-2024-47575 Flaw in Fortinet FortiManager

do son November 17, 2024

Security researcher Sina Kheirkhah from watchTowr recently published technical details and a proof-of-concept (PoC) exploit for a...

Read More Read more about PoC Exploit Releases for Zero-Day CVE-2024-47575 Flaw in Fortinet FortiManager

Sonatype Nexus Repository 2 Hit By RCE (CVE-2024-5082) and XSS (CVE-2024-5083) Flaws

• Vulnerability

Sonatype Nexus Repository 2 Hit By RCE (CVE-2024-5082) and XSS (CVE-2024-5083) Flaws

do son November 17, 2024

Sonatype has issued two security advisories for its Nexus Repository Manager 2.x, a popular repository manager used...

Read More Read more about Sonatype Nexus Repository 2 Hit By RCE (CVE-2024-5082) and XSS (CVE-2024-5083) Flaws

PostgreSQL Releases Security Update Addressing Multiple Vulnerabilities

• Vulnerability

PostgreSQL Releases Security Update Addressing Multiple Vulnerabilities

do son November 17, 2024

The PostgreSQL Global Development Group has issued an important update addressing four security vulnerabilities across all supported...

Read More Read more about PostgreSQL Releases Security Update Addressing Multiple Vulnerabilities

CVE-2024-10217 & CVE-2024-10218: TIBCO Hawk Faces Critical Security Risks

• Vulnerability

CVE-2024-10217 & CVE-2024-10218: TIBCO Hawk Faces Critical Security Risks

do son November 17, 2024

TIBCO, a prominent provider of enterprise integration and management software, has issued urgent security advisories addressing two...

Read More Read more about CVE-2024-10217 & CVE-2024-10218: TIBCO Hawk Faces Critical Security Risks