Vulnerability

WhatsUp Gold Users Beware: Critical Authentication Bypass Flaw Exposed – CVE-2024-7763 (CVSS 9.8)

• Vulnerability

WhatsUp Gold Users Beware: Critical Authentication Bypass Flaw Exposed – CVE-2024-7763 (CVSS 9.8)

do son October 27, 2024

Progress Software has disclosed a severe new vulnerability in its popular network monitoring solution, WhatsUp Gold, that...

Read More Read more about WhatsUp Gold Users Beware: Critical Authentication Bypass Flaw Exposed – CVE-2024-7763 (CVSS 9.8)

DTLS “ClientHello” Race Condition: A New Threat to WebRTC Security

• Vulnerability

DTLS “ClientHello” Race Condition: A New Threat to WebRTC Security

do son October 27, 2024

Enable Security recently released a report detailing a newly discovered vulnerability in WebRTC, the open-standard technology enabling...

Read More Read more about DTLS “ClientHello” Race Condition: A New Threat to WebRTC Security

CVE-2024-9488 (CVSS 9.8): Authentication Bypass Flaw in wpDiscuz Plugin, Over 80,000 Sites at Risk

• Vulnerability

CVE-2024-9488 (CVSS 9.8): Authentication Bypass Flaw in wpDiscuz Plugin, Over 80,000 Sites at Risk

do son October 26, 2024

A critical authentication bypass vulnerability has been discovered in wpDiscuz, a widely used WordPress plugin with over...

Read More Read more about CVE-2024-9488 (CVSS 9.8): Authentication Bypass Flaw in wpDiscuz Plugin, Over 80,000 Sites at Risk

CVE-2024-10327: Okta Verify for iOS Vulnerability Could Allow Unauthorized Access

• Vulnerability

CVE-2024-10327: Okta Verify for iOS Vulnerability Could Allow Unauthorized Access

do son October 25, 2024

A newly disclosed vulnerability in Okta Verify for iOS could allow unauthorized access to user accounts, even...

Read More Read more about CVE-2024-10327: Okta Verify for iOS Vulnerability Could Allow Unauthorized Access

CVE-2024-47901 (CVSS 10): Critical Security Flaw in Siemens InterMesh

• Vulnerability

CVE-2024-47901 (CVSS 10): Critical Security Flaw in Siemens InterMesh

do son October 24, 2024

Siemens has issued a security advisory addressing multiple vulnerabilities in its InterMesh wireless alarm reporting system. These...

Read More Read more about CVE-2024-47901 (CVSS 10): Critical Security Flaw in Siemens InterMesh

CISA Sounds Alarm on Actively Exploited Cisco and Roundcube Vulnerabilities

• Vulnerability

CISA Sounds Alarm on Actively Exploited Cisco and Roundcube Vulnerabilities

do son October 24, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about two actively exploited...

Read More Read more about CISA Sounds Alarm on Actively Exploited Cisco and Roundcube Vulnerabilities

One Identity Safeguard for Privileged Sessions Vulnerable to Authentication Bypass – CVE-2024-40595

• Vulnerability

One Identity Safeguard for Privileged Sessions Vulnerable to Authentication Bypass – CVE-2024-40595

do son October 24, 2024

A newly disclosed vulnerability in One Identity Safeguard for Privileged Sessions (SPS) could allow attackers to bypass...

Read More Read more about One Identity Safeguard for Privileged Sessions Vulnerable to Authentication Bypass – CVE-2024-40595

AWS CDK Vulnerability: Missing S3 Bucket Could Lead to Account Takeover

• Vulnerability

AWS CDK Vulnerability: Missing S3 Bucket Could Lead to Account Takeover

do son October 24, 2024

Security researchers Ofek Itach and Yakir Kadkoda from Aqua Security’s Team Nautilus uncovered a critical vulnerability in...

Read More Read more about AWS CDK Vulnerability: Missing S3 Bucket Could Lead to Account Takeover

NVIDIA Patches Multi Vulnerabilities in Windows and Linux GPU Drivers

• Vulnerability

NVIDIA Patches Multi Vulnerabilities in Windows and Linux GPU Drivers

do son October 24, 2024

NVIDIA has issued a security bulletin addressing multiple vulnerabilities in its GPU Display Driver for both Windows...

Read More Read more about NVIDIA Patches Multi Vulnerabilities in Windows and Linux GPU Drivers

New Threat Group UNC5820 Targets FortiManager Zero-Day CVE-2024-47575 in Global Cyberattack

• Cyber Security
• Vulnerability

New Threat Group UNC5820 Targets FortiManager Zero-Day CVE-2024-47575 in Global Cyberattack

do son October 24, 2024

In October 2024, Mandiant, in collaboration with Fortinet, uncovered the mass exploitation of FortiManager appliances across multiple...

Read More Read more about New Threat Group UNC5820 Targets FortiManager Zero-Day CVE-2024-47575 in Global Cyberattack

CVE-2024-20424 (CVSS 9.9): Cisco FMC Software Vulnerability Grants Attackers Root Access

• Vulnerability

CVE-2024-20424 (CVSS 9.9): Cisco FMC Software Vulnerability Grants Attackers Root Access

do son October 23, 2024

Cisco has issued a critical security advisory warning of a command injection vulnerability in its Secure Firewall...

Read More Read more about CVE-2024-20424 (CVSS 9.9): Cisco FMC Software Vulnerability Grants Attackers Root Access

Active Exploits Target Cisco ASA and FTD VPNs: Urgent Update Needed (CVE-2024-20481)

• Vulnerability

Active Exploits Target Cisco ASA and FTD VPNs: Urgent Update Needed (CVE-2024-20481)

do son October 23, 2024

Cisco has disclosed an actively exploited vulnerability (CVE-2024-20481) in its Adaptive Security Appliance (ASA) and Firepower Threat...

Read More Read more about Active Exploits Target Cisco ASA and FTD VPNs: Urgent Update Needed (CVE-2024-20481)

CVE-2024-20412: Unauthorized Access to Cisco Firepower Devices via Static Credentials

• Vulnerability

CVE-2024-20412: Unauthorized Access to Cisco Firepower Devices via Static Credentials

do son October 23, 2024

Cisco has recently published a security advisory regarding a critical vulnerability in its Firepower Threat Defense (FTD)...

Read More Read more about CVE-2024-20412: Unauthorized Access to Cisco Firepower Devices via Static Credentials

CVE-2024-20329 (CVSS 9.9): Critical Cisco ASA SSH Flaw Allows for Complete System Takeover

• Vulnerability

CVE-2024-20329 (CVSS 9.9): Critical Cisco ASA SSH Flaw Allows for Complete System Takeover

do son October 23, 2024

Cisco has issued a critical security advisory warning of a vulnerability in the SSH subsystem of its...

Read More Read more about CVE-2024-20329 (CVSS 9.9): Critical Cisco ASA SSH Flaw Allows for Complete System Takeover

Fortinet Warns of Actively Exploited Flaw in FortiManager: CVE-2024-47575 (CVSS 9.8)

• Vulnerability

Fortinet Warns of Actively Exploited Flaw in FortiManager: CVE-2024-47575 (CVSS 9.8)

do son October 23, 2024

Fortinet has issued a security advisory for its FortiManager platform, addressing a critical vulnerability—CVE-2024-47575—which has been actively...

Read More Read more about Fortinet Warns of Actively Exploited Flaw in FortiManager: CVE-2024-47575 (CVSS 9.8)