Security News

Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519)

2024-10-02 11:05

Attackers are actively exploiting CVE-2024-45519, a critical Zimbra vulnerability that allows them to execute arbitrary commands on vulnerable installations. Proofpoint’s threat researchers say...

#critical #CVE #exploitation #RCE #vulnerability #zimbra #CVE-2024-45519

PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987)

2024-09-25 14:07

Details about and proof-of-concept (PoC) exploit code for CVE-2024-28987, a recently patched SolarWinds Web Help Desk (WHD) vulnerability that could be exploited by unauthenticated attackers to...

#critical #CVE #POC #solarwinds #vulnerability #WEB #CVE-2024-28987

Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593)

2024-09-25 09:41

CVE-2024-7593, a critical authentication bypass vulnerability affecting Ivanti Virtual Traffic Manager (vTM) appliances, is actively exploited by attackers. The confirmation comes from the...

#attack #bypass #cisa #CVE #ivanti #CVE-2024-7593

Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488)

2024-09-19 12:30

Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity’s Safeguard for Privileged Passwords (SPP), which could...

#bypass #critical #CVE #patch #safeguard #CVE-2024-45488

Critical VMware vCenter Server bugs fixed (CVE-2024-38812)

2024-09-18 10:38

Broadcom has released fixes for two vulnerabilities affecting VMware vCenter Server that can be triggered by sending a specially crafted network packet, and could lead to remote code execution...

#critical #CVE #server #vcenter #vmware #CVE-2024-38813 #CVE-2024-38812 #CVE-2023-34048

PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190)

2024-09-17 09:55

CVE-2024-8190, an OS command injection vulnerability in Ivanti Cloud Services Appliance (CSA) v4.6, is under active exploitation. Details about the attacks are still unknown, but there may be more...

#cloud #CVE #exploit #ivanti #POC #CVE-2024-8190

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)

2024-09-16 12:40

CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering render web pages on Windows – “was exploited as a part of an attack...

#0day #APT #CVE #microsoft #CVE-2024-38112 #CVE-2024-43461

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869)

2024-09-12 12:05

Among the security updates released by Adobe on Tuesday are those for various versions of Adobe Acrobat and Reader, which fix two critical flaws that could lead to arbitrary code execution:...

#adobe #CVE #exploit #POC #CVE-2024-41869 #CVE-2024-39383 #CVE-2024-45112

Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847)

2024-09-11 11:50

Ivanti has fixed a slew of vulnerabilities affecting its Endpoint Manager solution, including a maximum severity one (CVE-2024-29847) that may allow unauthenticated attackers to remotely execute...

#critical #CVE #endpoint #ivanti #management #vulnerabilities #CVE-2024-29847

CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766)

2024-09-10 12:26

The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-40766 – a recently fixed improper access control vulnerability affecting SonicWall’s firewalls – to its Known...

#cisa #CVE #sonicwall #vulnerability #CVE-2024-40766

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News