Security News

Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution

2025-04-17 10:32

A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans any authentication...

#codeexecution #critical #CVS #cvss #SSH #vulnerability #CVE-2025-32433

Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence

2025-04-15 13:44

A critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based blogging server software that could allow malicious actors to retain unauthorized access even...

#apache #critical #CVS #cvss #vulnerability #CVE-2025-24859

Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score

2025-02-04 05:08

Microsoft has released patches to address two Critical-rated security flaws impacting Azure AI Face Service and Microsoft Account that could allow a malicious actor to escalate their privileges...

#AI #azure #critical #CVS #cvss #microsoft #vulnerability #CVE-2025-21415 #CVE-2025-21396

Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)

2025-01-23 06:21

Cisco has released software updates to address a critical security flaw impacting Meeting Management that could permit a remote, authenticated attacker to gain administrator privileges on...

#cisco #critical #CVS #cvss #management #CVE-2025-20156

Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization

2024-12-27 06:46

The Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution...

#apache #CVE #CVS #cvss #RCE #CVE-2024-52046

Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now

2024-12-25 13:30

The Apache Software Foundation (ASF) has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to execute...

#apache #critical #CVS #cvss #patch #SQL #vulnerability #CVE-2024-45387

Cisco scores a perfect CVSS 10 with critical flaw in its wireless system

2024-11-07 11:48

Ultra-Reliable Wireless Backhaul doesn't live up to its name Cisco is issuing a critical alert notice about a flaw that makes its so-called Ultra-Reliable Wireless Backhaul systems easy to subvert.…

#cisco #critical #CVS #cvss #wireless

EPSS vs. CVSS: What’s the Best Approach to Vulnerability Prioritization?

2024-09-26 11:00

Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these scores provide some insight into the potential...

#CVS #cvss #vulnerability

Cyberattack on UK’s CVS Group disrupts veterinary operations

2024-04-08 14:45

UK veterinary services provider CVS Group has announced that it suffered a cyberattack that disrupted IT services at its practices across the country. CVS Group operates 500 veterinary practices throughout the UK, Australia, the Netherlands, and the Republic of Ireland, including nine specialist referral hospitals, 39 dedicated out-of-hours sites, three laboratories, and seven pet crematoria.

#CVS #cyberattack #UK

Does CVSS 4.0 solve the exploitability problem?

2024-01-31 06:00

The newest version of the vulnerability scoring system CVSS 4.0 is here! After a lengthy gap between version 3, as of November 2023 version 4.0 is officially live. Version 3.0 and CVSS in general, while being quite good at measuring the "Impact" of a vulnerability, wasn't very good at scoring its "Exploitability".

#CVS #cvss

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News