Security News

Firefox Update Patches Exploited Vulnerability

2024-10-11 19:49

Investigation of the use-after-free flaw is ongoing, but organizations and individual users can update Firefox now for a fix.

#firefox #update #vulnerability

New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution

2024-10-11 06:29

GitLab has released security updates for Community Edition (CE) and Enterprise Edition (EE) to address eight security flaws, including a critical bug that could allow running Continuous...

#critical #gitlab #vulnerability #CVE-2024-9164

Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems

2024-10-10 12:10

Cybersecurity security researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system...

#critical #systems #vulnerability #CVE-2024-9441

Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast

2024-10-06 08:00

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: October 2024 Patch Tuesday forecast: Recall can be recalled October arrived, and Microsoft started...

#critical #patch #patchtuesday #RCE #vulnerability #zimbra #CVE-2024-45519

Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability

2024-10-05 04:50

Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user's passwords to be read out aloud by its VoiceOver assistive technology. The...

#apple #critical #IOS #update #vulnerability #CVE-2024-44204

Weird Zimbra Vulnerability

2024-10-03 11:04

Hackers can execute commands on a remote computer by sending malformed emails to a Zimbra mail server. It’s critical, but difficult to exploit. In an email sent Wednesday afternoon, Proofpoint...

#vulnerability #zimbra

Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519)

2024-10-02 11:05

Attackers are actively exploiting CVE-2024-45519, a critical Zimbra vulnerability that allows them to execute arbitrary commands on vulnerable installations. Proofpoint’s threat researchers say...

#critical #CVE #exploitation #RCE #vulnerability #zimbra #CVE-2024-45519

Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers

2024-09-27 05:54

A critical security flaw has been disclosed in the NVIDIA Container Toolkit that, if successfully exploited, could allow threat actors to break out of the confines of a container and gain full...

#critical #nvidia #vulnerability #CVE-2024-0132

EPSS vs. CVSS: What’s the Best Approach to Vulnerability Prioritization?

2024-09-26 11:00

Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these scores provide some insight into the potential...

#CVS #cvss #vulnerability

PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987)

2024-09-25 14:07

Details about and proof-of-concept (PoC) exploit code for CVE-2024-28987, a recently patched SolarWinds Web Help Desk (WHD) vulnerability that could be exploited by unauthenticated attackers to...

#critical #CVE #POC #solarwinds #vulnerability #WEB #CVE-2024-28987

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News