Google Chrome use-after-free Vulnerability Leads to Remote Attack
Google Chrome has been recently discovered to be a Use-after-free vulnerability that threat actors can exploit to attack users. This vulnerability exists in the...
BIND DNS System Flaws Let Attackers Launch DoS Attacks
In a recent disclosure, BIND 9, a widely-used DNS (Domain Name System) server software, has been found vulnerable to two critical security flaws, labeled...
MOVEit Transfer SQL Injection Let the Attacker Gain Unauthorized Access to the Database
MOVEit transfer service pack has been discovered with three vulnerabilities associated with SQL injections (2) and a Reflected Cross-Site Scripted (XSS). The severity for...
Nagios Monitoring Tool Vulnerabilities Let Attackers Perform SQL Injection
Nagios XI is a prominent and frequently used commercial monitoring system for IT infrastructure and network monitoring. Vulnerability Research Engineer Astrid Tedenbrant found four distinct...
Fortinet FortiOS Flaw Let Attacker Execute Malicious JavaScript Code
Fortinet FortiOS has been discovered with Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerabilities, which threat actors can use for malicious purposes.These vulnerabilities...
Over 80% of Juniper Firewalls Vulnerable to Unauthenticated Code Execution
At the end of August 2023, Juniper Networks released a security advisory mentioning the CVE-2023-36845 vulnerability affecting SRX and EX series firewalls. The vulnerability...
8 XSS Vulnerabilities in Azure HDInsight Allow Attackers to Deliver Malicious Payloads
Azure HDInsight has been identified with multiple Cross-Site Scripting - XSS vulnerabilities related to Stored XSS and Reflected XSS. The severity for these vulnerabilities...
Windows11 Themes vulnerability Let Attackers Execute Arbitrary Code
An Arbitrary code execution vulnerability has been found in Windows 11. This vulnerability is a result of several factors, such as a Time-of-Check Time-of-Use...
Memory Corruption Flaw in ncurses API Library Exposes Linux and macOS Systems
Multiple memory corruption vulnerabilities have been discovered in the ncurses library, which various programs use on multiple operating systems like Portable Operating System Interface...
Trellix DLP Vulnerability Allows Attackers To Delete Unprivileged Files
A privilege escalation vulnerability has been identified in the Trellix Windows DLP endpoint for Windows, which may be exploited to delete any file/folder for...