Google Chrome use-after-free Vulnerability Leads to Remote Attack

Google Chrome has been recently discovered to be a Use-after-free vulnerability that threat actors can exploit to attack users. This vulnerability exists in the...

BIND DNS System Flaws Let Attackers Launch DoS Attacks

In a recent disclosure, BIND 9, a widely-used DNS (Domain Name System) server software, has been found vulnerable to two critical security flaws, labeled...
MOVEit Transfer SQL Injection

MOVEit Transfer SQL Injection Let the Attacker Gain Unauthorized Access to the Database

MOVEit transfer service pack has been discovered with three vulnerabilities associated with SQL injections (2) and a Reflected Cross-Site Scripted (XSS). The severity for...
Nagios Monitoring Tool Vulnerabilities

Nagios Monitoring Tool Vulnerabilities Let Attackers Perform SQL Injection

Nagios XI is a prominent and frequently used commercial monitoring system for IT infrastructure and network monitoring. Vulnerability Research Engineer Astrid Tedenbrant found four distinct...

Fortinet FortiOS Flaw Let Attacker Execute Malicious JavaScript Code

Fortinet FortiOS has been discovered with Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerabilities, which threat actors can use for malicious purposes.These vulnerabilities...

Over 80% of Juniper Firewalls Vulnerable to Unauthenticated Code Execution

At the end of August 2023, Juniper Networks released a security advisory mentioning the CVE-2023-36845 vulnerability affecting SRX and EX series firewalls. The vulnerability...

8 XSS Vulnerabilities in Azure HDInsight Allow Attackers to Deliver Malicious Payloads

Azure HDInsight has been identified with multiple Cross-Site Scripting - XSS vulnerabilities related to Stored XSS and Reflected XSS. The severity for these vulnerabilities...

Windows11 Themes vulnerability Let Attackers Execute Arbitrary Code

An Arbitrary code execution vulnerability has been found in Windows 11. This vulnerability is a result of several factors, such as a Time-of-Check Time-of-Use...

Memory Corruption Flaw in ncurses API Library Exposes Linux and macOS Systems

Multiple memory corruption vulnerabilities have been discovered in the ncurses library, which various programs use on multiple operating systems like Portable Operating System Interface...

Trellix DLP Vulnerability Allows Attackers To Delete Unprivileged Files

A privilege escalation vulnerability has been identified in the Trellix Windows DLP endpoint for Windows, which may be exploited to delete any file/folder for...

Managed WAF


Recent Posts