Saturday, December 2, 2023

Junos OS Flaw Allows Attackers to Flood System and Expose Sensitive Data

Three new vulnerabilities have been discovered in Junos OS: password disclosure, MAC address validation bypass, and Time-of-check Time-of-use (TOCTOU) Race Condition. The severity of...

Multiple Citrix NetScaler Flaw Leads to DoS Attack and Data Exposure

Critical vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway have exposed sensitive information and a denial of service attack.A malicious cyber actor can exploit one of...

The Risk of RBAC Vulnerabilities – A Prevention Guide

Role-Based Access Control (RBAC) is a security paradigm focused on assigning system access to users based on their organizational role. It's a sophisticated approach...

Multiple Cisco Services Engine Flaws Let Attackers Upload Arbitrary Files

Multiple vulnerabilities have been discovered in the Cisco Services Engine associated with Arbitrary File Upload and Denial of Service assigned with CVEs CVE-2023-20195, CVE-2023-20196,...

F5 Warns of Active Attacks Targeting BIG-IP SQL injection vulnerability

F5 Networks has issued a security alert about a severe vulnerability in its BIG-IP Configuration utility, identified as CVE-2023-46748. This vulnerability is an authenticated SQL...

Notepad++ v8.5.7 Released: Fix for 4 Security Vulnerabilities

Notepad++ v8.5.7 has been released, which has several bug fixes and new features. There has also been Integrity and authenticity validation, added Security enhancement...

CitrixBleed Flaw Widely Exploited, Primarily by a Ransomware Gang

At the end of October, AssetNote released a proof-of-concept for the CVE-2023–4966 associated with sensitive information disclosure for Citrix Netscaler ADC devices and was...

Splunk Flaw Let Attackers Escalate Privilege Using crafted web Request

Splunk is one of the most used SIEM (Security Incident and Event Management) tools worldwide.Splunk can collect logs of all the configured events...

New Common Vulnerability Scoring System (CVSS) v4.0 Released – What’s New!

CVSS (Common Vulnerability Scoring System) is vital for supplier-consumer interaction, offering a numerical score to assess security vulnerabilities' technical severity that helps in guiding...

Veeam Critical Flaws Let Attackers Execute Remote Code and Steal NTLM Hashes

Veeam, a Global Leader in Data Protection, issued hotfixes to address four vulnerabilities affecting the Veeam ONE IT infrastructure monitoring and analytics platform.Two vulnerabilities are classified as...

Managed WAF protection


Recent Articles