Hackers Actively Exploiting the Recently Patched Windows kernel Zero-day Vulnerability in Wild
Threat actors exploiting the recently patched Windows Kernel Privilege Escalation Vulnerability (CVE-2018-8611) that allows attackers to run arbitrary code in kernel mode and install...
Cisco Unified Communications Manager Flaw Let Attacker Launch SQL Injection Attacks
An SQL injection vulnerability was discovered in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session...
Nagios Monitoring Tool Vulnerabilities Let Attackers Perform SQL Injection
Nagios XI is a prominent and frequently used commercial monitoring system for IT infrastructure and network monitoring. Vulnerability Research Engineer Astrid Tedenbrant found four distinct...
CWE Top 25 (2019) – List of Top 25 Most Dangerous Software Weakness...
MITRE has released a list of Top 25 Most Dangerous Software Errors (CWE Top 25) that are widely spread and leads to serious vulnerabilities....
BIND DNS Software Vulnerability Let Remote Attackers to Cause a Denial-of-service Condition
Internet Systems Consortium (ISC) published security updates for vulnerabilities in BIND DNS software that allows an remote attacker to cause a denial-of-service condition.BIND stands...
Critical Jira Vulnerability Let an Unauthenticated Attacker to Bypass Authentication
In an advisory published by Atlassian, the company warns that critical vulnerabilities in Seraph affect its Jira and Jira Service Management products.Seraph is a...
Critical Oracle Weblogic Flaw Let Remote Attacker Take Control of The System
In the quarterly Critical Patch Update for July 2021, Oracle has released 342 fixes for several of its products range. The security experts at Oracle...
Steam Windows Client Zero-day Privilege Escalation Vulnerability Affects Over 125 Million Users
The Steam windows client privilege escalation vulnerability allows an attacker with normal user privilege can run arbitrary code as an administrator.The Zero-day vulnerability was...
Zip Slip Vulnerability Let Attacker Import Malicious Code and Execute Arbitrary Code
A critical Zip Slip vulnerability was discovered in the open-source data cleaning and transformation tool ‘OpenRefine’, which allowed attackers to import malicious code and execute arbitrary...
Half-Double – Google Discovered A Critical Memory Chip Based Rowhammer Vulnerability
Google has recently discovered a new variant of the Rowhammer bug named "Half-Double", which takes the advantage of physical aspects of DRAM chips to...
Managed WAF protection
-1.webp "Top 10 Best Free Data Recovery Software 2024")
