Friday, December 1, 2023
Zyxel Command Injection Flaws

Zyxel Command Injection Flaws Let Attackers Run OS Commands

Three Command injection vulnerabilities have been discovered in Zyxel NAS (Network Attached Storage) products, which could allow a threat actor to execute system commands...

NukeSped Malware Exploiting Apache ActiveMQ Vulnerability

The Andariel threat group has been discovered installing malware via the exploitation of the Apache ActiveMQ remote code execution vulnerability classified as CVE-2023-46604.The group is known...
Cisco Patch HTTP/2 Rapid Reset Attack

Cisco Patched Products Vulnerable to HTTP/2 Rapid Reset Attack

A new high-severity vulnerability has been discovered in multiple Cisco products, which could potentially allow HTTP/2 Rapid Reset Attack.This vulnerability enables a novel...

117 Vulnerabilities Discovered in Microsoft 365 Apps

Microsoft 365 Apps is a suite of productivity tools that includes the following apps and services offered by Microsoft through a subscription service:-Microsoft TeamsOneDriveSharePointPowerPointOutlookWordExcelMicrosoft...

FortiSIEM Injection Flaw: Let Attackers Execute Malicious Commands

Fortinet notifies users of a critical OS command injection vulnerability in the FortiSIEM report server that might enable an unauthenticated, remote attacker to execute...

ManageEngine Information Disclosure Flaw Exposes Encryption Keys

ManageEngine, one of the most widely used IT infrastructure management platforms that offers more than 60 Enterprise IT management tools, has been discovered with...
Reptar CPU Vulnerability

Reptar – A New CPU Vulnerability Affects Intel and AMD CPUs

A critical CPU vulnerability can pose a significant threat by allowing:-Unauthorized access to sensitive dataEnabling malicious code executionCompromise the overall security of a system. System...

SysAid IT Service Software 0-day Exploited to Deploy Cl0p Ransomware

SysAid On-Prem software has been reported with a 0-day vulnerability determined during an incident response investigation.According to Microsoft, attackers are exploiting this zero-day vulnerability...

Buffer Overflow Flaws in Trusted Platform Modules Allow Malicious Commands

Trusted Computing Group’s Trust Platform Module 2.0 reference library specification has been discovered with two buffer overflow vulnerabilities that threat actors can exploit to...

Veeam Critical Flaws Let Attackers Execute Remote Code and Steal NTLM Hashes

Veeam, a Global Leader in Data Protection, issued hotfixes to address four vulnerabilities affecting the Veeam ONE IT infrastructure monitoring and analytics platform.Two vulnerabilities are classified as...

Managed WAF protection


Recent Articles