Tuesday, December 24, 2024

Vulnerability Analysis

Multiple ArubaOS vulnerabilities Let Attackers Execute Arbitrary Code

Multiple vulnerabilities have been discovered in Aruba 9200 and 9000 Series Controllers and Gateways running ArubaOS. The vulnerabilities related to Buffer Overflow and Hardware...

PHPFusion Flaw Allows Attackers to Read Critical System Data

On Tuesday, Synopsys addressed High and medium vulnerabilities CVE-2023-2453, and CVE-2023-4480 discovered in PHPFusion by the researchers.PHPFusion is an open-source content management system (CMS)...

Multiple IBM Sterling Secure Proxy Vulnerabilities Allow Remote Code Execution

Multiple vulnerabilities have been found in IBM Sterling Secure Proxy, mostly related to Denial of Service and Information Disclosure.It also consisted of a code...

NCSC Warns of Specific Vulnerabilities in AI Models Like ChatGPT

A large language model (LLM) is a deep learning AI model or system that understands, generates, and predicts text-based content, often associated with generative...

Multiple Splunk Enterprise Flaws Let Attackers Execute Arbitrary Code

Splunk Enterprise has multiple vulnerabilities that can lead to Cross-site Scripting (XSS), Denial of Service (DoS), Remote code execution, Privilege Escalation, and Path Traversal....

Multiple Flaws in ArubaOS Switches Let Attackers Execute Remote Code

Multiple vulnerabilities have been identified in ArubaOS-Switch Switches, specifically pertaining to Stored Cross-site Scripting (Stored XSS), Denial of Service (DoS), and Memory corruption.Aruba...

Hackers Can Exploit Skype Vulnerability to Find User IP Address

Hackers can now capture your IP address and expose your physical location by sending a Skype link, even if you don't click it.An IP...

GroundPeony Group Exploiting Zero-day Flaw to Attack Government Agencies

A cyber attack group - GroundPeony, targeting the Taiwanese government, was discovered in March 2023; it used several tactics, such as tampering with legitimate...