CVE/vulnerability
Siemens UMC Vulnerability Allows Arbitrary Remote Code Execution
A critical vulnerability has been identified in Siemens' User Management Component (UMC), which could allow unauthenticated remote attackers to execute arbitrary code.The flaw, designated CVE-2024-49775, is a heap-based buffer...
CVE/vulnerability
CISA Warns of BeyondTrust Privileged Remote Access Exploited in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm over a critical vulnerability impacting BeyondTrust’s Privileged Remote Access (PRA) and Remote Support...
CVE/vulnerability
Next.js Vulnerability Let Attackers Bypass Authentication
A high-severity vulnerability has been discovered in the popular web framework, Next.js, which allows attackers to bypass authentication under specific circumstances.The issue, cataloged...
CVE/vulnerability
Fortinet Critical Vulnerabilitiy Let Attackers Inject Commands Remotely
Fortinet, a global leader in cybersecurity solutions, has issued an urgent security advisory addressing two critical vulnerabilities affecting its FortiManager and FortiWLM products.The vulnerabilities,...
Chrome
Critical Chrome Vulnerabilities Lets Attackers Execute Arbitrary Code Remotely
Google has released a new security update on the Stable channel, bringing Chrome to version 131.0.6778.204/.205 for Windows and Mac and 131.0.6778.204 for Linux.This update addresses...
Azure
Azure Data Factory And Apache Airflow Integration Flaws Let Attackers Gain Write Access
Researchers have uncovered vulnerabilities in Microsoft Azure Data Factory's integration with Apache Airflow, which could potentially allow attackers to gain unauthorized access and control...
CVE/vulnerability
Multiple SHARP Routers Vulnerabilities Let Attackers Execute Arbitrary Code
Multiple vulnerabilities have been identified in SHARP routers, potentially allowing attackers to execute arbitrary code with root privileges or compromise sensitive data.Labeled under...
Cyber Security News
Spring Framework Path Traversal Vulnerability (CVE-2024-38819) PoC Exploit Released
A Proof of Concept (PoC) exploit for the critical path traversal vulnerability identified as CVE-2024-38819 in the Spring Framework has been released, shedding light...
CVE/vulnerability
CISA Warns of Adobe & Windows Kernel Driver Vulnerabilities Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert, adding two significant vulnerabilities to its Known Exploited Vulnerabilities Catalog.These vulnerabilities,...
CVE/vulnerability
Hackers Exploiting Apache Struts2 Vulnerability to Upload Malicious Payloads
Hackers have begun exploiting a newly discovered vulnerability in Apache Struts2, a widely used open-source framework for developing Java web applications.The vulnerability, assigned...
CVE/vulnerability
Dell Security Update, Patch for Multiple Critical Vulnerabilities
Dell Technologies has released a security advisory addressing multiple critical vulnerabilities that could expose affected systems to exploitation by malicious actors.Customers are strongly...