Monday, October 14, 2024

Vulnerability

pac4j Java Framework Vulnerable to RCE Attacks

A critical security vulnerability has been discovered in the popular Java framework pac4j. The vulnerability specifically affects versions before 4.0 of the pac4j-core module.This vulnerability, identified as CVE-2023-25581,...

Multiple VMware NSX Vulnerabilities Let Attackers Gain Root Access

VMware has disclosed multiple vulnerabilities in its NSX product line that could potentially allow attackers to gain root access.The vulnerabilities, identified as CVE-2024-38818,...

CISA Warns of Fortinet & Ivanti Vulnerabilities Exploited in Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities Catalog, adding critical vulnerabilities from Fortinet and Ivanti.These vulnerabilities...

Chrome Security Update, Patched for High-Severity Vulnerabilities

Google has rolled out a new update for its Chrome browser, addressing several high-severity security vulnerabilities.The Stable channel has been updated to version...

CISA Warns of Microsoft Zero-Day Vulnerabilities Exploited in the Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has warned regarding two critical zero-day vulnerabilities affecting Microsoft Windows products.These vulnerabilities, identified as CVE-2024-43572 and...

Open-Source Scanner Released to Detect CUPS Vulnerability

A new open-source scanner has been released to detect a critical vulnerability in the Common Unix Printing System (CUPS), explicitly targeting CVE-2024-47176.This vulnerability and...

Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new vulnerability to its Known Exploited Vulnerabilities Catalog.This vulnerability, CVE-2024-29824,...

CISA Warns of Four Vulnerabilities that Exploited Actively in the Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has warned about four critical vulnerabilities currently being exploited in the wild.These vulnerabilities affect various products,...

Open Source C3 Frameworks Used In Red Teaming Assessments Vulnerable To RCE Attacks

C2 frameworks, crucial for post-exploitation operations, offer open-source alternatives to Cobalt Strike. They streamline the management of compromised systems, enable efficient collaboration, and evade...

Researcher Details Cisco Smart Licensing that Lets Attacker Control Device

Cisco disclosed a critical vulnerability identified as CVE-2024-20439, affecting its Smart Licensing Utility.An independent researcher discovered this vulnerability through reverse engineering. It involves...

FreeBSD RCE Vulnerability Let Attackers Execute Malicious Code

FreeBSD has disclosed a critical remote code execution (RCE) vulnerability affecting its bhyve hypervisor.This vulnerability, CVE-2024-41721, could allow attackers to execute malicious code...