CVE/vulnerability
pac4j Java Framework Vulnerable to RCE Attacks
A critical security vulnerability has been discovered in the popular Java framework pac4j. The vulnerability specifically affects versions before 4.0 of the pac4j-core module.This vulnerability, identified as CVE-2023-25581,...
CVE/vulnerability
Multiple VMware NSX Vulnerabilities Let Attackers Gain Root Access
VMware has disclosed multiple vulnerabilities in its NSX product line that could potentially allow attackers to gain root access.The vulnerabilities, identified as CVE-2024-38818,...
CVE/vulnerability
CISA Warns of Fortinet & Ivanti Vulnerabilities Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities Catalog, adding critical vulnerabilities from Fortinet and Ivanti.These vulnerabilities...
Chrome
Chrome Security Update, Patched for High-Severity Vulnerabilities
Google has rolled out a new update for its Chrome browser, addressing several high-severity security vulnerabilities.The Stable channel has been updated to version...
CVE/vulnerability
CISA Warns of Microsoft Zero-Day Vulnerabilities Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has warned regarding two critical zero-day vulnerabilities affecting Microsoft Windows products.These vulnerabilities, identified as CVE-2024-43572 and...
CVE/vulnerability
Open-Source Scanner Released to Detect CUPS Vulnerability
A new open-source scanner has been released to detect a critical vulnerability in the Common Unix Printing System (CUPS), explicitly targeting CVE-2024-47176.This vulnerability and...
CVE/vulnerability
Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new vulnerability to its Known Exploited Vulnerabilities Catalog.This vulnerability, CVE-2024-29824,...
CVE/vulnerability
CISA Warns of Four Vulnerabilities that Exploited Actively in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has warned about four critical vulnerabilities currently being exploited in the wild.These vulnerabilities affect various products,...
CVE/vulnerability
Open Source C3 Frameworks Used In Red Teaming Assessments Vulnerable To RCE Attacks
C2 frameworks, crucial for post-exploitation operations, offer open-source alternatives to Cobalt Strike. They streamline the management of compromised systems, enable efficient collaboration, and evade...
CVE/vulnerability
Researcher Details Cisco Smart Licensing that Lets Attacker Control Device
Cisco disclosed a critical vulnerability identified as CVE-2024-20439, affecting its Smart Licensing Utility.An independent researcher discovered this vulnerability through reverse engineering. It involves...
cyber security
FreeBSD RCE Vulnerability Let Attackers Execute Malicious Code
FreeBSD has disclosed a critical remote code execution (RCE) vulnerability affecting its bhyve hypervisor.This vulnerability, CVE-2024-41721, could allow attackers to execute malicious code...