Vulnerabilities Archives

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

Vulnerabilities

In Other News: Critical Chrome Bug, Capital One Hacker Resententencing, Story of Expat Flaw

Noteworthy stories that might have slipped under the radar: Capital One hacker’s sentence reversed, Google patches critical Chrome vulnerability, the story of an Expat...

SecurityWeek News2 days ago

Vulnerabilities

CISA Warns of Exploited Nakivo Vulnerability

CISA has added an absolute path traversal bug in Nakivo Backup and Replication to its Known Exploited Vulnerabilities list.

Ionut Arghire3 days ago

Vulnerabilities

Veeam Patches Critical Vulnerability in Backup & Replication

Veeam has released patches for a critical-severity remote code execution vulnerability in Backup & Replication.

Ionut Arghire3 days ago

Vulnerabilities

Hackers Target Cisco Smart Licensing Utility Vulnerabilities

SANS is seeing attempts to exploit two critical Cisco Smart Licensing Utility vulnerabilities tracked as CVE-2024-20439 and CVE-2024-20440.

Eduard Kovacs3 days ago

Vulnerabilities

8,000 New WordPress Vulnerabilities Reported in 2024

Nearly 8,000 new vulnerabilities affecting the WordPress ecosystem were reported last year, nearly all in plugins and themes.

Ionut Arghire6 days ago

Artificial Intelligence

Nvidia Patches Vulnerabilities That Could Let Hackers Exploit AI Services

Vulnerabilities in Nvidia Riva could allow hackers to abuse speech and translation AI services that are typically expensive.

Eduard Kovacs6 days ago

Vulnerabilities

Ivanti Patches Critical Flaws in Connect Secure, Cloud Services Application

Ivanti has released patches for critical vulnerabilities in Cloud Services Application, Connect Secure, and Policy Secure.

Ionut ArghireDecember 11, 2024

Malware & Threats

Microsoft Ships Urgent Patch for Exploited Windows CLFS Zero-Day

Patch Tuesday: Redmond patches 71 security flaws and calls immediate attention to an exploited Windows zero-day reported by CrowdStrike.

Ryan NaraineDecember 10, 2024

Vulnerabilities

Adobe Patches Over 160 Vulnerabilities Across 16 Products

Adobe has patched over 160 vulnerabilities across over a dozen products, including Reader, Illustrator, Photoshop and Connect.

Eduard KovacsDecember 10, 2024

Vulnerabilities

Cleo File Transfer Tool Vulnerability Exploited in Wild Against Enterprises

CVE-2024-50623, an improperly patched vulnerability affecting Cleo file transfer tools, has been exploited in the wild.

Eduard KovacsDecember 10, 2024

Vulnerabilities

SAP Patches Critical Vulnerability in NetWeaver

SAP has released patches for 16 vulnerabilities, including a critical-severity SSRF bug in NetWeaver (Adobe Document Services).

Ionut ArghireDecember 10, 2024

ICS/OT

Cisco Says Flaws in Industrial Routers, BGP Tool Remain Unpatched 8 Months After Disclosure

Cisco Talos has disclosed the details of apparently unpatched vulnerabilities in MC Technologies industrial routers and the GoCast BGP tool.

Eduard KovacsDecember 10, 2024

Malware & Threats

Critical OpenWrt Flaw Exposes Firmware Update Server to Exploitation

The CVE-2024-54143 vulnerability affects the OpenWrt sysupgrade server and exposes users to risks of installing malicious firmware images.

Ryan NaraineDecember 9, 2024

Vulnerabilities

QNAP Patches Vulnerabilities Exploited at Pwn2Own

QNAP has released patches for multiple high-severity QTS and QuTS Hero vulnerabilities disclosed at the Pwn2Own Ireland 2024 hacking contest.

Ionut ArghireDecember 9, 2024

Vulnerabilities

SonicWall Patches 6 Vulnerabilities in Secure Access Gateway

SonicWall has released patches for multiple high-severity flaws in the SMA100 SSL-VPN secure access gateway.

Ionut ArghireDecember 6, 2024

Vulnerabilities

PoC Exploit Published for Unpatched Mitel MiCollab Vulnerability

WatchTowr has published proof-of-concept (PoC) code for an unpatched vulnerability in the Mitel MiCollab enterprise collaboration platform.

Ionut ArghireDecember 6, 2024

Vulnerabilities

Critical Vulnerability Discovered in SailPoint IdentityIQ

A critical directory traversal vulnerability in the SailPoint IdentityIQ IAM platform exposes restricted files to attackers.

Ionut ArghireDecember 6, 2024

Malware & Threats

I-O Data Confirms Zero-Day Attacks on Routers, Full Patches Pending

Japanese device maker confirms zero-day router exploitation and warn that full patches won’t be available for a few weeks.

Ryan NaraineDecember 5, 2024

Page 11 of 650« First ‹ Previous 7 8 9 101112 13 14 15 Next ›Last »

SECURITYWEEK NETWORK:

ICS:

Vulnerabilities

In Other News: Critical Chrome Bug, Capital One Hacker Resententencing, Story of Expat Flaw

Vulnerabilities

CISA Warns of Exploited Nakivo Vulnerability

Vulnerabilities

Veeam Patches Critical Vulnerability in Backup & Replication

Vulnerabilities

Hackers Target Cisco Smart Licensing Utility Vulnerabilities

Vulnerabilities

8,000 New WordPress Vulnerabilities Reported in 2024

Artificial Intelligence

Nvidia Patches Vulnerabilities That Could Let Hackers Exploit AI Services

Vulnerabilities

Ivanti Patches Critical Flaws in Connect Secure, Cloud Services Application

Malware & Threats

Microsoft Ships Urgent Patch for Exploited Windows CLFS Zero-Day

Vulnerabilities

Adobe Patches Over 160 Vulnerabilities Across 16 Products

Vulnerabilities

Cleo File Transfer Tool Vulnerability Exploited in Wild Against Enterprises

Vulnerabilities

SAP Patches Critical Vulnerability in NetWeaver

ICS/OT

Cisco Says Flaws in Industrial Routers, BGP Tool Remain Unpatched 8 Months After Disclosure

Malware & Threats

Critical OpenWrt Flaw Exposes Firmware Update Server to Exploitation

Vulnerabilities

QNAP Patches Vulnerabilities Exploited at Pwn2Own

Vulnerabilities

SonicWall Patches 6 Vulnerabilities in Secure Access Gateway

Vulnerabilities

PoC Exploit Published for Unpatched Mitel MiCollab Vulnerability

Vulnerabilities

Critical Vulnerability Discovered in SailPoint IdentityIQ

Malware & Threats

I-O Data Confirms Zero-Day Attacks on Routers, Full Patches Pending

Featured

Supply Chain Security

Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed

Mobile & Wireless

Paragon Spyware Attacks Exploited WhatsApp Zero-Day

Cloud Security

What’s Behind Google’s $32 Billion Wiz Acquisition?

Phishing

Scareware Combined With Phishing in Attacks Targeting macOS Users

Funding/M&A

Google to Acquire Cloud Security Giant Wiz for $32 Billion in Cash

Artificial Intelligence

ChatGPT Tool Vulnerability Exploited Against US Government Organizations

Application Security

Popular GitHub Action Targeted in Supply Chain Attack

Latest News

Data Breaches

Ransomware Group Claims Attack on Virginia Attorney General’s Office

Supply Chain Security

Watch on Demand: Supply Chain & Third-Party Risk Security Summit

Artificial Intelligence

New Jailbreak Technique Uses Fictional World to Manipulate AI

Nation-State

Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley

Cloud Security

Industry Reactions to Google Buying Wiz: Feedback Friday

Data Breaches

Ransomware Group Claims Attacks on Ascom, Jaguar Land Rover

Cybercrime

Former NFL, Michigan Assistant Coach Matt Weiss Charged With Hacking for Athletes’ Intimate Photos

Daily Briefing Newsletter