Vulnerabilities Archives

SECURITYWEEK NETWORK:

ICS:

Hi, what are you looking for?

Vulnerabilities

Vulnerabilities Expose Brocade SAN Appliances, Switches to Hacking

The Brocade SANnav management application is affected by multiple vulnerabilities, including a publicly available root password.

Ionut Arghire11 hours ago

Nation-State

Cisco Raises Alarm for ‘ArcaneDoor’ Zero-Days Hitting ASA Firewall Platforms

Cisco warns that nation state-backed hackers are exploiting at least two zero-day vulnerabilities in its ASA firewall platforms to plant malware on telecommunications and...

Ryan Naraine1 day ago

Vulnerabilities

Google Patches Critical Chrome Vulnerability

Google patches CVE-2024-4058, a critical Chrome vulnerability for which researchers earned a $16,000 reward.

Eduard Kovacs1 day ago

Vulnerabilities

CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation

CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild.

Ionut Arghire1 day ago

ICS/OT

Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability

Palo Alto Networks firewall vulnerability CVE-2024-3400, exploited as a zero-day, impacts a Siemens industrial product.

Eduard Kovacs3 days ago

Data Protection

Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services

Microsoft PlayReady vulnerabilities that could allow rogue subscribers to illegally download movies from popular streaming services.

Eduard Kovacs3 days ago

Network Security

Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability

Researchers at the Shadowserver Foundation identify thousands of internet-exposed Ivanti VPN appliances likely impacted by a recently disclosed vulnerability leading to remote code execution.

Ionut ArghireApril 8, 2024

Vulnerabilities

Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits

Crowdfense has announced a $30 million exploit acquisition program covering Android, iOS, Chrome, and Safari zero-days.

Ionut ArghireApril 8, 2024

Vulnerabilities

Google Adds V8 Sandbox to Chrome

Google fights Chrome V8 engine memory safety bugs with a new sandbox and adds it to the bug bounty program.

Ionut ArghireApril 8, 2024

Network Security

Cisco Warns of Vulnerability in Discontinued Small Business Routers

Cisco says it will not release patches for a cross-site scripting vulnerability impacting end-of-life small business routers.

Ionut ArghireApril 5, 2024

Government

Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz

Ivanti releases a carefully scripted YouTube video and an open letter from chief executive Jeff Abbott vowing to fix the entire security organization.

Ryan NaraineApril 4, 2024

Vulnerabilities

Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems

A critical OS command injection in Progress Flowmon can be exploited to gain remote, unauthenticated access to the system.

Ionut ArghireApril 4, 2024

Vulnerabilities

Zoom Paid Out $10 Million via Bug Bounty Program Since 2019

Video conferencing giant Zoom has paid out $10 million through its bug bounty program since it was launched in 2019.

Eduard KovacsApril 4, 2024

Vulnerabilities

CVE and NVD – A Weak and Fractured Source of Vulnerability Truth

MITRE is unable to compile a list of all new vulnerabilities, and NIST is unable to subsequently, and consequently, provide an enriched database of...

Kevin TownsendApril 3, 2024