Vulnerabilities Apache OFBiz Users Warned of New and Exploited Vulnerabilities Organizations are being warned of a newly discovered Apache OFBiz vulnerability as exploitation of another recent flaw is observed. Eduard KovacsAugust 5, 2024
Vulnerabilities CISA Warns of Apache Superset Vulnerability Exploitation CISA has added a critical-severity Apache Superset flaw (CVE-2023-27524) to its Known Exploited Vulnerabilities catalog. Ionut ArghireJanuary 9, 2024
Vulnerabilities Critical Apache OFBiz Vulnerability in Attacker Crosshairs Shadowserver sees possible in-the-wild exploitation of a critical Apache OFBiz vulnerability tracked as CVE-2023-49070. Eduard KovacsDecember 29, 2023
Vulnerabilities Recent Apache Struts 2 Vulnerability in Attacker Crosshairs Attackers are attempting to exploit a critical RCE flaw in Apache Struts 2 after researchers publish PoC code. Ionut ArghireDecember 15, 2023
Vulnerabilities Apache Patches Critical RCE Vulnerability in Struts 2 Apache has addressed a critical-severity Struts 2 file upload vulnerability that could lead to remote code execution. Ionut ArghireDecember 11, 2023
Vulnerabilities Critical Apache ActiveMQ Vulnerability Exploited to Deliver Ransomware A recently patched Apache ActiveMQ vulnerability tracked as CVE-2023-46604 is being exploited to deliver ransomware. Eduard KovacsNovember 2, 2023
Vulnerabilities Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks Hackers have set their sights on CVE-2023-34468, an RCE vulnerability in Apache NiFi that impacts thousands of organizations. Ionut ArghireSeptember 29, 2023
Vulnerabilities Organizations Warned of Security Risk in Default Apache Superset Configurations Attackers can exploit Apache Superset installations with default configurations to gain administrator access and execute code on servers and databases. Ionut ArghireApril 26, 2023