Vulnerabilities GitHub Patches Critical Vulnerability in Enterprise Server A critical-severity flaw in GitHub Enterprise Server could lead to unauthorized access to the vulnerable instances. Ionut Arghire4 hours ago
Vulnerabilities GitLab Patches Pipeline Execution, SSRF, XSS Vulnerabilities The latest GitLab update resolves eight vulnerabilities, including critical- and high-severity pipeline execution flaws. Ionut Arghire4 days ago
Vulnerabilities Okta Tells Users to Check for Potential Exploitation of Newly Patched Vulnerability Okta has resolved a vulnerability that could have allowed attackers to bypass sign-on policies and gain access to applications. Ionut ArghireOctober 7, 2024
Vulnerabilities Chrome, Firefox Updates Patch High-Severity Vulnerabilities The latest Chrome and Firefox security updates address multiple high-severity vulnerabilities affecting the popular web browsers. Ionut ArghireOctober 3, 2024
Network Security New Vulnerabilities Expose Hundreds of Thousands of DrayTek Routers to Hacking Forescout has identified more than a dozen new vulnerabilities in DrayTek routers, exposing hundreds of thousands of devices to attacks. Eduard KovacsOctober 3, 2024
ICS/OT Remote Code Execution, DoS Vulnerabilities Patched in OpenPLC Critical and high-severity vulnerabilities that can be exploited for DoS attacks and remote code execution have been patched in OpenPLC. Eduard KovacsSeptember 26, 2024
Vulnerabilities Cisco Patches High-Severity Vulnerabilities in IOS Software Cisco has released patches for seven high-severity vulnerabilities affecting products running IOS and IOS XE software. Ionut ArghireSeptember 26, 2024
Vulnerabilities Versa Networks Patches Vulnerability Exposing Authentication Tokens Versa Networks has released patches for a Versa Director vulnerability for which proof-of-concept (PoC) code exists. Ionut ArghireSeptember 23, 2024
Vulnerabilities Atlassian Patches Vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd Atlassian’s September 2024 monthly security bulletin details multiple high-severity vulnerabilities in four products. Ionut ArghireSeptember 19, 2024
Vulnerabilities GitLab Patches Critical Authentication Bypass Vulnerability GitLab has patched a critical-severity SAML authentication bypass affecting both Community Edition (CE) and Enterprise Edition (EE) instances. Ionut ArghireSeptember 19, 2024
Vulnerabilities Chrome 129 Patches High-Severity Vulnerability in V8 Engine Google has released Chrome 129 with patches for nine vulnerabilities, including a high-severity bug in the V8 engine. Ionut ArghireSeptember 18, 2024
Cloud Security Dependency Confusion Could Have Led to RCE in Google Cloud Platform Tenable shares details on a dependency confusion attack that led to the execution of code on Google’s internal servers. Ionut ArghireSeptember 17, 2024