Slándáil Research:
Feeds
Feeds
Search
Search Engine
Feed: Belgium CERT.BE
Link
Warning: CrushFTP <11.1.0 Has a Vulnerability That Lets an Attacker Escape the Virtual File System and Download System Files
WARNING: RCE IN TIBCO JASPERREPORTS SERVER
WARNING: CRITICAL VULNERABILITY IN ORACLE BI PUBLISHER V7.0.0.0.0/12.2.1.4.0 COULD LEAD TO APPLICATION TAKEOVER, PATCH IMMEDIATELY!
WARNING: CRITICAL VULNERABILITIES IN IVANTI AVALANCHE <6.4.3 COULD LEAD TO RCE, PATCH IMMEDIATELY!
WARNING: THREE HIGH-SEVERITY DENIAL-OF-SERVICE VULNERABILITIES AFFECT PALO ALTO’S PAN-OS
WARNING: A VULNERABILITY IS AFFECTING PUTTY CLIENT
WARNING: MULTIPLE CRITICAL VULNERABILITIES FIXED IN JUNIPER DEVICES, PATCH IMMEDIATELY!
WARNING: CVE-2024-3400 IN GLOBALPROTECT GATEWAY IS ACTIVELY EXPLOITED, PATCH IMMEDIATELY!
WARNING: GITLAB CE/EE PATCHED TWO CRITICAL XSS VULNERABILITIES, PATCH IMMEDIATELY!
WARNING: MICROSOFT PATCH TUESDAY APRIL 2024 PATCHES 147 VULNERABILITIES, INCLUDING 2 ACTIVELY EXPLOITED ZERO DAY VULNERABILITIES, PATCH IMMEDIATELY!
WARNING: CRITICAL VULNERABILITIES IN LG WEBOS TELEVISION SOFTWARE, PATCH IMMEDIATELY!
WARNING: MULTIPLE VULNERABILITIES IN HTTP/2 PROTOCOL IMPLEMENTATION DISRUPTS SERVER AVAILABILITY IN AN ATTACK KNOWN AS CONTINUATION FLOOD. PATCH IMMEDIATELY!
WARNING: IVANTI RELEASES SECURITY UPDATES TO ADDRESS VULNERABILITIES IMPACTING IVANTI CONNECT SECURE AND IVANTI POLICY SECURE GATEWAYS, PATCH IMMEDIATELY!
WARNING: CRITICAL VULNERABILITY IN SYNOLOGY SURVEILLANCE STATION SOFTWARE, PATCH IMMEDIATELY!
Warning: CVE-2024-3094, A Backdoor In The Linux XZ Library Versions 5.6.0 & 5.6.1, Can Lead To SSH Authentication Bypass, Patch Immediately!
Warning: Critical Remote Code Execution Vulnerability For Ivanti Standalone Sentry Appliances
WARNING: VULNERABILITY IN AIOHTTP FRAMEWORK ACTIVELY EXPLOITED AFTER POC RELEASE
WARNING: THREE VULNERABILITIES IN ARCSERVE UDP SOFTWARE DEMAND URGENT ACTION, PATCH IMMEDIATELY!
WARNING: CRITICAL RCE VULNERABILITY IN FORTRA FILECATALYST WORKFLOW, PATCH IMMEDIATELY!
WARNING: CRITICAL VULNERABILITY IN FORTINET FORTICLIENTEMS, PATCH IMMEDIATELY!
WARNING: MICROSOFT PATCH TUESDAY MARCH 2024 PATCHES 59 VULNERABILITIES (2 CRITICAL, 57 IMPORTANT), PATCH IMMEDIATELY!!
WARNING: HIGH-SEVERITY VULNERABILITY IN GITLAB
WARNING: CRITICAL VULNERABILITY IN QNAP QTS, QUTS, AND QUTSCLOUD, PATCH IMMEDIATELY!
WARNING: VMWARE HAS DISCLOSED MULTIPLE CRITICAL VULNERABILITIES ALLOWING A SANDBOX ESCAPE. PATCH IMMEDIATELY!
WARNING: AUTHENTICATION BYPASS AND PATH TRAVERSAL VULNERABILITIES IN JETBRAINS TEAMCITY, PATCH IMMEDIATELY
Warning: DoS Vulnerabilities In Cisco NX-OS Switches, Patch Immediately!
Warning: Critical Authentication Bypass In Progress Openedge Authentication Gateway And Adminserver, Patch Immediately!
WARNING: CRITICAL RCE IN KSMBD SERVER AFFECTING THE LINUX KERNEL, PATCH IMMEDIATELY!
WARNING: URGENT: ACTIVELY EXPLOITED CONNECTWISE SCREENCONNECT CVE-2024-1708 AND CVE-2024-1709 VULNERABILITIES - APPLY PATCH IMMEDIATELY!
WARNING: MULTIPLE DNSSEC PROTOCOL FLAWS COULD RESULT IN DOS, PATCH IMMEDIATELY!
Warning: Critical Vulnerability Affects Wordpress Bricks Builder!
WARNING: DIRECTORY TRAVERSAL REMOTE CODE EXECUTION VULNERABILITIES IN SOLARWINDS ACCESS RIGHTS MANAGER, PATCH IMMEDIATELY!
WARNING: ACTIVELY EXPLOITED ELEVATION OF PRIVILEGES VULNERABILITY (CVE-2024-21410) IN MICROSOFT EXCHANGE SERVER -PATCH IMMEDIATELY!
WARNING: COMMAND INJECTION VULNERABILITY IN QNAP QTS, QUTS HERO AND QUTSCLOUD, PATCH IMMEDIATELY!
WARNING: UNAUTHENTICATED PRIVILEGE ESCALATION VULNERABILITY IN ZOOM FOR WINDOWS. PATCH NOW!
WARNING: MICROSOFT PATCH TUESDAY FEBRUARY 2024 PATCHES 73 VULNERABILITIES (5 CRITICAL, 66 IMPORTANT, 2 MODERATE), PATCH IMMEDIATELY!!
Warning: Two Critical Vulnerabilities Affect Multiple Fortinet Products
Warning: High-Severity Vulnerability Affects Sonicwall
WARNING: HIGH-SEVERITY VULNERABILITIES IN QNAP QTS, QUTS, AND QUTSCLOUD, PATCH IMMEDIATELY!
WARNING: CRITICAL VULNERABILITIES IN CISCO EXPRESSWAY SERIES & TELEPRESENCE VCS, PATCH IMMEDIATELY!
WARNING: REMOTE CODE EXECUTION IN JETBRAINS TEAMCITY, PATCH IMMEDIATELY!
WARNING: PROOF OF EXPLOIT FOR A REMOTE CODE EXECUTION VULNERABILITY IN ORACLE WEBLOGIC SERVER
WARNING: GESSLER GMBH WEB-MASTER USES A WEAK HARD CODED RESTORATION PASSWORD, PATCH IMMEDIATELY!
WARNING: IVANTI RELEASES SECURITY UPDATE TO ADRESS VULNERABILITIES IN IVANTI CONNECT SECURE, IVANTI POLICY SECURE GATEWAYS!
WARNING: CRITICAL ARBITRARY FILE WRITE VULNERABILITY IN GITLAB CE/EE, PATCH IMMEDIATELY!
WARNING: CRITICAL INJECTION VULNERABILITY IN THE BETTER SEARCH REPLACE PLUGIN FOR WORDPRESS, PATCH IMMEDIATELY!
WARNING: NEW REMOTE CODE EXECUTION VULNERABILITY IN MULTIPLE CISCO PRODUCTS, PATCH IMMEDIATELY!
WARNING: CRITICAL AUTHENTICATION BYPASS VULNERABILITY IN FORTRA GOANYWHERE MFT, PATCH IMMEDIATELY!
WARNING: ACTIVE EXPLOITATION OF A CRITICAL REMOTE CODE EXECUTION IN OUTDATED ATLASSIAN CONFLUENCE SERVERS, PATCH IMMEDIATELY!
WARNING: CRITICAL HEAP-BASED BUFFER OVERFLOW LEADING TO RCE IN RSYNC FOR RHEL8.6, PATCH IMMEDIATELY!
WARNING: CRITICAL RCE VULNERABILITY IN APACHE ROCKETMQ, PATCH IMMEDIATELY!
WARNING: HIGH SEVERITY SECURITY UPDATES FOR ATLASSIAN PRODUCTS RELEASED, PATCH IMMEDIATELY!
WARNING: CRITICAL VULNERABILITY AFFECTS VMWARE ARIA AUTOMATION
WARNING: 2 NEW ACTIVELY EXPLOITED VULNERABILITIES AFFECT CITRIX NETSCALER ADC AND GATEWAY
WARNING: NEW VULNERABILITY IN REDIS, PATCH IMMEDIATELY!
WARNING: CRITICAL SECURITY UPDATES FOR GITLAB RELEASED, PATCH IMMEDIATELY!
WARNING: CRITICAL PRE-AUTH RCE IN JUNOS SRX SERIES AND EX SERIES J-WEB, PATCH IMMEDIATELY!
WARNING: 2 ACTIVELY EXPLOITED ZERO-DAY VULNERABILITIES AFFECTING IVANTI CONNECT SECURE AND IVANTI POLICY SECURE – ACT NOW
WARNING: MICROSOFT PATCH TUESDAY JANUARY 2024 PATCHES 48 VULNERABILITIES (2 CRITICAL, 46 IMPORTANT), PATCH IMMEDIATELY!
WARNING: IVANTI ENDPOINT MANAGER CRITICAL VULNERABILITY
WARNING: CRITICAL 9.8 VULNERABILITY IN ENTERPRISEDB (EDB) POSTGRES ADVANCED SERVER (EPAS). PATCH IMMEDIATELY!
Warning: New Exploited Critical Vulnerability Found in Barracuda ESG Appliances, successful exploitation of CVE-2023-7102 could lead to RCE!
Warning: Pre-Authenticated Remote Code Execution Vulnerability in Apache OFBiz, Patch Immediately!
WARNING: 13 CRITICAL VULNERABILITIES IN AVALANCHE ENTERPRISE MOBILE DEVICE MANAGEMENT SOLUTION, PATCH IMMEDIATELY!
WARNING: CRITICAL VULNERABILITY IN PERFORCE HELIX CORE SERVER
Warning: High-severity vulnerability in Palo Alto's PAN-OS
WARNING: CRITICAL VULNERABILITIES IN MULTIPLE SAP BUSINESS TECHNOLOGY PLATFORM (BTP) SECURITY SERVICES INTEGRATION LIBRARIES
WARNING: MICROSOFT PATCH TUESDAY DECEMBER 2023 PATCHES 34 VULNERABILITIES (4 CRITICAL, 30 IMPORTANT), PATCH IMMEDIATELY!
Warning: Critical vulnerability CVE-2023-45866 in Bluetooth, Patch Immediately!
Warning: Patch available for critical RCE vulnerability In Apache Struts
WARNING: CRITICAL VULNERABILITIES IN MULTIPLE ATLASSIAN PRODUCT VERSIONS, RCE POSSIBLE. PATCH IMMEDIATELY!
Warning: Critical vulnerability in Atos Unify OpenScape products, Patch Immediately!
Warning: CRITICAL VULNERABILITY IN NETGEAR PROSAFE NETWORK MANAGEMENT SYSTEM
Warning: Multiple vulnerabilities in Foxit PDF, Patch Immediately!
WARNING: CRITICAL OPENSUPPORTS VULNERABILITY ALLOWS ARBITRARY CODE EXECUTION AND REVERSE SHELL, NO PATCH AVAILABLE!
WARNING: CRITICAL CRUSHFTP VULNERABILITY CAN LEAD TO UNAUTHENTICATED REMOTE CODE EXECUTION (RCE), PATCH IMMEDIATELY!
Warning: High-severity XSS vulnerability in Axigen mail server software
Warning: Multiple critical vulnerabilities in ownCloud core that could lead to exposure of credentials and modification of files
Warning: Multiple high severity vulnerabilities in NEC's EXPRESSCLUSTER X and CLUSTERPRO X
WARNING: VULNERABILITY IN SPLUNK ENTERPRISE CAN LEAD TO REMOTE CODE EXECUTION (RCE), PATCH IMMEDIATELY
WARNING: MICROSOFT PATCH TUESDAY NOVEMBER 2023 PATCHES 63 VULNERABILITIES (4 CRITICAL, 5 ZERO-DAY, 3 ACTIVELY EXPLOITED), Patch Immediately!
Warning - Unauthenticated SQL injection in WP Fastest Cache (WordPress plugin)
Warning - Multiple vulnerabilities in Solarwinds Platform and Solarwinds NCM
Warning: Multiple Vulnerabilities In VEAAM One, Patch Immediately!
Warning: 2 critical command injection vulnerabilities impact multiple versions of the QNAP QTS operating system and applications on its network-attached storage (NAS) devices. Patch Immediately!
Warning: NEW RCE VULNERABILITY AFFECTING APACHE ACTIVEMQ, CVE-2023-46604 IS ACTIVELY EXPLOITED, Patch Immediately!
WARNING – IMPROPER AUTHORIZATION VULNERABILITY IN CONFLUENCE DATA CENTER AND CONFLUENCE SERVER
Warning: Critical authentication bypass vulnerability in BIG-IP Traffic Management User Interface leading to RCE
Warning: Critical Remote Code Execution (RCE) Vulnerability in VMware vCenter Server CVE-2023-34048 , Patch Immediately!
WARNING: Two new vulnerabilities in VMware vCenter Server
Warning: Proof-of-concept exploit available for an authentication bypass vulnerability in VMware Aria Operations for Logs!
Warning: Multiple Critical vulnerabilities affect the SolarWinds Access Rights Manager tool, Patch immediately!
Critical XSS vulnerability in Liferay portal
WARNING: CRITICAL VULNERABILITY IN CISCO IOS XE, RISK OF REMOTE UNAUTHENTICATED PRIVILEGE ESCALATION AND SYSTEM TAKEOVER ON SYSTEMS RUNNING WEB UI AND HTTP/HTTPS SERVICES
WARNING: MICROSOFT PATCH TUESDAY OCTOBER 2023 PATCHES 103 VULNERABILITIES( 12 CRITICAL, 2 0-DAY, 2 ACTIVELY EXPLOITED)
Warning: Critical vulnerabilities In Citrix NetScaler ADC and NetScaler Gateway, Patch Immediately!
Warning: critical vulnerability in Citrix Netscaler ADC and Netscaler Gateway exploited in the wild
Warning: New DDoS technique Rapid Reset Attack uses actively exploited zero-day in HTTP/2 - CVE-2023-44487
Warning: Critical Privilege Escalation Vulnerability in Dell SmartFabric Storage Software, Patch Immediately!
Warning: Zero-day privilege escalation vulnerability in Confluence Data Center and Server
Warning: Authentication bypass leading to RCE on JetBrains TeamCity server currently exploited, Patch Immediately!
Warning: Two critical vulnerabilities are affecting Progress Software Corporation’s WS_FTP Server
Warning: Multiple Zero-day Vulnerabilities Found in Exim Message Transfer Agent (MTA)
Warning: Multiple critical vulnerabilities in SonicWall GMS and Analytics
Warning - Multiple vulnerabilities patched in Cisco Catalyst SD-WAN Manager
Warning: Remote Code Execution vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series, POC available, Patch Immediately!
Warning: Critical Zero-Day Vulnerabilities Discovered in Apple Devices, Patch Immediately!
Warning: Remote Code Execution vulnerability in Bitbucket Data Center and Server, Update Immediately!
Warning: Combination of existing vulnerabilities in Apache Airflow version 1.10.10 can lead to unauthenticated Remote Code Execution. Verify your systems and update!
WARNING: ACTIVELY EXPLOITED CRITICAL ZERO-DAY VULNERABILITY AFFECTING TREND MICRO APEX ONE, APEX ONE SAAS AND VIRUS BUSTER BUSINESS SECURITY PRODUCTS. PATCH AND VERIFY YOUR SYSTEMS ASAP!
WARNING: NEW RCE VULNERABILITIES AFFECTING FORTIWEB, FORTIPROXY AND FORTIOS, PATCH AND VERIFY YOUR SYSTEMS ASAP!
Warning: CRITICAL ACTIVELY EXPLOITED VULNERABILITY IN LIBWEBP AFFECTING MANY PRODUCTS!
WARNING: MICROSOFT PATCH TUESDAY SEPTEMBER 2023 PATCHES 61 VULNERABILITIES( 5 CRITICAL, 2 0-DAY, 2 ACTIVELY EXPLOITED)
Warning: Critical RCE vulnerability in Craft CMS
Warning: Critical authentication bypass vulnerability in Cisco BroadWorks Application Delivery Platform and Xtended Services Platform
Warning: Two zero-day RCE vulnerabilities in Apple iOS, iPadOS, WatchOS and macOS
Warning: Multiple vulnerabilities resulting in RCE for Asus RT-AX55, AX56U_V2 and RT-AC86U routers
Warning: Vulnerabilities in VMware Aria Operations for Networks
Warning: Unauthenticated RCE In Ivanti Avalanche
Warning - an unauthenticated attacker could gain access to a Zimbra account.
WARNING: Remote Code Execution Vulnerability in WinRAR
Warning: Actively exploited API Authentication Bypass on Ivanti Sentry Administrator Interface leads to RCE, Patch Immediately!
WARNING: CRITICAL VULNERABILITY IN IBM SECURITY GUARDIUM LEADS TO RCE, PATCH ASAP
DEFENDING SMES AGAINST RANSOMWARE
Warning: Microsoft’s August 2023 Microsoft Patch Tuesday, patches 73 vulnerabilities (6 CRITICAL, 2 0-DAY, 2 ACTIVELY EXPLOITED), Patch Immediately!
Warning: Another critical vulnerability has been discovered in Ivanti EPMM / Mobile Iron, affecting all versions
Warning:Exploit was released for CVE- 2023-38646 a critical vulnerability in Metabase open source and in Metabase Enterprise, Patch immediately!
Warning: Exploit is available for CVE-2023-34034 a critical vulnerability in Spring Security!
Warning: Critical Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW, Patch Immediately!
Warning: RCE vulnerability in PaperCut print software, Patch Immediately!
Warning: 2 Critical vulnerabilities in discontinued VM2 JavaScript library could lead to Remote Code Execution
Ransomware guide for small to medium sized organizations
Warning: Multiple vulnerabilities in Foxit PDF Reader and Editor products can lead to Remote Code Execution
WARNING: High-severity vulnerability in Ivanti Endpoint Manager Mobile (formerly MobileIron Core)
WARNING: CRITICAL VULNERABILITY IN MIKROTIK ROUTEROS
Warning: CVE-2023-38750 Zimbra ZCS XSS Vulnerability
WARNING: Important sensitive information disclosure vulnerability in AMD Zen CPUs
WARNING: New Actively exploited zero-day vulnerability affecting all Apple products
WARNING: Critical vulnerability in Ivanti Endpoint Manager Mobile (formerly MobileIron Core)
WARNING: ADOBE RELEASED AN EMERGENCY COLDFUSION SECURITY UPDATE MEANT TO FIX THREE VULNERABILITIES, INCLUDING A CRITICAL REMOTE CODE EXECUTIONONE
WARNING: ADOBE RELEASED AN EMERGENCY COLDFUSION SECURITY UPDATE MEANT TO FIX THREE VULNERABILITIES, INCLUDING A CRITICAL REMOTE CODE EXECUTION
Warning: Netscaler Unauthenticated Remote Code Execution vulnerability
WARNING: Critical access control vulnerability in Cisco SD-WAN vManage API
Warning: 4 critical vulnerabilities in SonicWall GMS and Analytics software
Warning: critical RCE vulnerability CVE-2023-33308 in FortiOS and FortiProxy products, Patch Immediately!
WARNING: CRITICAL VULNERABILITIES IN MULTIPLE SAP PRODUCTS
Warning: Poc released for Critical vulnerability in the VMware Aria Operations for Logs analysis tool, Patch Immediately!
Warning: FortiNAC - java untrusted object deserialization RCE, Patch Immediately!
Warning: Authentication bypass vulnerability on Arcserve UDP
Warning: Multiple Vulnerabilities in DNS Server Software BIND 9
WARNING: Multiple high-risk vulnerabilities in VMWare vCenter Server
Warning - Apple released a security update fixing multiple vulnerabilities in iOS, iPadOS, macOS & watchOS, which are being actively exploited in the wild!
Zyxel Has Released Patches Addressing a Pre-Authentication Command Injection Vulnerability in Some NAS Versions
Citrix Released Security Updates For Multiple Products, Including Sharefile Storage Zones And Citrix Virtual Apps And Desktops
RCE Vulnerability in multiple HP Enterprise Laser Jet Products
Warning: MICROSOFT PATCH TUESDAY JUNE 2023 PATCHES 70 VULNERABILITIES( 6 CRITICAL, 0 0-DAY, 0 ACTIVELY EXPLOITED), Patch Immediately!
Warning: Remote code execution vulnerability discovered in all FortiGate devices running FortiOS with SSL-VPN enabled, Patch Immediately!
Warning: Multiple vulnerabilities in VMWare Aria Operations for Networks.
Better protect accounts with multi-factor authentication
Take the most important step against cyber attacks now: install two-factor authentication (2FA) for all external connections
How to keep control of mobile devices
Warning: Multiple Vulnerabilities in Splunk Products
Warning: Critical actively exploited Unauthenticated Remote Code Execution 0-Day Vulnerability affects MOVEit Transfer, Patch and verify your systems asap!
Warning: Critical actively exploited Remote Code Execution Vulnerability affects Barracuda Email Security Gateway appliances, Verify and check asap!
Warning - Remote root code execution vulnerabilities in Zyxel firewall/VPN appliances
WARNING: High risk vulnerability in Openfire xmpp server
Warning: Remote code execution vulnerability in SQLite JDBC
Warning: Gitlab arbitrary file access
Warning: CRITICAL VULNERABILITY IN ZYXEL FIREWALLS, POC IS AVAILABLE, PATCH IMMEDIATELY
Warning: Multiple critical vulnerabilities in Cisco Small Business Switches that could lead to RCE, Patch Immediately!
WARNING: A RCE VULNERABILITY IN VM2 JAVASCRIPT LIBRARY COULD LEAD TO A SANDBOX ESCAPE, PoC IS AVAILABLE, PATCH IMMEDIATELY!
Warning: Multiple vulnerabilities in Teltonika RUT/RMS, Patch Immediately!
Warning: Linux kernel allows escalation to root privileges in Netfilter, Patch Immediately!
Warning: Multiple vulnerabilities in Aruba products including Arbitrary Code Execution, Patch Immediately!
Warning: Microsoft Patch Tuesday addressed 40 Microsoft vulnerabilities including 2 actively exploited 0-day vulnerabilities. Patch Immediately!
Warning: Microsoft Patch Tuesday addressed 38 Microsoft vulnerabilities including 2 actively exploited 0-day vulnerabilities. Patch Immediately!
Warning - 2 vulnerabilities detected in Kibana version 8! One rated as CRITICAL and one rated as HIGH!
WARNING: Ransomware actors are actively exploiting a critical Remote Code Execution vulnerability in PaperCut Print software, Patch Immediately!
Warning: High Severity Vulnerability in Oracle WebLogic Server
Warning: 2 vulnerabilities in TP-LINK Archer AX21 routers
Warning: CVE-2023-29489 cPanel reflected cross-site scripting vulnerability
Insecure Default Configuration in Apache Superset allows an attacker to bypass authentication
How to keep control of your mobile devices?
WARNING: CISCO PATCHED 2 CRITICAL VULNERABILITIES, PATCH IMMEDIATELY!
WARNING: UNAUTHENTICATED REMOTE CODE EXECUTION (RCE) VULNERABILITIES ON STRAPI SERVERS, PATCH IMMEDIATELY!
WARNING: A RCE VULNERABILITY IN VM2 JAVASCRIPT LIBRARY COULD LEAD TO A SANDBOX ESCAPE, PATCH IMMEDIATELY!
WARNING: CRITICAL REMOTE CODE EXECUTION VULNERABILITY IN FIRMWARE OF SIEMENS' SICAM A8000 DEVICES
WARNING: MULTIPLE CRITICAL VULNERABILITIES ADDRESSED IN ALL VERSIONS OF JUNIPER NETWORKS JUNOS OS, PATCH IMMEDIATELY!
Warning: Microsoft Patch Tuesday addressed 97 vulnerabilities including an actively exploited 0-day RCE vulnerability. Patch Immediately!
Critical vulnerability fixed in SNIProxy
Two known exploited critical vulnerabilities fixed in Apple products
Warning: WordPress plugins vulnerable to privilege escalation
CRITICAL VULNERABILITY IN ADOBE COLDFUSION EXPLOITED IN THE WILD
Warning: Advanced Persistent Threat actors are actively exploiting a 3CX 0-Day vulnerability
WARNING: MULTIPLE VULNERABILITIES IN NETGEAR ORBI ROUTERS (1 CRITICAL, 2 HIGH), PATCH IMMEDIATELY!
Warning – POC released for CVE-2023-27532 affecting Veeam Backup & Replication
FortiOS Vulnerability Actively Exploited
WARNING: SAP releases security patches for 5 critical vulnerabilities, PATCH ASAP
WARNING: Active exploitation of a 0-Day Elevation of Privilege vulnerability CVE-2023-23397 in Outlook, PATCH IMMEDIATELY!
Microsoft released security patches for 75 vulnerabilities (9 critical, 66 Important, 1 moderate) including 2 actively exploited zero-days. Patch ASAP!
Warning: CISCO IOS XR Software for ASR 9000 Series routers – Denial of Service Vulnerability
WARNING: JENKINS PATCHED CRITICAL VULNERABILITIES DUBBED ‘COREPLAGUE’.
WARNING: FORTINET PATCHES A CRITICAL VULNERABILITY
Warning - Multiple vulnerabilities in GitLab
Warning - A BUFFER OVERFLOW VULNERABILITY IN SONICOS COULD LEAD TO DENIAL OF SERVICE (DOS) ATTACK
PROOF OF EXPLOIT FOUND FOR VULNERABILITY IN THE ORACLE WEB APPLICATIONS DESKTOP INTEGRATOR PRODUCT OF ORACLE E-BUSINESS SUITE
Warning: ARUBA NETWORKS PUBLISHED 33 NEW VULNERABILITIES OF WHICH 6 ARE RATED CRITICAL, MITIGATE IMMEDIATELY!
WARNING: FORTINET PATCHES TWO CRITICAL SEVERITY VULNERABILITIES IN ITS PRODUCTS
WARNING: A VULNERABILITY IN APACHE TOMCAT-FileUpload COULD LEAD TO DENIAL OF SERVICE (DoS) ATTACK
Warning - Critical vulnerability in ClamAV could lead to RCE
Microsoft Patch Tuesday, February 2023 patches 75 vulnerabilities including three zero-day vulnerabilities 9 critical, 66 important)
WARNING: APPLE RELEASED SECURITY UPDATES FOR IOS, IPADOS, MACOS AND SAFARI TO ADDRESS AN ACTIVELY EXPLOITED RCE ZERO-DAY VULNERABILITY, PATCH IMMEDIATELY!
WARNING: FORTRA RELEASED AN EMERGENCY PATCH TO ADDRESS AN ACTIVELY EXPLOITED ZERO-DAY VULNERABILITY IN FORTRA GOANYWHERE MANAGED FILE TRANSFER, PATCH IMMEDIATELY!
Warning - Attackers are actively exploiting VMware ESXi servers to deploy ransomware
Warning - Two new ImageMagick vulnerabilities resulting in DoS and information disclosure
Warning - Vulnerability in QNAP QTS and QuTS hero
WARNING: COMMONLY USED CHIPSET (REALTEK JUNGLE SDK) IN IOT DEVICES AND ROUTERS ACTIVELY EXPLOITED.
Warning - An attacker who has write access to the KeePass configuration file can modify it and inject malicious triggers
Warning - Two Critical and two important security vulnerabilities in VMWare vRealize Log Insight
WARNING: PROOF OF CONCEPT WILL BE RELEASED FOR A CRITICAL UNAUTHENTICATED RCE IN ZOHO MANAGE ENGINE, PATCH IMMEDIATELY!
WARNING: PROOF OF CONCEPT RELEASED FOR A CRITICAL UNAUTHENTICATED RCE IN ZOHO MANAGE ENGINE, PATCH IMMEDIATELY!
WARNING: HACKERS ARE ACTIVELY EXPLOITING AN UNAUTHENTICATED CRITICAL COMMAND INJECTION VULNERABILITY IN CACTI, PATCH IMMEDIATELY!
WARNING: CRITICAL RCE VULNERABILITY IN CONTROL WEB PANEL (CWP) 7 ACTIVELY EXPLOITED
WARNING: MICROSOFT PATCH TUESDAY, JANUARY 2023 PATCHES 98 VULNERABILITIES INCLUDING ONE ZERO-DAY EXPLOITED IN THE WILD (11 CRITICAL, 87 IMPORTANT)
New Connect & Share - Quarterly Cyber Threat Report event (QCTR) on 12th of January
Warning: CVE-2022-37958 critical pre-auth remote code execution vulnerability in SPNEGO Extended Negotiation (NEGOEX) Security Mechanism, Patch ASAP
Warning: 4 critical VULNERABILITIES IN JSONWEBTOKEN
WARNING: Critical SQL Injection Vulnerability in ZOHO Access Manager Plus, ZOHO PAM360 and ZOHO Password Manager Pro. Patch Immediately !
WARNING: COMMAND INJECTION VULNERABILITY IN WEB INTERFACE FORTIADC
WARNING: CRITICAL VULNERABILITY IN SYNOLOGY VPN PLUS SERVER
WARNING: Ransomware actors are actively exploiting a new exploit method dubbed OWASSRF, Patch Immediately !
Warning: two critical RCE vulnerabilities in Lansweeper
Warning: critical vulnerability in the FreeBSD Ping utility
WARNING: REMOTE CODE EXECUTION VULNERABILITY IN CITRIX APPLICATION DELIVERY CONTROLLER (ADC) AND GATEWAY
Warning: Microsoft Patch Tuesday, December 2022 patches 48 vulnerabilities including two zero-day vulnerabilities, one exploited in the wild (7 critical, 40 important and 1 moderate)
WARNING: 4 CRITICAL VULNERABILITIES IN SAP PRODUCTS
WARNING: OS COMMAND INJECTION VULNERABILITY IN NODE.JS
Several Belgian municipalities recently fell victim to ransomware
WARNING: Critical Authentication Bypass Vulnerability in Fortinet SSL VPN
WARNING: AUTHENTICATION BYPASS IN FORTIOS & FORTIPROXY SSH LOGIN COMPONENT
Warning: Multiple vulnerabilities found in J-Web component of all versions of Junos OS
Warning: A Pre-authentication remote code execution for Oracle access manager is actively being exploited
Warning: Remote code execution in Redhat HyperSQL Database package
Warning: Authentication Bypass Vulnerability in CITRIX ADC and Gateway
WARNING – VMWARE PRODUCTS VULNERABLE TO AUTHENTICATION BYPASS
WARNING: VMWARE PRODUCTS VULNERABLE TO AUTHENTICATION BYPASS
WARNING: MICROSOFT PATCH TUESDAY NOVEMBER 2022 PATCHES 62 VULNERABILITIES (8 CRITICAL, 6 ACTIVELY EXPLOITED)
WARNING: MICROSOFT PATCH TUESDAY NOVEMBER 2022 PATCHES 62 VULNERABILITIES (9 CRITICAL, 6 ACTIVELY EXPLOITED)
Two high severity vulnerabilities released for OpenSSL
WARNING: REMOTE CODE EXECUTION VULNERABILITY IN VMWARE IN CLOUD FOUNDATION PLATFORM
![securit.ie Logo by clatrickparke[@]gmail.com](/static/slandail-logo.png){kind=logo}
Slándáil Research: Feeds