DATE |
NAME |
CATEGORY |
WEB |
28.12.23 |
Google Cloud Resolves Privilege Escalation Flaw Impacting Kubernetes Service |
Vulnerebility |
The Hacker News |
28.12.23 |
Critical Zero-Day in Apache OfBiz ERP System Exposes Businesses to Attack |
Vulnerebility |
The Hacker News |
27.12.23 |
Barracuda fixes new ESG zero-day exploited by Chinese hackers |
Vulnerebility |
BleepingComputer |
24.12.23 |
Fake F5 BIG-IP zero-day warning emails push data wipers |
Vulnerebility |
BleepingComputer |
24.12.23 |
Ivanti releases patches for 13 critical Avalanche RCE flaws |
Vulnerebility |
BleepingComputer |
21.12.23 |
Urgent: New Chrome Zero-Day Vulnerability Exploited in the Wild - Update ASAP |
Vulnerebility |
The Hacker News |
19.12.23 |
Microsoft discovers critical RCE flaw in Perforce Helix Core Server |
Vulnerebility |
BleepingComputer |
19.12.23 |
Microsoft fixes Windows printer issues with new troubleshooter |
Vulnerebility |
BleepingComputer |
15.12.23 |
New Security Vulnerabilities Uncovered in pfSense Firewall Software - Patch Now |
Vulnerebility |
The Hacker News |
14.12.23 |
Sophos backports RCE fix after attacks on unsupported firewalls |
Vulnerebility |
BleepingComputer |
14.12.23 |
50K WordPress sites exposed to RCE attacks by critical bug in backup plugin |
Vulnerebility |
BleepingComputer |
14.12.23 |
Over 30% of Log4J apps use a vulnerable version of the library |
Vulnerebility |
BleepingComputer |
13.12.23 |
Microsoft's Final 2023 Patch Tuesday: 33 Flaws Fixed, Including 4 Critical |
Vulnerebility |
The Hacker News |
12.12.23 |
New Critical RCE Vulnerability Discovered in Apache Struts 2 - Patch Now |
Vulnerebility |
The Hacker News |
9.12.23 |
WordPress Releases Update 6.4.2 to Address Critical Remote Attack Vulnerability |
Vulnerebility |
The Hacker News |
8.12.23 |
WordPress fixes POP chain exposing websites to RCE attacks |
Vulnerebility |
BleepingComputer |
8.12.23 |
Atlassian patches critical RCE flaws across multiple products |
Vulnerebility |
BleepingComputer |
8.12.23 |
"Sierra:21" vulnerabilities impact critical infrastructure routers |
Vulnerebility |
BleepingComputer |
7.12.23 |
Sierra:21 - Flaws in Sierra Wireless Routers Expose Critical Sectors to Cyber Attacks |
Vulnerebility |
The Hacker News |
7.12.23 |
Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution |
Vulnerebility |
The Hacker News |
6.12.23 |
Qualcomm Releases Details on Chip Vulnerabilities Exploited in Targeted Attacks |
Vulnerebility |
The Hacker News |
3.12.23 |
Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks |
Vulnerebility |
BleepingComputer |
3.12.23 |
US Health Dept urges hospitals to patch critical Citrix Bleed bug |
Vulnerebility |
BleepingComputer |
2.12.23 |
VMware fixes critical Cloud Director auth bypass unpatched for 2 weeks |
Vulnerebility |
BleepingComputer |
2.12.23 |
Zyxel warns of multiple critical vulnerabilities in NAS devices |
Vulnerebility |
BleepingComputer |
2.12.23 |
Google Chrome emergency update fixes 6th zero-day exploited in 2023 |
Vulnerebility |
BleepingComputer |
2.12.23 |
Microsoft shares temp fix for Outlook crashes when sending emails |
Vulnerebility |
BleepingComputer |
1.12.23 |
Zyxel Releases Patches to Fix 15 Flaws in NAS, Firewall, and AP Devices |
Vulnerebility |
The Hacker News |
29.11.23 |
Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability |
Vulnerebility |
The Hacker News |
29.11.23 |
Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access |
Vulnerebility |
The Hacker News |
25.11.23 |
Critical bug in ownCloud file sharing app exposes admin passwords |
Vulnerebility |
BleepingComputer |
25.11.23 |
Warning: 3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches |
Vulnerebility |
The Hacker News |
23.11.23 |
Windows Hello auth bypassed on Microsoft, Dell, Lenovo laptops |
Vulnerebility |
BleepingComputer |
23.11.23 |
New Flaws in Fingerprint Sensors Let Attackers Bypass Windows Hello Login |
Vulnerebility |
The Hacker News |
19.11.23 |
Fortinet warns of critical command injection bug in FortiSIEM |
Vulnerebility |
BleepingComputer |
17.11.23 |
CISA Adds Three Security Flaws with Active Exploitation to KEV Catalog |
Vulnerebility |
The Hacker News |
17.11.23 |
Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups |
Vulnerebility |
The Hacker News |
16.11.23 |
Microsoft fixes Windows Server VMs broken by October updates |
Vulnerebility |
BleepingComputer |
16.11.23 |
Citrix Hypervisor gets hotfix for new Reptar Intel CPU flaw |
Vulnerebility |
BleepingComputer |
16.11.23 |
New Reptar CPU flaw impacts Intel desktop and server systems |
Vulnerebility |
BleepingComputer |
16.11.23 |
VMware discloses critical VCD Appliance auth bypass with no patch |
Vulnerebility |
BleepingComputer |
16.11.23 |
New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar |
Vulnerebility |
The Hacker News |
15.11.23 |
Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments |
Vulnerebility |
The Hacker News |
15.11.23 |
Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities |
Vulnerebility |
The Hacker News |
15.11.23 |
Urgent: VMware Warns of Unpatched Critical Cloud Director Vulnerability |
Vulnerebility |
The Hacker News |
|
10.11.23 |
Veeam warns of critical bugs in Veeam ONE monitoring platform |
Vulnerebility |
BleepingComputer |
|
7.11.23 |
Critical Flaws Discovered in Veeam ONE IT Monitoring Software – Patch Now |
Vulnerebility |
The Hacker News |
|
7.11.23 |
QNAP Releases Patch for 2 Critical Flaws Threatening Your NAS Devices |
Vulnerebility |
The Hacker News |
|
6.11.23 |
QNAP warns of critical command injection flaws in QTS OS, apps |
Vulnerebility |
BleepingComputer |
|
4.11.23 |
Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments |
Vulnerebility |
The Hacker News |
|
3.11.23 |
Atlassian warns of critical Confluence flaw leading to data loss |
Vulnerebility |
BleepingComputer |
|
2.11.23 |
Researchers Find 34 Windows Drivers Vulnerable to Full Device Takeover |
Vulnerebility |
The Hacker News |
|
1.11.23 |
Alert: F5 Warns of Active Attacks Exploiting BIG-IP Vulnerability |
Vulnerebility |
The Hacker News |
|
31.10.23 |
Atlassian Warns of New Critical Confluence Vulnerability Threatening Data Loss |
Vulnerebility |
The Hacker News |
|
30.10.23 |
Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes |
Vulnerebility |
The Hacker News |
|
28.10.23 |
F5 fixes BIG-IP auth bypass allowing remote code execution attacks |
Vulnerebility |
BleepingComputer |
|
27.10.23 |
European govt email servers hacked using Roundcube zero-day |
Vulnerebility |
BleepingComputer |
|
27.10.23 |
VMware fixes critical code execution flaw in vCenter Server |
Vulnerebility |
BleepingComputer |
|
27.10.23 |
F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution |
Vulnerebility |
The Hacker News |
|
26.10.23 |
Critical Flaw in NextGen's Mirth Connect Could Expose Healthcare Data |
Vulnerebility |
The Hacker News |
|
26.10.23 |
Critical OAuth Flaws Uncovered in Grammarly, Vidio, and Bukalapak Platforms |
Vulnerebility |
The Hacker News |
|
26.10.23 |
Act Now: VMware Releases Patch for Critical vCenter Server RCE Vulnerability |
Vulnerebility |
The Hacker News |
|
25.10.23 |
VMware warns admins of public exploit for vRealize RCE flaw |
Vulnerebility |
BleepingComputer |
|
25.10.23 |
Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately |
Vulnerebility |
BleepingComputer |
|
25.10.23 |
Cisco patches IOS XE zero-days used to hack over 50,000 devices |
Vulnerebility |
BleepingComputer |
|
25.10.23 |
Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities |
Vulnerebility |
The Hacker News |
|
21.10.23 |
Critical RCE flaws found in SolarWinds access audit solution |
Vulnerebility |
BleepingComputer |
18.10.23 |
New Admin Takeover Vulnerability Exposed in Synology's DiskStation Manager |
Vulnerebility |
The Hacker News |
18.10.23 |
Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software |
Vulnerebility |
The Hacker News |
17.10.23 |
Experts Warn of Severe Flaws Affecting Milesight Routers and Titan SFTP Servers |
Vulnerebility |
The Hacker News |
17.10.23 |
Warning: Unpatched Cisco Zero-Day Vulnerability Actively Targeted in the Wild |
Vulnerebility |
The Hacker News |
16.10.23 |
Signal Debunks Zero-Day Vulnerability Reports, Finds No Evidence |
Vulnerebility |
The Hacker News |
|
14.10.23 |
Hyped up curl vulnerability falls short of expectations |
Vulnerebility |
BleepingComputer |
|
12.10.23 |
Two High-Risk Security Flaws Discovered in Curl Library - New Patches Released |
Vulnerebility |
The Hacker News |
|
12.10.23 |
CISA Warns of Actively Exploited Adobe Acrobat Reader Vulnerability |
Vulnerebility |
The Hacker News |
|
11.10.23 |
New critical Citrix NetScaler flaw exposes 'sensitive' data |
Vulnerebility |
BleepingComputer |
|
11.10.23 |
GNOME Linux systems exposed to RCE attacks via file downloads |
Vulnerebility |
BleepingComputer |
|
11.10.23 |
Microsoft Releases October 2023 Patches for 103 Flaws, Including 2 Active Exploits |
Vulnerebility |
The Hacker News |
|
10.10.23 |
libcue Library Flaw Opens GNOME Linux Systems Vulnerable to RCE Attacks |
Vulnerebility |
The Hacker News |
|
9.10.23 |
Security Patch for Two New Flaws in Curl Library Arriving on October 11 |
Vulnerebility |
The Hacker News |
|
7.10.23 |
Atlassian patches critical Confluence zero-day exploited in attacks |
Vulnerebility |
BleepingComputer |
|
7.10.23 |
Cisco fixes hard-coded root credentials in Emergency Responder |
Vulnerebility |
BleepingComputer |
|
7.10.23 |
New 'Looney Tunables' Linux bug gives root on major distros |
Vulnerebility |
BleepingComputer |
|
7.10.23 |
ShellTorch flaws expose AI servers to code execution attacks |
Vulnerebility |
BleepingComputer |
|
7.10.23 |
Microsoft Edge, Teams get fixes for zero-days in open-source libraries |
Vulnerebility |
BleepingComputer |
|
7.10.23 |
Exim patches three of six zero-day bugs disclosed last week |
Vulnerebility |
BleepingComputer |
|
6.10.23 |
Supermicro's BMC Firmware Found Vulnerable to Multiple Critical Vulnerabilities |
Vulnerebility |
The Hacker News |
|
6.10.23 |
Cisco Releases Urgent Patch to Fix Critical Flaw in Emergency Responder Systems |
Vulnerebility |
The Hacker News |
|
4.10.23 |
Looney Tunables: New Linux Flaw Enables Privilege Escalation on Major Distributions |
Vulnerebility |
The Hacker News |
|
4.10.23 |
Warning: PyTorch Models Vulnerable to Remote Code Execution via ShellTorch |
Vulnerebility |
The Hacker News |
|
3.10.23 |
OpenRefine's Zip Slip Vulnerability Could Let Attackers Execute Malicious Code |
Vulnerebility |
The Hacker News |
|
1.10.23 |
Progress warns of maximum severity WS_FTP Server vulnerability |
Vulnerebility |
BleepingComputer |
|
1.10.23 |
Cisco urges admins to fix IOS software zero-day exploited in attacks |
Vulnerebility |
BleepingComputer |
|
1.10.23 |
Cisco Catalyst SD-WAN Manager flaw allows remote server access |
Vulnerebility |
BleepingComputer |
|
1.10.23 |
Google fixes fifth actively exploited Chrome zero-day of 2023 |
Vulnerebility |
BleepingComputer |
|
1.10.23 |
Google assigns new maximum rated CVE to libwebp bug exploited in attacks |
Vulnerebility |
BleepingComputer |
|
30.9.23 |
New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks |
Vulnerebility |
The Hacker News |
|
30.9.23 |
Update Chrome Now: Google Releases Patch for Actively Exploited Zero-Day Vulnerability |
Vulnerebility |
The Hacker News |
|
30.9.23 |
Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server |
Vulnerebility |
The Hacker News |
|
30.9.23 |
Researchers Uncover New GPU Side-Channel Vulnerability Leaking Sensitive Data |
Vulnerebility |
The Hacker News |
|
30.9.23 |
Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers |
Vulnerebility |
The Hacker News |
23.9.23 |
Experts found critical flaws in Nagios XI network monitoring software |
Vulnerebility |
Securityaffairs |
23.9.23 |
GitLab addressed critical vulnerability CVE-2023-5009 |
Vulnerebility |
Securityaffairs |
22.9.23 |
High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server |
Vulnerebility |
The Hacker News |
20.9.23 |
Critical Security Flaws Exposed in Nagios XI Network Monitoring Software |
Vulnerebility |
The Hacker News |
20.9.23 |
GitLab Releases Urgent Security Patches for Critical Vulnerability |
Vulnerebility |
The Hacker News |
20.9.23 |
Trend Micro Releases Urgent Fix for Actively Exploited Critical Security Vulnerability |
Vulnerebility |
The Hacker News |
20.9.23 |
Trend Micro fixes endpoint protection zero-day used in attacks |
Vulnerebility |
BleepingComputer |
20.9.23 |
Thousands of Juniper devices vulnerable to unauthenticated RCE flaw |
Vulnerebility |
BleepingComputer |
19.9.23 |
Nearly 12,000 Juniper Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability |
Vulnerebility |
The Hacker News |
14.9.23 |
Adobe warns of critical Acrobat and Reader zero-day exploited in attacks |
Vulnerebility |
BleepingComputer |
14.9.23 |
Google fixes another Chrome zero-day bug exploited in attacks |
Vulnerebility |
BleepingComputer |
14.9.23 |
N-Able's Take Control Agent Vulnerability Exposes Windows Systems to Privilege Escalation |
Vulnerebility |
The Hacker News |
14.9.23 |
Alert: New Kubernetes Vulnerabilities Enable Remote Attacks on Windows Endpoints |
Vulnerebility |
The Hacker News |
14.9.23 |
Researchers Detail 8 Vulnerabilities in Azure HDInsight Analytics Service |
Vulnerebility |
The Hacker News |
9.9.23 |
Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns |
Vulnerebility |
Securityaffairs |
9.9.23 |
Two flaws in Apache SuperSet allow to remotely hack servers |
Vulnerebility |
Securityaffairs |
9.9.23 |
Notepad++ 8.5.7 released with fixes for four security vulnerabilities |
Vulnerebility |
BleepingComputer |
8.9.23 |
Cisco BroadWorks impacted by critical authentication bypass flaw |
Vulnerebility |
BleepingComputer |
8.9.23 |
Cisco Issues Urgent Fix for Authentication Bypass Bug Affecting BroadWorks Platform |
Vulnerebility |
The Hacker News |
7.9.23 |
Alert: Apache SuperSet Vulnerabilities Expose Servers to Remote Code Execution Attacks |
Vulnerebility |
The Hacker News |
7.9.23 |
MSI BIOS updates fix Windows unsupported processor BSOD bug |
Vulnerebility |
BleepingComputer |
7.9.23 |
A zero-day in Atlas VPN Linux Client leaks users' IP address |
Vulnerebility |
Securityaffairs |
6.9.23 |
ASUS routers are affected by three critical remote code execution flaws |
Vulnerebility |
Securityaffairs |
6.9.23 |
Atlas VPN zero-day vulnerability leaks users' real IP address |
Vulnerebility |
BleepingComputer |
6.9.23 |
ASUS routers vulnerable to critical remote code execution flaws |
Vulnerebility |
BleepingComputer |
6.9.23 |
9 Alarming Vulnerabilities Uncovered in SEL's Power Management Products |
Vulnerebility |
The Hacker News |
|
2.9.23 |
Exploit released for critical VMware SSH auth bypass vulnerability |
Vulnerebility |
BleepingComputer |
|
31.8.23 |
VMware Aria vulnerable to critical SSH authentication bypass flaw |
Vulnerebility |
BleepingComputer |
|
30.8.23 |
Critical RCE flaw impacts VMware Aria Operations Networks |
Vulnerebility |
Securityaffairs |
|
30.8.23 |
UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw |
Vulnerebility |
Securityaffairs |
|
30.8.23 |
Critical Vulnerability Alert: VMware Aria Operations Networks at Risk from Remote Attacks |
Vulnerebility |
The Hacker News |
|
28.8.23 |
Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software |
Vulnerebility |
Securityaffairs |
|
26.8.23 |
FBI: Patches for Barracuda ESG Zero-Day CVE-2023-2868 are ineffective |
Vulnerebility |
Securityaffairs |
|
25.8.23 |
FBI warns of patched Barracuda ESG appliances still being hacked |
Vulnerebility |
BleepingComputer |
|
25.8.23 |
WinRAR zero-day exploited since April to hack trading accounts |
Vulnerebility |
BleepingComputer |
|
24.8.23 |
WinRAR Security Flaw Exploited in Zero-Day Attacks to Target Traders |
Vulnerebility |
The Hacker News |
|
24.8.23 |
Thousands of Unpatched Openfire XMPP Servers Still Exposed to High-Severity Flaw |
Vulnerebility |
The Hacker News |
|
23.8.23 |
TP-Link Tapo L530E smart bulb flaws allow hackers to steal user passwords |
Vulnerebility |
Securityaffairs |
|
22.8.23 |
CISA adds critical Adobe ColdFusion flaw to its Known Exploited Vulnerabilities catalog |
Vulnerebility |
Securityaffairs |
|
22.8.23 |
Ivanti fixed a new critical Sentry API authentication bypass flaw |
Vulnerebility |
Securityaffairs |
|
22.8.23 |
Ongoing Duo outage causes Azure Auth authentication errors |
Vulnerebility |
BleepingComputer |
|
22.8.23 |
Ivanti warns of new actively exploited MobileIron zero-day bug |
Vulnerebility |
BleepingComputer |
|
22.8.23 |
Ivanti Warns of Critical Zero-Day Flaw Being Actively Exploited in Sentry Software |
Vulnerebility |
The Hacker News |
|
22.8.23 |
Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog |
Vulnerebility |
The Hacker News |
|
21.8.23 |
New WinRAR Vulnerability Could Allow Hackers to Take Control of Your PC |
Vulnerebility |
The Hacker News |
|
20.8.23 |
Four Juniper Junos OS flaws can be chained to remotely hack devices |
Vulnerebility |
Securityaffairs |
|
20.8.23 |
WinRAR flaw enables remote code execution of arbitrary code |
Vulnerebility |
Securityaffairs |
|
20.8.23 |
CISA adds flaw in Citrix ShareFile to its Known Exploited Vulnerabilities catalog |
Vulnerebility |
Securityaffairs |
|
20.8.23 |
Two unauthenticated stack buffer overflows found in Ivanti Avalanche EMM |
Vulnerebility |
Securityaffairs |
|
20.8.23 |
Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP) |
Vulnerebility |
Securityaffairs |
|
19.8.23 |
New Juniper Junos OS Flaws Expose Devices to Remote Attacks - Patch Now |
Vulnerebility |
The Hacker News |
|
19.8.23 |
WinRAR flaw lets hackers run programs when you open RAR archives |
Vulnerebility |
BleepingComputer |
|
19.8.23 |
CISA warns of critical Citrix ShareFile flaw exploited in the wild |
Vulnerebility |
BleepingComputer |
|
18.8.23 |
NoFilter Attack: Sneaky Privilege Escalation Method Bypasses Windows Security |
Vulnerebility |
The Hacker News |
|
18.8.23 |
CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks |
Vulnerebility |
The Hacker News |
|
18.8.23 |
Critical Security Flaws Affect Ivanti Avalanche, Threatening 30,000 Organizations |
Vulnerebility |
The Hacker News |
|
16.8.23 |
Ivanti Avalanche impacted by critical pre-auth stack buffer overflows |
Vulnerebility |
BleepingComputer |
|
16.8.23 |
Almost 2,000 Citrix NetScaler servers backdoored in hacking campaign |
Vulnerebility |
Securityaffairs |
|
16.8.23 |
New CVE-2023-3519 scanner detects hacked Citrix ADC, Gateway devices |
Vulnerebility |
Securityaffairs |
|
16.8.23 |
Microsoft enables Windows Kernel CVE-2023-32019 fix for everyone |
Vulnerebility |
Securityaffairs |
|
16.8.23 |
Nearly 2,000 Citrix NetScaler Instances Hacked via Critical Vulnerability |
Vulnerebility |
The Hacker News |
|
16.8.23 |
Multiple Flaws Found in ScrutisWeb Software Exposes ATMs to Remote Hacking |
Vulnerebility |
The Hacker News |
|
14.8.23 |
Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP) |
Vulnerebility |
Securityaffairs |
|
14.8.23 |
Nine flaws in CyberPower and Dataprobe solutions expose data centers to hacking |
Vulnerebility |
Securityaffairs |
|
14.8.23 |
Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS |
Vulnerebility |
Securityaffairs |
|
14.8.23 |
Python URL parsing function flaw can enable command execution |
Vulnerebility |
Securityaffairs |
|
14.8.23 |
Ford says cars with WiFi vulnerability still safe to drive |
Vulnerebility |
BleepingComputer |
|
14.8.23 |
Ongoing Xurum Attacks on E-commerce Sites Exploiting Critical Magento 2 Vulnerability |
Vulnerebility |
The Hacker News |
|
12.8.23 |
Multiple Flaws in CyberPower and Dataprobe Products Put Data Centers at Risk |
Vulnerebility |
The Hacker News |
|
12.8.23 |
Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping |
Vulnerebility |
The Hacker News |
|
11.8.23 |
Industrial PLCs worldwide impacted by CODESYS V3 RCE flaws |
Vulnerebility |
BleepingComputer |
|
11.8.23 |
16 New CODESYS SDK Flaws Expose OT Environments to Remote Attacks |
Vulnerebility |
The Hacker News |
|
9.8.23 |
Microsoft Visual Studio Code flaw lets extensions steal passwords |
Vulnerebility |
BleepingComputer |
|
9.8.23 |
Microsoft Releases Patches for 74 New Vulnerabilities in August Update |
Vulnerebility |
The Hacker News |
|
7.8.23 |
Microsoft fixed a flaw in Power Platform after being criticized |
Vulnerebility |
Securityaffairs |
|
7.8.23 |
New PaperCut flaw in print management software exposes servers to RCE attacks |
Vulnerebility |
Securityaffairs |
|
5.8.23 |
Microsoft Addresses Critical Power Platform Flaw After Delays and Criticism |
Vulnerebility |
The Hacker News |
|
5.8.23 |
Researchers Uncover New High-Severity Vulnerability in PaperCut Software |
Vulnerebility |
The Hacker News |
|
3.8.23 |
Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks |
Vulnerebility |
Securityaffairs |
|
3.8.23 |
Ivanti discloses new critical auth bypass bug in MobileIron Core |
Vulnerebility |
BleepingComputer |
|
3.8.23 |
Over 640 Citrix servers backdoored with web shells in ongoing attacks |
Vulnerebility |
BleepingComputer |
|
3.8.23 |
Researchers Discover Bypass for Recently Patched Critical Ivanti EPMM Vulnerability |
Vulnerebility |
The Hacker News |
|
2.8.23 |
Norwegian Entities Targeted in Ongoing Attacks Exploiting Ivanti EPMM Vulnerability |
Vulnerebility |
The Hacker News |
|
31.7.23 |
Three flaws in Ninja Forms plugin for WordPress impact 900K sites |
Vulnerebility |
Securityaffairs |
|
31.7.23 |
Experts warn attackers started exploiting Citrix ShareFile RCE flaw CVE-2023-24489 |
Vulnerebility |
Securityaffairs |
|
31.7.23 |
New flaw in Ivanti Endpoint Manager Mobile actively exploited in the wild |
Vulnerebility |
Securityaffairs |
|
31.7.23 |
Multiple Flaws Found in Ninja Forms Plugin Leave 800,000 Sites Vulnerable |
Vulnerebility |
The Hacker News |
|
30.7.23 |
Now Abyss Locker also targets VMware ESXi servers |
Vulnerebility |
Securityaffairs |
|
30.7.23 |
Ivanti patches new zero-day exploited in Norwegian govt attacks |
Vulnerebility |
BleepingComputer |
|
29.7.23 |
Ivanti Warns of Another Endpoint Manager Mobile Vulnerability Under Active Attack |
Vulnerebility |
The Hacker News |
|
28.7.23 |
Zimbra fixed actively exploited zero-day CVE-2023-38750 in ZCS |
Vulnerebility |
Securityaffairs |
|
28.7.23 |
Two flaws in Linux Ubuntu affect 40% of Ubuntu users |
Vulnerebility |
Securityaffairs |
|
28.7.23 |
CISA adds Ivanti EPMM flaw to its Known Exploited Vulnerabilities catalog |
Vulnerebility |
Securityaffairs |
|
28.7.23 |
Over 500K MikroTik RouterOS systems potentially exposed to hacking due to critical flaw |
Vulnerebility |
Securityaffairs |
|
28.7.23 |
Zimbra patches zero-day vulnerability exploited in XSS attacks |
Vulnerebility |
BleepingComputer |
|
28.7.23 |
WordPress Ninja Forms plugin flaw lets hackers steal submitted data |
Vulnerebility |
BleepingComputer |
|
28.7.23 |
Major Security Flaw Discovered in Metabase BI Software – Urgent Update Required |
Vulnerebility |
The Hacker News |
|
27.7.23 |
GameOver(lay): Two Severe Linux Vulnerabilities Impact 40% of Ubuntu Users |
Vulnerebility |
The Hacker News |
|
27.7.23 |
Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws |
Vulnerebility |
BleepingComputer |
|
27.7.23 |
Windows 11 KB5028254 update fixes VPN performance issues, 27 bugs |
Vulnerebility |
BleepingComputer |
|
27.7.23 |
Windows 10 KB5028244 update released with 19 fixes, improved security |
Vulnerebility |
BleepingComputer |
|
27.7.23 |
Microsoft fixes bug that broke video recording in Windows apps |
Vulnerebility |
BleepingComputer |
|
26.7.23 |
Atlassian addressed 3 flaws in Confluence and Bamboo products |
Vulnerebility |
Securityaffairs |
|
26.7.23 |
VMware addressed an information disclosure flaw in VMware Tanzu Application Service for VMs and Isolation Segment |
Vulnerebility |
Securityaffairs |
|
26.7.23 |
Apple addressed a new actively exploited zero-day tracked as CVE-2023-38606 |
Vulnerebility |
Securityaffairs |
|
26.7.23 |
Twelve Norwegian ministries were hacked using a zero-day vulnerability |
Vulnerebility |
Securityaffairs |
|
26.7.23 |
A flaw in OpenSSH forwarded ssh-agent allows remote code execution |
Vulnerebility |
Securityaffairs |
|
26.7.23 |
Super Admin elevation bug puts 900,000 MikroTik devices at risk |
Vulnerebility |
BleepingComputer |
|
26.7.23 |
Microsoft shares temp fix for Outlook Desktop slow saving bug |
Vulnerebility |
BleepingComputer |
|
26.7.23 |
VMware fixes bug exposing CF API admin credentials in audit logs |
Vulnerebility |
BleepingComputer |
|
26.7.23 |
Norway says Ivanti zero-day was used to hack govt IT systems |
Vulnerebility |
BleepingComputer |
|
26.7.23 |
Ivanti patches MobileIron zero-day bug exploited in attacks |
Vulnerebility |
BleepingComputer |
|
26.7.23 |
Microsoft shares fix for some Outlook hyperlinks not opening |
Vulnerebility |
BleepingComputer |
|
26.7.23 |
Critical MikroTik RouterOS Vulnerability Exposes Over Half a Million Devices to Hacking |
Vulnerebility |
The Hacker News |
|
25.7.23 |
TETRA:BURST — 5 New Vulnerabilities Exposed in Widely Used Radio Communication System |
Vulnerebility |
The Hacker News |
|
25.7.23 |
Zenbleed: New Flaw in AMD Zen 2 Processors Puts Encryption Keys and Passwords at Risk |
Vulnerebility |
The Hacker News |
|
25.7.23 |
Atlassian Releases Patches for Critical Flaws in Confluence and Bamboo |
Vulnerebility |
The Hacker News |
|
25.7.23 |
Ivanti Releases Urgent Patch for EPMM Zero-Day Vulnerability Under Active Exploitation |
Vulnerebility |
The Hacker News |
24.7.23 |
Shadowserver reported that +15K Citrix servers are likely vulnerable to attacks exploiting the flaw CVE-2023-3519 |
Vulnerebility |
Securityaffairs |
24.7.23 |
Norwegian government IT systems hacked using zero-day flaw |
Vulnerebility |
BleepingComputer |
24.7.23 |
Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks |
Vulnerebility |
The Hacker News |
24.7.23 |
New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection |
Vulnerebility |
The Hacker News |
|
21.7.23 |
Adobe out-of-band update addresses an actively exploited ColdFusion zero-day |
Vulnerebility |
Securityaffairs |
|
21.7.23 |
CISA: Citrix RCE bug exploited to breach critical infrastructure org |
Vulnerebility |
BleepingComputer |
|
21.7.23 |
Critical AMI MegaRAC bugs can let hackers brick vulnerable servers |
Vulnerebility |
BleepingComputer |
|
21.7.23 |
Critical Flaws in AMI MegaRAC BMC Software Expose Servers to Remote Attacks |
Vulnerebility |
The Hacker News |
|
21.7.23 |
Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities |
Vulnerebility |
The Hacker News |
|
20.7.23 |
Adobe emergency patch fixes new ColdFusion zero-day used in attacks |
Vulnerebility |
BleepingComputer |
|
20.7.23 |
Adobe Rolls Out New Patches for Actively Exploited ColdFusion Vulnerability |
Vulnerebility |
The Hacker News |
|
19.7.23 |
Comprehensive analysis of initial attack samples exploiting CVE-2023-23397 vulnerability |
Vulnerebility |
Securelist |
|
19.7.23 |
Bad.Build Flaw in Google Cloud Build Raises Concerns of Privilege Escalation |
Vulnerebility |
The Hacker News |
|
17.7.23 |
Cisco fixed a critical flaw in SD-WAN vManage |
Vulnerebility |
Securityaffairs |
|
15.7.23 |
US CISA warns of Rockwell Automation ControlLogix flaws |
Vulnerebility |
Securityaffairs |
|
15.7.23 |
SonicWall urges organizations to fix critical flaws in GMS/Analytics products |
Vulnerebility |
Securityaffairs |
|
15.7.23 |
Citrix fixed a critical flaw in Secure Access Client for Ubuntu |
Vulnerebility |
Securityaffairs |
|
15.7.23 |
Fortinet fixed a critical flaw in FortiOS and FortiProxy |
Vulnerebility |
Securityaffairs |
|
15.7.23 |
Unpatched Office zero-day CVE-2023-36884 actively exploited in targeted attacks |
Vulnerebility |
Securityaffairs |
|
15.7.23 |
VMware warns customers of exploit available for critical vRealize RCE flaw CVE-2023-20864 |
Vulnerebility |
Securityaffairs |
|
15.7.23 |
A flaw in Revolut US payments resulted in the theft of $20 Million |
Vulnerebility |
Securityaffairs |
|
15.7.23 |
Microsoft Bug Allowed Hackers to Breach Over Two Dozen Organizations via Forged Azure AD Tokens |
Vulnerebility |
The Hacker News |
|
15.7.23 |
Critical Security Flaws Uncovered in Honeywell Experion DCS and QuickBlox Services |
Vulnerebility |
The Hacker News |
|
15.7.23 |
Cisco SD-WAN vManage impacted by unauthenticated REST API access |
Vulnerebility |
BleepingComputer |
|
15.7.23 |
Zimbra urges admins to manually fix zero-day exploited in attacks |
Vulnerebility |
BleepingComputer |
|
14.7.23 |
Zimbra Warns of Critical Zero-Day Flaw in Email Software Amid Active Exploitation |
Vulnerebility |
The Hacker News |
|
13.7.23 |
Fake PoC for Linux Kernel Vulnerability on GitHub Exposes Researchers to Malware |
Vulnerebility |
The Hacker News |
|
13.7.23 |
New Vulnerabilities Disclosed in SonicWall and Fortinet Network Security Products |
Vulnerebility |
The Hacker News |
|
13.7.23 |
SonicWall warns admins to patch critical auth bypass bugs immediately |
Vulnerebility |
BleepingComputer |
|
13.7.23 |
Critical RCE found in popular Ghostscript open-source PDF library |
Vulnerebility |
BleepingComputer |
|
13.7.23 |
Fortinet warns of critical RCE flaw in FortiOS, FortiProxy devices |
Vulnerebility |
BleepingComputer |
|
13.7.23 |
Windows 11 KB5028185 cumulative update released with Moment 3 features |
Vulnerebility |
BleepingComputer |
|
13.7.23 |
Windows 10 KB5028168 and KB5028166 updates released |
Vulnerebility |
BleepingComputer |
|
13.7.23 |
Microsoft July 2023 Patch Tuesday warns of 6 zero-days, 132 flaws |
Vulnerebility |
BleepingComputer |
|
12.7.23 |
Microsoft Releases Patches for 132 Vulnerabilities, Including 6 Under Active Attack |
Vulnerebility |
The Hacker News |
|
11.7.23 |
Beware of Big Head Ransomware: Spreading Through Fake Windows Updates |
Vulnerebility |
The Hacker News |
|
11.7.23 |
VMware warns of exploit available for critical vRealize RCE bug |
Vulnerebility |
BleepingComputer |
|
8.7.23 |
Progress warns customers of a new critical flaw in MOVEit Transfer software |
Vulnerebility |
Securityaffairs |
|
8.7.23 |
CISA warns govt agencies to patch actively exploited Android driver |
Vulnerebility |
BleepingComputer |
|
8.7.23 |
Critical TootRoot bug lets attackers hijack Mastodon servers |
Vulnerebility |
BleepingComputer |
|
8.7.23 |
Barracuda working on fix for ongoing Email Gateway login issues |
Vulnerebility |
BleepingComputer |
|
8.7.23 |
MOVEit Transfer customers warned to patch new critical flaw |
Vulnerebility |
BleepingComputer |
|
8.7.23 |
Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software |
Vulnerebility |
The Hacker News |
|
8.7.23 |
Mastodon Social Network Patches Critical Flaws Allowing Server Takeover |
Vulnerebility |
The Hacker News |
|
7.7.23 |
Cisco warns of a flaw in Nexus 9000 series switches that allows modifying encrypted traffic |
Vulnerebility |
Securityaffairs |
|
7.7.23 |
StackRot, a new Linux Kernel privilege escalation vulnerability |
Vulnerebility |
Securityaffairs |
|
7.7.23 |
CVE-2022-29303 flaw in SolarView product can be exploited in attacks against the energy sector |
Vulnerebility |
Securityaffairs |
6.7.23 |
Microsoft investigates Outlook.com bug breaking email search |
Vulnerebility |
BleepingComputer |
6.7.23 |
Cisco warns of bug that lets attackers break traffic encryption |
Vulnerebility |
BleepingComputer |
6.7.23 |
Microsoft fixes bug behind Windows LSA protection warnings, again |
Vulnerebility |
BleepingComputer |
6.7.23 |
New StackRot Linux kernel flaw allows privilege escalation |
Vulnerebility |
BleepingComputer |
|
6.7.23 |
Researchers Uncover New Linux Kernel 'StackRot' Privilege Escalation Vulnerability |
Vulnerebility |
The Hacker News |
|
4.7.23 |
335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997 |
Vulnerebility |
Securityaffairs |
|
4.7.23 |
CISA adds Samsung and D-link bugs to its Known Exploited Vulnerabilities catalog |
Vulnerebility |
Securityaffairs |
|
4.7.23 |
Alert: 330,000 FortiGate Firewalls Still Unpatched to CVE-2023-27997 RCE Flaw |
Vulnerebility |
The Hacker News |
|
3.7.23 |
300,000+ Fortinet firewalls vulnerable to critical FortiOS RCE bug |
Vulnerebility |
BleepingComputer |
|
3.7.23 |
CISA Flags 8 Actively Exploited Flaws in Samsung and D-Link Devices |
Vulnerebility |
The Hacker News |
|
1.7.23 |
miniOrange’s WordPress Social Login and Register plugin was affected by a critical auth bypass bug |
Vulnerebility |
Securityaffairs |
|
1.7.23 |
Critical SQL Injection flaws in Gentoo Soko can lead to Remote Code Execution |
Vulnerebility |
Securityaffairs |
|
30.6.23 |
Microsoft fixes bug that breaks Windows Start Menu, UWP apps |
Vulnerebility |
BleepingComputer |
|
30.6.23 |
Trellix fixes bug breaking Office apps after June Windows updates |
Vulnerebility |
BleepingComputer |
|
29.6.23 |
Critical Security Flaw in Social Login Plugin for WordPress Exposes Users' Accounts |
Vulnerebility |
The Hacker News |
|
28.6.23 |
Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution |
Vulnerebility |
The Hacker News |
|
27.6.23 |
Internet Systems Consortium (ISC) fixed three DoS flaw in BIND |
Vulnerebility |
Securityaffairs |
|
27.6.23 |
New Fortinet's FortiNAC Vulnerability Exposes Networks to Code Execution Attacks |
Vulnerebility |
The Hacker News |
|
26.6.23 |
Grafana warns of critical auth bypass due to Azure AD integration |
Vulnerebility |
BleepingComputer |
|
24.6.23 |
CISA orders govt agencies to fix recently disclosed flaws in Apple devices |
Vulnerebility |
Securityaffairs |
|
24.6.23 |
VMware fixed five memory corruption issues in vCenter Server |
Vulnerebility |
Securityaffairs |
|
24.6.23 |
Fortinet fixes critical FortiNAC RCE, install updates asap |
Vulnerebility |
Securityaffairs |
|
24.6.23 |
More than a million GitHub repositories potentially vulnerable to RepoJacking |
Vulnerebility |
Securityaffairs |
|
24.6.23 |
CISA Tells US Agencies to Patch Exploited Roundcube, VMware Flaws |
Vulnerebility |
Securityweek |
|
24.6.23 |
VMware Patches Code Execution Vulnerabilities in vCenter Server |
Vulnerebility |
Securityweek |
|
24.6.23 |
Fortinet fixes critical FortiNAC remote command execution flaw |
Vulnerebility |
BleepingComputer |
|
23.6.23 |
Researchers released a PoC exploit for CVE-2023-20178 flaw in Cisco AnyConnect Secure |
Vulnerebility |
Securityaffairs |
|
23.6.23 |
VMware fixes vCenter Server bugs allowing code execution, auth bypass |
Vulnerebility |
BleepingComputer |
|
23.6.23 |
Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites |
Vulnerebility |
The Hacker News |
|
22.6.23 |
Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites |
Vulnerebility |
Securityweek |
|
22.6.23 |
Enphase Ignores CISA Request to Fix Remotely Exploitable Flaws |
Vulnerebility |
Securityweek |
|
22.6.23 |
Chrome and Its Vulnerabilities – Is the Web Browser Safe to Use? |
Vulnerebility |
Securityweek |
|
22.6.23 |
VMware Confirms Live Exploits Hitting Just-Patched Security Flaw |
Vulnerebility |
Securityweek |
|
22.6.23 |
Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps |
Vulnerebility |
Securityweek |
|
22.6.23 |
Critical RCE flaw CVE-2023-20887 in VMware vRealize exploited in the wild |
Vulnerebility |
Securityaffairs |
|
22.6.23 |
Zyxel addressed critical flaw CVE-2023-27992 in NAS Devices |
Vulnerebility |
Securityaffairs |
|
22.6.23 |
ASUS addressed critical flaws in some router models |
Vulnerebility |
Securityaffairs |
|
22.6.23 |
VMware warns of critical vRealize flaw exploited in attacks |
Vulnerebility |
BleepingComputer |
|
22.6.23 |
Microsoft fixes Azure AD auth flaw enabling account takeover |
Vulnerebility |
BleepingComputer |
|
22.6.23 |
Zyxel warns of critical command injection flaw in NAS devices |
Vulnerebility |
BleepingComputer |
|
22.6.23 |
Critical 'nOAuth' Flaw in Microsoft Azure AD Enabled Complete Account Takeover |
Vulnerebility |
The Hacker News |
|
21.6.23 |
Alert! Hackers Exploiting Critical Vulnerability in VMware's Aria Operations Networks |
Vulnerebility |
The Hacker News |
|
21.6.23 |
Zyxel Releases Urgent Security Updates for Critical Vulnerability in NAS Devices |
Vulnerebility |
The Hacker News |
|
21.6.23 |
Researchers Expose New Severe Flaws in Wago and Schneider Electric OT Products |
Vulnerebility |
The Hacker News |
|
21.6.23 |
ASUS Releases Patches to Fix Critical Security Bugs Impacting Multiple Router Models |
Vulnerebility |
The Hacker News |
|
20.6.23 |
Asus Patches Highly Critical WiFi Router Flaws |
Vulnerebility |
Securityweek |
|
20.6.23 |
Malwarebytes issues fix for Chrome broken by Windows 11 KB5027231 |
Vulnerebility |
BleepingComputer |
|
20.6.23 |
ASUS urges customers to patch critical router vulnerabilities |
Vulnerebility |
BleepingComputer |
19.6.23 |
Western Digital Blocks Unpatched Devices From Cloud Services |
Vulnerebility |
Securityweek |
19.6.23 |
MOVEit Customers Urged to Patch Third Critical Vulnerability |
Vulnerebility |
Securityweek |
|
6.5.23 |
New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks |
Vulnerebility |
The Hacker News |
|
5.5.23 |
Cisco Warns of Vulnerability in Popular Phone Adapter, Urges Migration to Newer Model |
Vulnerebility |
The Hacker News |
|
4.5.23 |
Researchers Discover 3 Vulnerabilities in Microsoft Azure API Management Service |
Vulnerebility |
The Hacker News |
|
3.5.23 |
Hackers Exploiting 5-year-old Unpatched Vulnerability in TBK DVR Devices |
Vulnerebility |
The Hacker News |
|
3.5.23 |
CISA Issues Advisory on Critical RCE Affecting ME RTU Remote Terminal Units |
Vulnerebility |
The Hacker News |
|
2.5.23 |
Researchers Uncover New BGP Flaws in Popular Internet Routing Protocol Software |
Vulnerebility |
The Hacker News |
|
28.4.23 |
Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now |
Vulnerebility |
The Hacker News |
|
26.4.23 |
Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks |
Vulnerebility |
The Hacker News |
|
26.4.23 |
VMware Releases Critical Patches for Workstation and Fusion Software |
Vulnerebility |
The Hacker News |
|
25.4.23 |
New SLP Vulnerability Could Let Attackers Launch 2200x Powerful DDoS Attacks |
Vulnerebility |
The Hacker News |
|
21.4.23 |
Cisco and VMware Release Security Updates to Patch Critical Flaws in their Products |
Vulnerebility |
The Hacker News |
|
20.4.23 |
Two Critical Flaws Found in Alibaba Cloud's PostgreSQL Databases |
Vulnerebility |
The Hacker News |
|
19.4.23 |
Google Chrome Hit by Second Zero-Day Attack - Urgent Patch Update Released |
Vulnerebility |
The Hacker News |
|
19.4.23 |
Critical Flaws in vm2 JavaScript Library Can Lead to Remote Code Execution |
Vulnerebility |
The Hacker News |
|
15.4.23 |
Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability |
Vulnerebility |
The Hacker News |
|
12.4.23 |
Urgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit |
Vulnerebility |
The Hacker News |
|
11.4.23 |
Newly Discovered "By-Design" Flaw in Microsoft Azure Could Expose Storage Accounts to Hackers |
Vulnerebility |
The Hacker News |
|
8.4.23 |
Researchers Discover Critical Remote Code Execution Flaw in vm2 Sandbox Library |
Vulnerebility |
The Hacker News |
|
1.4.23 |
Hackers Exploiting WordPress Elementor Pro Vulnerability: Millions of Sites at Risk! |
Vulnerebility |
The Hacker News |
|
1.4.23 |
Cacti, Realtek, and IBM Aspera Faspex Vulnerabilities Under Active Exploitation |
Vulnerebility |
The Hacker News |
|
1.4.23 |
Microsoft Fixes New Azure AD Vulnerability Impacting Bing Search and Major Apps |
Vulnerebility |
The Hacker News |
31.3.23 |
Researchers Detail Severe "Super FabriXss" Vulnerability in Microsoft Azure SFX |
Vulnerebility |
The Hacker News |
31.3.23 |
New Wi-Fi Protocol Security Flaw Affecting Linux, Android and iOS Devices |
Vulnerebility |
The Hacker News |
28.3.23 |
Microsoft Issues Patch for aCropalypse Privacy Flaw in Windows Screenshot Tools |
Vulnerebility |
The Hacker News |
|
24.3.23 |
Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites |
Vulnerebility |
The Hacker News |
|
17.3.23 |
Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips |
Vulnerebility |
The Hacker News |
16.3.23 |
SAP releases security updates fixing five critical vulnerabilities |
Vulnerebility |
Bleepingcomputer |
16.3.23 |
Microsoft fixes Outlook zero-day used by Russian hackers since April 2022 |
Vulnerebility |
Bleepingcomputer |
16.3.23 |
Microsoft March 2023 Patch Tuesday fixes 2 zero-days, 83 flaws |
Vulnerebility |
Bleepingcomputer |
16.3.23 |
Fortinet: New FortiOS bug used as zero-day to attack govt networks |
Vulnerebility |
Bleepingcomputer |
15.3.23 |
Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack |
Vulnerebility |
The Hacker News |
14.3.23 |
Fortinet FortiOS Flaw Exploited in Targeted Cyberattacks on Government Entities |
Vulnerebility |
The Hacker News |
13.3.23 |
Researchers Uncover Over a Dozen Security Flaws in Akuvox E11 Smart Intercom |
Vulnerebility |
The Hacker News |
11.3.23 |
CISA warns of critical VMware RCE flaw exploited in attacks |
Vulnerebility |
Bleepingcomputer |
10.3.23 |
SonicWall devices infected by malware that survives firmware upgrades |
Vulnerebility |
Bleepingcomputer |
10.3.23 |
Bitwarden flaw can let hackers steal passwords using iframes |
Vulnerebility |
Bleepingcomputer |
10.3.23 |
Fortinet warns of new critical unauthenticated RCE vulnerability |
Vulnerebility |
Bleepingcomputer |
10.3.23 |
Veeam fixes bug that lets hackers breach backup infrastructure |
Vulnerebility |
Bleepingcomputer |
9.3.23 |
New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access |
Vulnerebility |
The Hacker News |
9.3.23 |
Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks |
Vulnerebility |
The Hacker News |
8.3.23 |
CISA's KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems |
Vulnerebility |
The Hacker News |
6.3.23 |
Experts Discover Flaw in U.S. Govt's Chosen Quantum-Resistant Encryption Algorithm |
Vulnerebility |
The Hacker News |
3.3.23 |
New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprises Devices |
Vulnerebility |
The Hacker News |
|
2.3.23 |
Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack |
Vulnerebility |
The Hacker News |
23.2.23 |
The Secret Vulnerability Finance Execs are Missing |
Vulnerebility |
The Hacker News |
22.2.23 |
VMware Patches Critical Vulnerability in Carbon Black App Control Product |
Vulnerebility |
The Hacker News |
20.2.23 |
Fortinet Issues Patches for 40 Flaws Affecting FortiWeb, FortiOS, FortiNAC, and FortiProxy |
Vulnerebility |
The Hacker News |
|
17.2.23 |
Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software |
Vulnerebility |
The Hacker News |
|
15.2.23 |
Update Now: Microsoft Releases Patches for 3 Actively Exploited Windows Vulnerabilities |
Vulnerebility |
The Hacker News |
|
9.2.23 |
Critical Infrastructure at Risk from New Vulnerabilities Found in Wireless IIoT Devices |
Vulnerebility |
The Hacker News |
|
9.2.23 |
OpenSSL Fixes Multiple New Security Flaws with Latest Update |
Vulnerebility |
The Hacker News |
|
7.2.23 |
VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree |
Vulnerebility |
The Hacker News |
|
6.2.23 |
OpenSSH Releases Patch for New Pre-Auth Double Free Vulnerability |
Vulnerebility |
The Hacker News |
|
6.2.23 |
Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered |
Vulnerebility |
The Hacker News |
|
3.2.23 |
Atlassian's Jira Software Found Vulnerable to Critical Authentication Vulnerability |
Vulnerebility |
The Hacker News |
|
3.2.23 |
New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products |
Vulnerebility |
The Hacker News |
|
1.2.23 |
Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility |
Vulnerebility |
The Hacker News |
|
1.2.23 |
Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software |
Vulnerebility |
The Hacker News |
|
31.1.23 |
QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates |
Vulnerebility |
The Hacker News |
|
31.1.23 |
Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices |
Vulnerebility |
The Hacker News |
|
28.1.23 |
Microsoft Urges Customers to Secure On-Premises Exchange Servers |
Vulnerebility |
The Hacker News |
|
28.1.23 |
ISC Releases Security Patches for New BIND DNS Software Vulnerabilities |
Vulnerebility |
The Hacker News |
|
25.1.23 |
VMware Releases Patches for Critical vRealize Log Insight Software Vulnerabilities |
Vulnerebility |
The Hacker News |
|
25.1.23 |
Security Navigator Research: Some Vulnerabilities Date Back to the Last Millennium |
Vulnerebility |
The Hacker News |
|
19.1.23 |
New Microsoft Azure Vulnerability Uncovered — Experts Warn of RCE Attacks |
Vulnerebility |
The Hacker News |
|
18.1.23 |
Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers |
Vulnerebility |
The Hacker News |
|
17.1.23 |
Microsoft Azure Services Flaws Could've Exposed Cloud Resources to Unauthorized Access |
Vulnerebility |
The Hacker News |
|
14.1.23 |
Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability |
Vulnerebility |
The Hacker News |
|
14.1.23 |
Cisco Issues Warning for Unpatched Vulnerabilities in EoL Business Routers |
Vulnerebility |
The Hacker News |
|
14.1.23 |
FortiOS Flaw Exploited as Zero-Day in Attacks on Government and Organizations |
Vulnerebility |
The Hacker News |
|
12.1.23 |
Experts Detail Chromium Browser Security Flaw Putting Confidential Data at Risk |
Vulnerebility |
The Hacker News |
|
12.1.23 |
Alert: Hackers Actively Exploiting Critical "Control Web Panel" RCE Vulnerability |
Vulnerebility |
The Hacker News |
|
12.1.23 |
Microsoft Issues January 2023 Patch Tuesday Updates, Warns of Zero-Day Exploit |
Vulnerebility |
The Hacker News |
|
12.1.23 |
Severe Security Flaw Found in "jsonwebtoken" Library Used by 22,000+ Projects |
Vulnerebility |
The Hacker News |
|
12.1.23 |
Millions of Vehicles at Risk: API Vulnerabilities Uncovered in 16 Major Car Brands |
Vulnerebility |
The Hacker News |
|
12.1.23 |
Fortinet and Zoho Urge Customers to Patch Enterprise Software Vulnerabilities |
Vulnerebility |
The Hacker News |
|
12.1.23 |
Qualcomm Chipsets and Lenovo BIOS Get Security Updates to Fix Multiple Flaws |
Vulnerebility |
The Hacker News |
|
12.1.23 |
Synology Releases Patch for Critical RCE Vulnerability Affecting VPN Plus Servers |
Vulnerebility |
The Hacker News |
|
12.1.23 |
WordPress Security Alert: New Linux Malware Exploiting Over Two Dozen CMS Flaws |
Vulnerebility |
The Hacker News |
| |
Vulnerebility | |