Collaborate Disseminate
Versa Networks has released patches for a Versa Director vulnerability for which proof-of-concept (PoC) code exists.
The post Versa Networks Patches Vulnerability Exposing Authentication Tokens appeared first on SecurityWeek.
Continue reading Versa Networks Patches Vulnerability Exposing Authentication Tokens
In addition to the Ivanti CSA flaw CVE-2024-8190, another vulnerability affecting the same product, tracked as CVE-2024-8963, has been exploited.
The post Ivanti Warns of Second CSA Vulnerability Exploited in Attacks appeared first on SecurityWeek.
Continue reading Ivanti Warns of Second CSA Vulnerability Exploited in Attacks
Atlassian’s September 2024 monthly security bulletin details multiple high-severity vulnerabilities in four products.
The post Atlassian Patches Vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd appeared first on SecurityWeek.
Continue reading Atlassian Patches Vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd
GitLab has patched a critical-severity SAML authentication bypass affecting both Community Edition (CE) and Enterprise Edition (EE) instances.
The post GitLab Patches Critical Authentication Bypass Vulnerability appeared first on SecurityWeek.
Continue reading GitLab Patches Critical Authentication Bypass Vulnerability
CISA and the FBI have released an alert on XSS vulnerabilities, urging organizations to adopt a secure by design approach and eliminate them.
The post CISA, FBI Urge Organizations to Eliminate XSS Vulnerabilities appeared first on SecurityWeek.
Continue reading CISA, FBI Urge Organizations to Eliminate XSS Vulnerabilities
Google has released Chrome 129 with patches for nine vulnerabilities, including a high-severity bug in the V8 engine.
The post Chrome 129 Patches High-Severity Vulnerability in V8 Engine appeared first on SecurityWeek.
Continue reading Chrome 129 Patches High-Severity Vulnerability in V8 Engine
VMware warned that an attacker with network access could send a specially crafted packet to execute remote code. CVSS severity score 9.8/10.
The post VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest appeared first on SecurityW… Continue reading VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest
D-Link has released patches for critical vulnerabilities that could allow attackers to execute arbitrary code and commands on routers.
The post D-Link Patches Critical Router Vulnerabilities appeared first on SecurityWeek.
Continue reading D-Link Patches Critical Router Vulnerabilities
Two recently patched Progress Software WhatsUp Gold vulnerabilities may have been exploited in the wild, possibly in ransomware attacks.
The post Recent WhatsUp Gold Vulnerabilities Possibly Exploited in Ransomware Attacks appeared first on SecurityWeek.
Continue reading Recent WhatsUp Gold Vulnerabilities Possibly Exploited in Ransomware Attacks
Apple warns that attackers can use Siri to access sensitive user data, control nearby devices, or view recent photos without authentication.
The post Apple Patches Major Security Flaws with iOS 18 Refresh appeared first on SecurityWeek.
Continue reading Apple Patches Major Security Flaws with iOS 18 Refresh