High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server
Several security flaws were discovered that could be exploited to achieve denial-of-service (DoS) and remote code execution
Read More...Several security flaws were discovered that could be exploited to achieve denial-of-service (DoS) and remote code execution
Read More...Local attackers can exploit this flaw (CVE-2023-41992) to escalate privileges
Read More...The vulnerability has been addressed in GitLab versions 16.3.4 and 16.2.7.
Read More...Microsoft has fixed an actively exploited local privilege elevation vulnerability that allows attackers to gain SYSTEM privileges
Read More...CVE-2023-41064 relates to a buffer overflow issue in the Image I/O component that could lead to arbitrary code execution when processing a maliciously crafted image
Read More...Multiple threat actors are possibly exploiting the vulnerability at the moment to install various payloads on impacted systems
Read More...The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim
Read More...The flaw, tracked as CVE-2023-40004, allows unauthenticated users to access and manipulate token configurations on the affected extensions
Read More...A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI
Read More...If exploited, this vulnerability enables an unauthenticated actor to access some sensitive APIs that are used to configure the Ivanti Sentry on the administrator portal
Read More...