High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server
Several security flaws were discovered that could be exploited to achieve denial-of-service (DoS) and remote code execution
Read More...
Apple emergency updates fix 3 new zero-days exploited in attacks
Local attackers can exploit this flaw (CVE-2023-41992) to escalate privileges
Read More...
GitLab Releases Urgent Security Patches for Critical Vulnerability
The vulnerability has been addressed in GitLab versions 16.3.4 and 16.2.7.
Read More...
Microsoft September 2023 Patch Tuesday fixes 2 zero-days, 59 flaws
Microsoft has fixed an actively exploited local privilege elevation vulnerability that allows attackers to gain SYSTEM privileges
Read More...
Google Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild – Update Now
CVE-2023-41064 relates to a buffer overflow issue in the Image I/O component that could lead to arbitrary code execution when processing a maliciously crafted image
Read More...
CISA warns of critical Apache RocketMQ bug exploited in attacks
Multiple threat actors are possibly exploiting the vulnerability at the moment to install various payloads on impacted systems
Read More...
Apple zero-click iMessage exploit used to infect iPhones with spyware
The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim
Read More...
WordPress migration add-on flaw could lead to data breaches
The flaw, tracked as CVE-2023-40004, allows unauthenticated users to access and manipulate token configurations on the affected extensions
Read More...
VMware Aria vulnerable to critical SSH authentication bypass flaw
A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI
Read More...
Ivanti Warns of Critical Zero-Day Flaw Being Actively Exploited in Sentry Software
If exploited, this vulnerability enables an unauthenticated actor to access some sensitive APIs that are used to configure the Ivanti Sentry on the administrator portal
Read More...