Please turn on your JavaScript for this page to function normally.
arcserve
PoCs for critical Arcserve UDP vulnerabilities released

Arcserve has fixed critical security vulnerabilities (CVE-2023-41998, CVE-2023-41999, CVE-2023-42000) in its Unified Data Protection (UDP) solution, PoCs for which have been …

Splunk
PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214)

A proof-of-concept (PoC) exploit for a high-severity flaw in Splunk Enterprise (CVE-2023-46214) that can lead to remote code execution has been made public. Users are advised …

Sophos
Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671)

CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been …

atlassian confluence
Atlassian Confluence data-wiping vulnerability exploited

Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances’ database, …

ransomware
Attackers exploiting Apache ActiveMQ flaw to deliver ransomware (CVE-2023-46604)

Ransomware-wielding attackers are trying to break into servers running outdated versions of Apache ActiveMQ by exploiting a recently fixed vulnerability (CVE-2023-46604). …

F5
F5 BIG-IP vulnerabilities leveraged by attackers: What to do?

The two BIG-IP vulnerabilities (CVE-2023-46747, CVE-2023-46748) F5 Networks has recently released hotfixes for are being exploited by attackers in the wild, the company has …

F5
F5 fixes critical BIG-IP vulnerability, PoC is public (CVE-2023-46747)

F5 Networks has released hotfixes for two vulnerabilities affecting its BIG-IP multi-purpose networking devices/modules, including a critical authentication bypass …

Linux
“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911)

A vulnerability (CVE-2023-4911) in the GNU C Library (aka “glibc”) can be exploited by attackers to gain root privileges on many popular Linux distributions, …

WinRAR
Fake WinRAR PoC spread VenomRAT malware

An unknown threat actor has released a fake proof of concept (PoC) exploit for CVE-2023-4047, a recently fixed remote code execution (RCE) vulnerability in WinRAR, to spread …

VMware
VMware fixes critical vulnerability in Aria Operations for Networks (CVE-2023-34039)

VMware has patched one critical (CVE-2023-34039) and one high-severity vulnerability (CVE-2023-20890) in Aria Operations for Networks, its popular enterprise network …

Juniper Networks
PoC for no-auth RCE on Juniper firewalls released

Researchers have released additional details about the recently patched four vulnerabilities affecting Juniper Networks’ SRX firewalls and EX switches that could allow …

Citrix ShareFile
Citrix ShareFile vulnerability actively exploited (CVE-2023-24489)

CVE-2023-24489, a critical Citrix ShareFile vulnerability that the company has fixed in June 2023, is being exploited by attackers. GreyNoise has flagged on Tuesday a sudden …

Don't miss

Cybersecurity news