vulnerability

CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering web pages on Windows – “was …

Among the security updates released by Adobe on Tuesday are those for various versions of Adobe Acrobat and Reader, which fix two critical flaws that could lead to arbitrary …

Ivanti has fixed a slew of vulnerabilities affecting its Endpoint Manager solution, including a maximum severity one (CVE-2024-29847) that may allow unauthenticated attackers …

September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, …

The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-40766 – a recently fixed improper access control vulnerability affecting …

Users of Zyxel network-attached storage (NAS) devices are urged to implement hotfixes addressing a critical and easily exploited command injection vulnerability …

CVE-2024-40711, a critical vulnerability affecting Veeam Backup & Replication (VBR), could soon be exploited by attackers to steal enterprise data. Discovered and …

For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to …

Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute …

Organizations using Fortra’s FileCatalyst Workflow are urged to upgrade their instances, so that attackers can’t access an internal HSQL database by exploiting …

SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific …

A week after SolarWinds released a fix for a critical code-injection-to-RCE vulnerability (CVE-2024-28986) in Web Help Desk (WHD), another patch for another critical flaw …