Category Archives: Vulnerabilities
Barracuda urges customers to replace Email Security Gateway
Barracuda advises immediate replacement of Email Security Gateway appliances due to a critical vulnerability, safeguarding organizations from potential security risks.
Zero-day vulnerability in the MOVEit file transfer application
Learn about the zero-day vulnerability in the MOVEit file transfer application and how it can potentially compromise data security.
Critical Jetpack Plugin Flaw Addressed in Urgent WordPress Update for Millions of Sites
Protect your website now! Urgent WordPress Update resolves critical Jetpack Plugin flaw, effecting millions of sites worldwide. Stay safe online! Introduction In the world of web development, WordPress has been the go-to platform for millions of websites. Its extensive range of plugins provides added functionality and features to enhance the user experience. However, recently a…
Vulnerability With Arris Routers
Remote code execution vulnerability in Arris routers. ISPs typically provide these routers in loan for customers’ telephony and internet access.
Is Your Microsoft Exchange Server Vulnerable to ProxyNotShell Flaw?
There are approximately 60,000 IP addresses with internet-facing Microsoft Exchange Server instances still vulnerable
Workaround For One-Click 0Day Vulnerability Follina
Microsoft announced its workaround for a zero-day vulnerability that has already been used by hackers. A threat actor already has exploited the vulnerability to target organizations in Russia and Tibet, researchers said. This vulnerability was identified back in April and is dubbed ‘Follina’. Microsoft’s own tool reported a flaw in the way it handled remote…
Synology And QNAP Critical Netatalk Vulnerability
Synology and QNAP has warned its customers that it has found serious vulnerabilities in its NAS devices. The flaws, which exist in its network-attached storage (NAS) appliances, could allow attackers to gain remote access to vulnerable systems, modify data or execute malicious code. QNAP, urged its users to disable their NAS devices’ AFP file service…
Vulnerability in Spring Java framework called Spring4Shell
Spring4Shell CVE-2022-22965, a critical vulnerability has been found in Spring, an open source programming framework for the Java platform. It could allow hackers to take control of your system. Details about the vulnerability were leaked to the public before the patch was released. Fortunately, only a small number of users have been affected. The VMware…
OpenSSL Infinite Loop Vulnerability
The US National Security Agency (NSA) officials have recently discovered a vulnerability in the OpenSSL cryptographic library. This vulnerability can be used to conduct denial-of-service attacks and can be easily weaponized by its potential attackers. OpenSSL is a popular cryptography library used to encrypt data and verify digital signatures. The bug affects the BN_mod_sqrt() function,…
APC Smart UPS Zero Day Vulnerability
Three critical Zero Day vulnerabilities have been uncovered in popular uninterruptible power supply APC-SMART UPS devices. They could be exploited and used to bring down infrastructure and even cause physical harm. A malicious actor could exploit these flaws and cause severe service disruptions, data loss, and even lead to a potential injury. Researchers from Armis…