On October 25, 2022, the OpenSSL project announced that OpenSSL (v3.0.7) would be released to fix a serious security flaw. On Tuesday, November 1,…
Vulnerabilities
Jira Align vulnerabilities allow getting super admin rights
The researcher says that it was theoretically conceivable to move laterally or upward beyond the instance. Jira Align vulnerabilities allow getting super admin rights.…
Fortinet products have a serious authentication issue.
Customers are being urged by Fortinet to repair a serious authentication bypass flaw that has already been used in the wild. Fortinet products contain…
SQLite Database Library Reported a 22-Year-Old Vulnerability
The SQLite database library has a high-severity vulnerability that was introduced as part of a code update that dates all the way back to…
Widespread website hijack danger is caused by hidden DNS resolver vulnerabilities
WordPress installations at risk from a cache poisoning attack due to faked password resets. Security researchers caution that hidden DNS resolvers can be used…
Emotet Delivery and Evasion Techniques Used in Recent Attacks Revealed by New Report
According to recent research from VMware, emotet delivery and evasion techniques used in recent attacks revealed, threat actors linked to the infamous Emotet virus…
Hackers Using Zimbra Collaboration Suite’s Unpatched RCE Flaw
There is currently no patch available to fix a serious remote code execution vulnerability(RCE Flaw) in the enterprise collaboration software and email platform provided…
FortiGate and FortiProxy Have a New Auth Bypass Flaw, According to Fortinet
A security weakness affecting FortiGate firewalls and FortiProxy web proxies. These proxies can allow an attacker to carry out unauthorized actions on vulnerable systems(Auth…
A serious open source flaw WebPageTest is still not patched.
After a talk, a blog post, and public publication, the RCE exploit is still open for discussion. The maintainers of the WebPageTest project seem…
PHP package manager component Packagist vulnerable to compromise
A flaw in argument injection made RCE risky SonarSource researchers discovered a vulnerability in one of Composer’s key parts that might have been exploited…