A vulnerability with the same root cause as the notorious Log4j flaw has been patched in the console of the hugely popular Java SQL database, H2 Database Engine....
Java RMI services can be attacked through server-side request forgery (SSRF) attacks, according to a detailed analysis of the problem by security researcher Tobias Neitzel. Java RMI is...
A financially-motivated actor dubbed ‘Elephant Beetle’ is stealing millions of dollars from organizations worldwide using an arsenal of over 80 unique tools and scripts. The group...
All set for the weekend? Not so fast. Yesterday, BleepingComputer summed up all the log4j and logback CVEs known thus far. Ever since the critical log4j zero-day saga started...
Users of popular Java logging library Apache Log4j have been urged to apply a second patch related to the critical ‘Log4Shell’ vulnerability after the initial fix...
UPDATED The maintainers of popular Java logging library Apache Log4j have rushed out a patch for a critical vulnerability that could lead to remote code execution (RCE)...
A security researcher says he’s achieved remote code execution (RCE) on older, still downloadable versions of TIBCO Data Virtualization (TDV) software by chaining vulnerabilities in outdated...
A HTTP request smuggling vulnerability in Apache Tomcat has been present “since at least 2015”, the project maintainers have warned. Apache Tomcat is an open source Java servlet container which...
Recent Comments