Node.js maintainers have released multiple fixes for vulnerabilities in the JavaScript runtime environment that could lead to arbitrary code execution and HTTP request smuggling, among other...
A high severity vulnerability in OpenSSL could allow a malicious actor to achieve remote code execution (RCE) on server-side devices. OpenSSL is a widely used cryptography...
Gitlab has patched a critical vulnerability that could allow an attacker to execute code remotely. The security issue, which has been rated as critical, has been discovered in...
A path traversal vulnerability in RarLab’s UnRAR binary can lead to remote code execution (RCE) on business email platform Zimbra and can potentially affect other software. The UnRAR...
Oracle has patched a remote code execution (RCE) vulnerability impacting Oracle Fusion Middleware and various other Oracle systems. Security researchers ‘Peterjson’ and ‘Jang’ reported a pair...
QNAP has warned customers today that some of its Network Attached Storage (NAS) devices (with non-default configurations) are vulnerable to attacks that would exploit a three-year-old...
Chinese hackers used a zero-day exploit for a critical-severity vulnerability in Sophos Firewall to compromise a company and breach cloud-hosted web servers operated by the victim....
Two flaws in the web interface of a Fujitsu cloud storage system could allow an unauthenticated attacker to read, write, and destroy backed up files. The...
Chinese-linked threat actors are now actively exploiting a Microsoft Office zero-day vulnerability (known as ‘Follina’) to execute malicious code remotely on Windows systems. Described by Microsoft...
Hackers are massively exploiting a remote code execution vulnerability, CVE-2021-25094, in the Tatsu Builder plugin for WordPress, which is installed on about 100,000 websites. Up to 50,000...
Recent Comments