Analysts at Orca Security have found a critical vulnerability affecting Azure Cosmos DB that allowed unauthenticated read and write access to containers. Named CosMiss, the security...
VMware released security updates to address the CVE-2021-39144 flaw reported by Sina Kheirkhah of MDSec and Steven Seeley of Source Incite on Tuesday. Additionally, because of the severity...
VMware has released security updates today to fix a critical vulnerability in VMware Cloud Foundation, a hybrid cloud platform for running enterprise apps in private or...
A remote code execution flaw in the open-source Apache Commons Text library has some people worried that it could turn into the next Log4Shell. However, most...
Aruba has released security updates for the EdgeConnect Enterprise Orchestrator, addressing multiple critical severity vulnerabilities that enable remote attackers to compromise the host. Aruba EdgeConnect Orchestrator...
Researchers are warning of a critical remote code execution flaw in ‘vm2’, a JavaScript sandbox library downloaded over 16 million times per month via the NPM...
Hackers are actively exploiting an unpatched remote code execution (RCE) vulnerability in Zimbra Collaboration Suite (ZCS), a widely deployed web client and email server. The zero-day...
The Cybersecurity and Infrastructure Security Agency (CISA) has added three more security flaws to its list of bugs exploited in attacks, including a Bitbucket Server RCE and...
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical severity Java deserialization vulnerability affecting multiple Zoho ManageEngine products to its catalog of bugs exploited...
Researchers have observed a surge in hacking attempts targeting CVE-2022-24086, a critical Magento 2 vulnerability allowing unauthenticated attackers to execute code on unpatched sites. Magento is...
Recent Comments