Vulnerabilities
Critical vulnerability discovered in Bitbucket Server and Data Center
TheCISO -
Security researcher "The Grand Pew" discovered a critical command injection vulnerability in a Bitbucket product.
The vulnerability is tracked as CVE-2022-36804 and is a command...
Palo Alto PAN-OS Flaw Added to CISA’s “Known Exploited Vulnerabilities Catalog”
TheCISO -
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw impacting Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities Catalog, based on...
GitLab Patches Critical Vulnerability
GitLab has released a security update to address a critical vulnerability that may lead to remote code execution.
The vulnerability is tracked as CVE-2022-2884 and...
Apple Releases Patches Fixing 39 Vulnerabilities
In recent security updates released on March 14, Apple releases patches fixing 39 vulnerabilities several of which could allow an attacker to execute arbitrary...
Update Chrome Now to Patch an Actively Exploited Zero-Day Vulnerability
Google has released an update for its Chrome browser that includes eleven security fixes, one of which has been reportedly exploited in the wild....
New Vulnerabilities Allow Hackers to Crash Siemens PLCs
Independent ICS security researcher Gao Jian recently discovered new vulnerabilities which can allow hackers to remotely crash Siemens PLCs.
The vulnerabilities have been reported...
Cisco patched 15 Vulnerabilities in Cisco Small Business RV Series Routers
On February 2, Cisco published an advisory for 15 vulnerabilities in its Small Business RV Series Routers. Three of the 15 vulnerabilities listed in...
Developers Accidentally Turned Off CSRF Protection in Popular PHP Framework
TheCISO -
Developers of the popular Symfony PHP framework have reversed a recent change that accidentally turned off protection against cross-site request forgery (CSRF) attacks.
Affected...
53% of Connected Medical Devices Have Serious Vulnerabilities
Critical device risks in hospital environments leave hospitals and patients vulnerable to cyber-attacks and data security issues.
Cyberio, in its 2022 "State of Healthcare IoT...
13 Known Exploited Vulnerabilities Added to CISA Catalog
CISA has added 13 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed...
CISCO Recently Patched Critical Vulnerabilities
TheCISO -
Cisco has patched a pair of vulnerabilities in its telco-focused Cisco Redundancy Configuration Manager (RCM) for Cisco StarOS software, including a critical flaw that...
You Need to Patch Windows Remote Desktop Vulnerability Now
TheCISO -
CyberArk researched discovered a Windows Remote Desktop (RDP) vulnerability tracked as CVE-2022-21893, which you need to patch now!
Vulnerability Description
This vulnerability enables any standard unprivileged...