-
ScreenConnect critical bug now under attack as exploit code emerges
Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its remote desktop and access software.
- February 21, 2024
- 12:18 PM
1
-
Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks
Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and to deploy Clop ransomware.
- November 09, 2023
- 09:28 AM
2
-
Over 3,000 Openfire servers vulnerable to takover attacks
Thousands of Openfire servers remain vulnerable to CVE-2023-32315, an actively exploited and path traversal vulnerability that allows an unauthenticated user to create new admin accounts.
- August 23, 2023
- 03:36 PM
- 0
-
GitLab 'strongly recommends' patching max severity flaw ASAP
GitLab has released an emergency security update, version 16.0.1, to address a maximum severity (CVSS v3.1 score: 10.0) path traversal flaw tracked as CVE-2023-2825.
- May 24, 2023
- 03:25 PM
- 0
-
Fortinet: New FortiOS bug used as zero-day to attack govt networks
Unknown attackers used zero-day exploits to abuse a new FortiOS bug patched this month in attacks targeting government and large organizations that have led to OS and file corruption and data loss.
- March 13, 2023
- 06:38 PM
- 0
-
Unpatched 15-year old Python bug allows code execution in 350k projects
A vulnerability in the Python programming language that has been overlooked for 15 years is now back in the spotlight as it likely affects more than 350,000 open-source repositories and can lead to code execution.
- September 21, 2022
- 12:45 PM
- 0
-
CISA warns of Windows and UnRAR flaws exploited in the wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two more flaws to its catalog of Known Exploited Vulnerabilities, based on evidence of active exploitation.
- August 09, 2022
- 07:07 PM
- 0
-
Western Digital app bug gives elevated privileges in Windows, macOS
Western Digital's EdgeRover desktop app for both Windows and Mac are vulnerable to local privilege escalation and sandboxing escape bugs that could allow the disclosure of sensitive information or denial of service (DoS) attacks.
- March 20, 2022
- 10:11 AM
- 0
-
Grafana fixes zero-day vulnerability after exploits spread over Twitter
Open-source analytics and interactive visualization solution Grafana received an emergency update today to fix a high-severity, zero-day vulnerability that enabled remote access to local files.
- December 07, 2021
- 05:46 PM
- 1
-
Apache emergency update fixes incomplete patch for exploited bug
Apache Software Foundation has released HTTP Web Server 2.4.51 after researchers discovered that a previous security update didn't correctly fix an actively exploited vulnerability.
- October 07, 2021
- 04:35 PM
- 1
-
Actively exploited Apache 0-day also allows remote code execution
Proof-of-Concept (PoC) exploits for the Apache web server zero-day surfaced on the internet revealing that the vulnerability is far more critical than originally disclosed. These exploits show that the scope of the vulnerability transcends path traversal, allowing attackers remote code execution (RCE) abilities.
- October 06, 2021
- 11:29 AM
- 1
-
Critical Cloudflare CDN flaw allowed compromise of 12% of all sites
Cloudflare has fixed a critical vulnerability in its free and open-source CDNJS potentially impacting 12.7% of all websites on the internet. CDNJS serves millions of websites with over 4,000 JavaScript and CSS libraries stored publicly on GitHub, making it the second-largest JavaScript CDN.
- July 16, 2021
- 06:29 AM
- 0
-
Heavily used Node.js package has a code injection vulnerability
The heavily downloaded Node.js library "systeminformation" has a severe command injection vulnerability tracked as CVE-2021-21315.
- February 24, 2021
- 06:37 AM
- 0
-
SAP updates security note for critical RECON vulnerability
SAP today released its security patches for August, alerting of new critical and high-severity vulnerabilities in several of its products, mostly NetWeaver Application Server (AS).
- August 11, 2020
- 05:49 PM
- 0
-
KDE archive tool flaw let hackers take over Linux accounts
A vulnerability exists in the default KDE extraction utility called ARK that allows attackers to overwrite files or execute code on victim's computers simply by tricking them into downloading an archive and extracting it.
- July 30, 2020
- 07:01 PM
- 0
-
Remove the Theonlinesearch.com Search Redirect
Filed Under: Adware -
Remove the Smartwebfinder.com Search Redirect
Filed Under: Adware -
How to remove the PBlock+ adware browser extension
Filed Under: Adware -
Remove the Toksearches.xyz Search Redirect
Filed Under: Adware -
Remove the Smashapps.net Search Redirect
Filed Under: Adware
-
Version: 5.0.17.995M+ Downloads
-
Version: 4.14.12M+ Downloads
-
McAfee Consumer Products Removal tool
Version: NA442,274 Downloads -
Version: 8.4.0.056M+ Downloads
-
Version: 1.4.1.101724,974 Downloads
