Penetration Testing

NOVEMBER 3, 2024

These... The post CVE-2024-8956 & CVE-2024-8957: Two Actively Exploited Vulnerabilities in PTZ Cameras appeared first on Cybersecurity News.

Cybersecurity 132

Cybersecurity 132

Penetration Testing

DECEMBER 10, 2024

The update, rolling out progressively to Windows, Mac, and Linux... The post Google Chrome Patches High-Severity Vulnerabilities – CVE-2024-12381 & CVE-2024-12382 appeared first on Cybersecurity News.

Cybersecurity 124

Cybersecurity 124

Penetration Testing

OCTOBER 30, 2024

ServiceNow, a leading cloud-based enterprise platform, has recently addressed two significant vulnerabilities, CVE-2024-8923 and CVE-2024-8924, which posed serious risks to organizations using its Now Platform. appeared first on Cybersecurity News.

Risk 141

Risk Cybersecurity 141

Penetration Testing

NOVEMBER 19, 2024

CVE-2024-47533 exposes Cobbler servers to unauthorized access and control, enabling attackers to manipulate system configurations.

Cybersecurity 129

Cybersecurity 129

Penetration Testing

DECEMBER 22, 2024

The Apache Software Foundation recently released a critical security update to address a remote code execution (RCE) vulnerability in Apache Tomcat, identified as CVE-2024-56337.

Software 140

Software Cybersecurity 140

Penetration Testing

OCTOBER 30, 2024

In a thrilling showdown at the recent Pwn2Own Ireland 2024 hacking competition, white hat hackers YingMuo (@YingMuo), in collaboration with the DEVCORE Internship Program, successfully exploited a critical zero-day vulnerability... The post CVE-2024-50387: Critical QNAP Flaw Exploited in Hacking Contest, Patch Now!

Hacking 124

Hacking Cybersecurity 124

Penetration Testing

DECEMBER 3, 2024

One of these... The post CVE-2024-42448 (CVSS 9.9): Critical RCE Vulnerability in Veeam VSPC appeared first on Cybersecurity News. Veeam Software, a prominent provider of backup and disaster recovery solutions, has released urgent security updates to address two critical vulnerabilities in its Service Provider Console (VSPC).

Backups 137

Backups Software Cybersecurity 137

Penetration Testing

NOVEMBER 7, 2024

Veeam recently disclosed a new security vulnerability, tracked as CVE-2024-40715, that impacts Veeam Backup Enterprise Manager. this flaw is classified as a high-severity vulnerability,... The post CVE-2024-40715: Authentication Bypass Threat in Veeam Backup Enterprise Manager appeared first on Cybersecurity News.

Backups 114

Backups Authentication Cybersecurity 114

Penetration Testing

DECEMBER 31, 2024

A security researcher published a proof-of-concept (PoC) exploit for CVE-2024-21182, a critical vulnerability in Oracle WebLogic Server. Rated at CVSS 7.5,

Cybersecurity 115

Cybersecurity 115

Penetration Testing

NOVEMBER 11, 2024

A newly discovered security vulnerability, CVE-2024-47295, affecting multiple SEIKO EPSON products, could allow attackers to take control of devices with administrative privileges.

Risk 120

Risk Passwords Cybersecurity 120

Penetration Testing

NOVEMBER 15, 2024

A critical vulnerability (CVE-2024-49369) has been discovered in Icinga 2, a... The post CVE-2024-49369 (CVSS 9.8): Critical Flaw in Icinga 2 Allows for Impersonation and RCE appeared first on Cybersecurity News.

Cybersecurity 126

Cybersecurity 126

Penetration Testing

NOVEMBER 25, 2024

The vulnerability, identified as... The post Palo Alto Networks Warns of GlobalProtect App Flaw with Public Exploit Code (CVE-2024-5921) appeared first on Cybersecurity News.

Software 135

Software Cybersecurity 135

Penetration Testing

NOVEMBER 4, 2024

In its November 2024 security update, Google has addressed 40 security vulnerabilities in the Android operating system, two of which are flagged as actively exploited: CVE-2024-43047 and CVE-2024-43093.

Cybersecurity 93

Cybersecurity 93

Penetration Testing

NOVEMBER 5, 2024

In a recent analysis, cybersecurity researchers Hichem Maloufi and Christian Mina detailed CVE-2024-44258, a symlink vulnerability affecting Apple’s ManagedConfiguration framework and the profiled daemon.

Cybersecurity 132

Cybersecurity 132

Penetration Testing

NOVEMBER 23, 2024

Tracked as CVE-2024-9511 and assigned a CVSS v3.1 the... The post CVE-2024-9511 (CVSS 9.8): Critical Flaw in FluentSMTP Plugin Exposes Over 300,000 WordPress Sites to Potential Takeover appeared first on Cybersecurity News. score of 9.8,

Cybersecurity 111

Cybersecurity 111

Penetration Testing

NOVEMBER 16, 2024

Discovered by security researcher Rein Daelman, the flaw (CVE-2024-8856)... The post CVE-2024-8856: WP Time Capsule Plugin Vulnerability Exposes 20,000+ Sites to TakeOver appeared first on Cybersecurity News.

Backups 109

Backups Cybersecurity 109

Penetration Testing

APRIL 24, 2025

A newly disclosed vulnerability in Apples proprietary libAppleArchive library, tracked as CVE-2024-27876, enables attackers to achieve arbitrary file The post CVE-2024-2787: Apple Archive Flaw Enables Arbitrary File Write and Gatekeeper Bypass, PoC Releases appeared first on Daily CyberSecurity.

Cybersecurity 103

Cybersecurity 103

Penetration Testing

DECEMBER 10, 2024

Designated as CVE-2024-44131, this flaw enables malicious applications to bypass user consent mechanisms and... The post Researcher Details CVE-2024-44131 – A Critical TCC Bypass in macOS and iOS appeared first on Cybersecurity News.

Cybersecurity 107

Cybersecurity 107

Penetration Testing

OCTOBER 17, 2024

In a significant discovery by Microsoft Threat Intelligence, a vulnerability in macOS, identified as CVE-2024-44133, has been found to bypass Apple’s Transparency, Consent, and Control (TCC) technology.

Technology 94

Technology Cybersecurity 94

Penetration Testing

NOVEMBER 12, 2024

... The post CVE-2024-8068 & CVE-2024-8069: Citrix Session Recording Manager Unauthenticated RCE Exploits Publicly Available appeared first on Cybersecurity News.

Cybersecurity 89

Cybersecurity 89

Penetration Testing

NOVEMBER 18, 2024

A critical security vulnerability (CVE-2024-52308) in the GitHub Command Line Interface (CLI) has been identified, potentially enabling remote code execution (RCE) on users’ workstations.

Cybersecurity 85

Cybersecurity 85

Penetration Testing

NOVEMBER 28, 2024

Security researchers from TrustedSec have uncovered a critical zero-day vulnerability, CVE-2024-49019, affecting Active Directory Certificate Services (AD CS).

Cybersecurity 111

Cybersecurity 111

Penetration Testing

DECEMBER 16, 2024

Tracked as CVE-2024-55661, this vulnerability could allow authenticated... The post CVE-2024-55661: RCE Vulnerability Discovered in Laravel Pulse Monitoring Tool appeared first on Cybersecurity News.

Authentication 106

Authentication Cybersecurity 106

Penetration Testing

NOVEMBER 21, 2024

Security researcher Ebrahim Shafiei identified the flaw (CVE-2024-52940)... The post CVE-2024-52940: AnyDesk Vulnerability Exposes User IP Addresses, PoC Published appeared first on Cybersecurity News.

Software 98

Software Risk Cybersecurity 98

Penetration Testing

NOVEMBER 25, 2024

The advisory addresses multiple vulnerabilities, including CVE-2024-48860 and CVE-2024-48861, which could allow... The post CVE-2024-48860 (CVSS 9.5): Critical Flaw in QNAP QuRouter, Immediate Update Recommended appeared first on Cybersecurity News.

Cybersecurity 95

Cybersecurity 95

Penetration Testing

OCTOBER 26, 2024

This vulnerability, tracked as CVE-2024-9488 and assigned a CVSSv3 score... The post CVE-2024-9488 (CVSS 9.8): Authentication Bypass Flaw in wpDiscuz Plugin, Over 80,000 Sites at Risk appeared first on Cybersecurity News.

Authentication 108

Authentication Risk Cybersecurity 108

Penetration Testing

MAY 19, 2024

Security researcher Amal Murali recently published the technical details and proof-of-concept (PoC) for critical remote code execution (RCE) vulnerability in Git, tracked as CVE-2024-32002 (CVSS 9.1).

Penetration Testing 145

Penetration Testing 145

Penetration Testing

JUNE 4, 2024

Security researcher Mykola Grymalyuk published the technical details and a proof-of-concept (PoC) exploit code for a vulnerability (CVE-2024-34331) in Parallels Desktop for Mac, a popular virtualization software.

Penetration Testing 145

Penetration Testing Software 145

Penetration Testing

NOVEMBER 6, 2024

Identified as CVE-2024-20418,... The post CVE-2024-20418 (CVSS 10): Cisco URWB Access Points Vulnerable to Remote Takeover appeared first on Cybersecurity News.

Wireless 105

Wireless Software Cybersecurity 105

Penetration Testing

MAY 16, 2024

This vulnerability, tracked as CVE-2024-4984, could allow malicious actors to... The post CVE-2024-4984: Yoast SEO Flaw Exposes Millions of WordPress Sites to Attack appeared first on Penetration Testing.

Penetration Testing 145

Penetration Testing 145

Penetration Testing

MAY 20, 2024

GitHub, the world’s leading software development platform, has disclosed a critical security vulnerability (CVE-2024-4985) in its self-hosted GitHub Enterprise Server (GHES) product.

Authentication 145

Authentication Penetration Testing Software 145

Penetration Testing

NOVEMBER 3, 2024

The vulnerability, identified as CVE-2024-47939 and assigned a CVSS... The post Ricoh Printers and MFPs Vulnerable to Remote Code Execution – CVE-2024-47939 (CVSS 9.8) A critical vulnerability has been discovered in Ricoh’s Web Image Monitor, impacting a wide range of their printer and MFP products.

Cybersecurity 98

Cybersecurity 98

Penetration Testing

MAY 26, 2024

Recently, security researcher Wang Tielei published a proof-of-concept (PoC) exploit codes for a significant privilege escalation vulnerability (CVE-2024-27842) in macOS.

Penetration Testing 143

Penetration Testing 143

Penetration Testing

MAY 21, 2024

These vulnerabilities could allow unauthorized access,... The post CVE-2024-29849 (CVSS 9.8): Veeam’s Backup Nightmare, Full System Access Exposed appeared first on Penetration Testing.

Backups 145

Backups Penetration Testing Software 145

Penetration Testing

MAY 7, 2024

This vulnerability, which allows for... The post CVE-2024-4367 & CVE-2024-34342: JavaScript Flaws Threaten Millions of PDF.js and React-PDF Users appeared first on Penetration Testing.

Penetration Testing 145

Penetration Testing 145

Penetration Testing

NOVEMBER 28, 2024

The vulnerability, tracked as... The post CVE-2024-42330 (CVSS 9.1): Zabbix Patches Critical Remote Code Execution Vulnerability appeared first on Cybersecurity News.

Cybersecurity 111

Cybersecurity 111

Penetration Testing

NOVEMBER 25, 2024

These vulnerabilities range in severity, with some potentially allowing... The post PHP Patches Multi Flaws, Including CVE-2024-8932 (CVSS 9.8), Urges Immediate Update appeared first on Cybersecurity News.

Cybersecurity 96

Cybersecurity 96