Lucene search
K

12 matches found

Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-48234

21 zero-day vulnerabilities in FFmpeg, the world’s most widely deployed media processing library, including a critical RCE-capable heap buffer overflow reachable with a single 183-byte network packet. The autonomous agent discovered vulnerabilities spanning the TS demuxer, VP9 decoder, RTP...

6.1AI score
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2025/07/15 9:30 a.m.11 views

Patch Tuesday - July 2025

Microsoft is addressing 137 vulnerabilities this July 2025 Patch Tuesday, which is above average. Microsoft is aware of public disclosure for just one of the vulnerabilities published today, and Microsoft isn’t aware of in-the-wild exploitation for any of today’s batch. This is the tenth...

8.8CVSS9.5AI score0.1017EPSS
Exploits10
Wiz blog
Wiz blog
added 2025/01/09 2:23 p.m.25 views

CVE-2025-0282 and CVE-2025-0283: Critical Ivanti 0days Exploited in the Wild

Detect and mitigate CVE-2025-0282, a critical RCE vulnerability in Ivanti Connect Secure and CVE-2025-0283, exploited as 0day vulnerabilities in the wild. Organizations should patch urgently...

9CVSS7AI score0.99971EPSS
Exploits13
Rapid7 Blog
Rapid7 Blog
added 2024/10/08 9:28 p.m.6 views

Patch Tuesday - October 2024

Microsoft is addressing 118 vulnerabilities this October 2024 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation and/or public disclosure for five of the vulnerabilities published today, although it does not rate any of these as critical yet. Of those five, Microsoft lists two as...

8.1CVSS9.4AI score0.60954EPSS
Exploits2
Rapid7 Blog
Rapid7 Blog
added 2024/09/10 8:49 p.m.76 views

Patch Tuesday - September 2024

Microsoft is addressing 79 vulnerabilities this September 2024 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation and/or public disclosure for four of the vulnerabilities published today; at time of writing, all four are listed on CISA KEV. Microsoft is also patching four critical...

9.9CVSS9.1AI score0.8399EPSS
Exploits3
Malwarebytes
Malwarebytes
added 2024/06/17 7:3 a.m.32 views

A week in security (June 10 – June 16)

Last week on Malwarebytes Labs: Truist bank confirms data breach Update now! Google Pixel vulnerability is under active exploitation Adobe clarifies Terms of Service change, says it doesn’t train AI on customer content 23andMe data breach under joint investigation in two countries When things go...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/04/09 8:28 p.m.5 views

Patch Tuesday - April 2024

Microsoft is addressing 149 vulnerabilities this April 2024 Patch Tuesday, which is significantly more than usual. For the second month in a row, Microsoft indicated that they weren't aware of prior public disclosure or exploitation in the wild for any of the vulnerabilities patched today. Howeve...

9CVSS9.4AI score0.87784EPSS
Exploits6
Rapid7 Blog
Rapid7 Blog
added 2024/02/13 9:26 p.m.126 views

Patch Tuesday - February 2024

Microsoft is addressing 73 vulnerabilities this February 2024 Patch Tuesday, including two actually, three! zero-day/exploited-in-the-wild vulnerabilities, both of which are already included on the CISA KEV list. Today also brings patches for two critical remote code execution RCE vulnerabilities...

7.5CVSS10AI score0.99995EPSS
Exploits41
The Hacker News
The Hacker News
added 2022/12/09 5:16 p.m.60 views

New TrueBot Malware Variant Leveraging Netwrix Auditor Bug and Raspberry Robin Worm

Cybersecurity researchers have reported an increase in TrueBot infections, primarily targeting Mexico, Brazil, Pakistan, and the U.S. Cisco Talos said the attackers behind the operation have moved from using malicious emails to alternative delivery methods such as the exploitation of a now-patche...

9.8CVSS1AI score0.36152EPSS
Exploits1
ThreatPost
ThreatPost
added 2022/01/11 9:54 p.m.83 views

Microsoft Faces Wormable, Critical RCE Bug & 6 Zero-Days

Microsoft has addressed a total of 97 security vulnerabilities in its January 2022 Patch Tuesday update – nine of them rated critical – including six that are listed as publicly known zero-days. The fixes cover a swath of the computing giant’s portfolio, including: Microsoft Windows and Windows...

10CVSS9.2AI score0.9279EPSS
Exploits24References22
The Hacker News
The Hacker News
added 2021/06/05 10:58 a.m.686 views

ALERT: Critical RCE Bug in VMware vCenter Server Under Active Attack

Malicious actors are actively mass scanning the internet for vulnerable VMware vCenter servers that are unpatched against a critical remote code execution flaw, which the company addressed late last month. The ongoing activity was detected by Bad Packets on June 3 and corroborated yesterday by...

10CVSS1AI score0.99999EPSS
Exploits58
The Hacker News
The Hacker News
added 2021/03/18 4:8 p.m.190 views

Critical RCE Flaw Reported in MyBB Forum Software—Patch Your Sites

A pair of critical vulnerabilities in a popular bulletin board software called MyBB could have been chained together to achieve remote code execution RCE without the need for prior access to a privileged account. The flaws, which were discovered by independent security researchers Simon Scannell...

8.8CVSS0.7AI score0.1059EPSS
Exploits13
Rows per page
Query Builder