10 matches found
TencentOS Server 4: firefox (TSSA-2024:0472)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0472 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards
Mozilla has released security updates to address two critical security flaws in its Firefox browser that could be potentially exploited to access sensitive data or achieve code execution. The vulnerabilities, both of which were exploited as a zero-day at Pwn2Own Berlin, are listed below -...
CVE-2025-2777
creationtimestamp| type| source ---|---|--- 2025-05-07 09:31:00+00:00| seen| https://thehackernews.com/2025/05/sysaid-patches-4-critical-flaws.html 2025-05-07 14:15:11+00:00| seen| https://infosec.exchange/users/shadowserver/statuses/114466967388160257 2025-05-07 14:16:50+00:00| seen|...
Adobe Patches 11 Critical ColdFusion Flaws Amid 30 Total Vulnerabilities Discovered
Adobe has released security updates to fix a fresh set of security flaws, including multiple critical-severity bugs in ColdFusion versions 2025, 2023 and 2021 that could result in arbitrary file read and code execution. Of the 30 flaws in the product, 11 are rated Critical in severity -...
Researchers Uncover 46 Critical Flaws in Solar Power Systems From Sungrow, Growatt, and SMA
Cybersecurity researchers have disclosed 46 new security flaws in products from three solar power system vendors, Sungrow, Growatt, and SMA, that could be exploited by a bad actor to seize control of devices or execute code remotely, posing severe risks to electrical grids. The vulnerabilities ha...
Mozilla Thunderbird Security Update (mfsa_2024-44) - Mac OS X
Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation
Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions. Of the three, two are rated Critical in severity. There is currently no evidence that the...
FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks
The U.S. government is warning about the resurgence of BlackCat aka ALPHV ransomware attacks targeting the healthcare sector as recently as this month. "Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized," the government said in a...
ownCloud vulnerability can be used to extract admin passwords
ownCloud has warned users about three critical security flaws in its file-sharing software which, if exploited, could reveal sensitive information and modify files. An especially and potentially impactful one is a vulnerability that could lead to disclosure of sensitive credentials and...
Critical Security Flaws Affect Ivanti Avalanche, Threatening 30,000 Organizations
Multiple critical security flaws have been reported in Ivanti Avalanche, an enterprise mobile device management solution that's used by 30,000 organizations. The vulnerabilities, collectively tracked as CVE-2023-32560 CVSS score: 9.8, are stack-based buffer overflows in Ivanti Avalanche...