Lucene search
K

10 matches found

The Hacker News
The Hacker News
added 2023/07/25 3:51 a.m.66 views

Ivanti Releases Urgent Patch for EPMM Zero-Day Vulnerability Under Active Exploitation

Ivanti is warning users to update their Endpoint Manager Mobile EPMM mobile device management software formerly MobileIron Core to the latest version that fixes an actively exploited zero-day vulnerability. Dubbed CVE-2023-35078, the issue has been described as a remote unauthenticated API access...

6.4AI score0.99999EPSS
Exploits14
ThreatPost
ThreatPost
added 2021/03/18 3:52 p.m.64 views

Zoom Screen-Sharing Glitch ‘Briefly’ Leaks Sensitive Data

A security blip in the current version of Zoom could inadvertently leak users’ data to other meeting participants on a call. However, the data is only leaked briefly, making a potential attack difficult to carry out. The flaw CVE-2021-28133 stems from a glitch in the screen sharing function of...

4.8AI score0.16289EPSS
Exploits2References15
ThreatPost
ThreatPost
added 2020/08/24 9:31 p.m.239 views

Google Fixes High-Severity Chrome Browser Code Execution Bug

The Google Chrome web browser has a high-severity vulnerability that could be used to execute arbitrary code, researchers say. The flaw has been fixed in the Chrome 85 stable channel, set to be rolled out to users this week. The flaw CVE-2020-6492 is a use-after-free vulnerability in the WebGL We...

4.3CVSS1.9AI score0.26869EPSS
Exploits6References7
ThreatPost
ThreatPost
added 2020/08/10 3:56 p.m.177 views

TeamViewer Flaw in Windows App Allows Password-Cracking

Popular remote-support software TeamViewer has patched a high-severity flaw in its desktop app for Windows. If exploited, the flaw could allow remote, unauthenticated attackers to execute code on users’ systems or crack their TeamViewer passwords. TeamViewer is a proprietary software application...

6.8CVSS8.8AI score0.26869EPSS
Exploits3References12
ThreatPost
ThreatPost
added 2020/07/01 9:2 p.m.819 views

Cisco Warns of High-Severity Bug in Small Business Switch Lineup

Cisco Systems is warning of a high-severity flaw affecting more than a half-dozen of its small business switches. The flaw could allow remote, unauthenticated attackers to access the switches’ management interfaces with administrative privileges. Specifically affected are Series Smart Switches,...

10CVSS0.26869EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2020/06/10 6:37 p.m.433 views

Critical Intel Flaws Fixed in Active Management Technology

Intel has released its June security updates, which address two critical vulnerabilities that, if exploited, can give unauthenticated attackers elevated privileges. The critical flaws exist in Intel’s Active Management Technology AMT, which is used for remote out-of-band management of personal...

7.5CVSS8.5AI score0.0552EPSS
Exploits1References29
ThreatPost
ThreatPost
added 2020/04/16 6:49 p.m.424 views

Cisco IP Phone Harbors Critical RCE Flaw

Cisco is warning of a critical flaw in the web server of its IP phones. If exploited, the flaw could allow an unauthenticated, remote attacker to execute code with root privileges or launch a denial-of-service DoS attack. Proof-of-concept PoC exploit code has been posted on GitHub for the...

10CVSS0.3AI score0.88374EPSS
Exploits12References14
ThreatPost
ThreatPost
added 2020/03/18 6:0 p.m.50 views

Trend Micro Fixes Critical Flaws Under Attack

Trend Micro has released security updates patching five vulnerabilities in its endpoint security solutions, Apex One and OfficeScan XG for Windows. Specifically, Apex One 2019 and OfficeScan XG SP1 and XG are affected by four critical-severity and one high-severity flaws. Two of these...

10CVSS1.2AI score0.25125EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2017/10/31 12:48 p.m.19 views

Emergency Oracle Patch Closes Bug Rated 10 in Severity

Oracle pushed out an emergency update for a bug in Oracle Identity Manager that is as bad as it gets. Scoring a 10 on the CVSS scale, the vulnerability, CVE-2017-10151, enables an attacker to remotely take over the software without the need for authentication. “While the vulnerability is in Oracl...

7.5CVSS1.8AI score0.03947EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2011/10/18 11:46 a.m.11 views

Oracle to Release 56 Patches, Plus 20 More For Java in October CPU

Oracle on Tuesday plans to release patches for 56 new vulnerabilities in a huge number of its products through its scheduled quarterly critical patch update. The company said that the various vulnerabilities in this month’s CPU affect hundreds of Oracle products. The most serious group of...

0.6AI score
Exploits0References3
Rows per page
Query Builder