Lucene search
K

13 matches found

The Hacker News
The Hacker News
added 2025/12/11 7:9 a.m.31 views

Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw

Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active exploitation in the wild. The vulnerability, rated high in severity, is being tracked under the Chromium issue tracker ID "466192044." Unlike other...

9.8CVSS8.2AI score0.22359EPSS
Exploits26
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.5 views

PT-2025-21132 · Zoom · Zoom

Name of the Vulnerable Software and Affected Versions: Zoom affected versions not specified Description: A high-severity flaw has been identified and patched in Zoom Workplace Apps. The issue was disclosed and patched on the same day, 2025-05-13. Recommendations: At the moment, there is no...

8.8CVSS6AI score0.0013EPSS
Exploits0References13
The Hacker News
The Hacker News
added 2025/04/17 5:44 a.m.22 views

CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added a security flaw impacting SonicWall Secure Mobile Access SMA 100 Series gateways to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The high-severity vulnerability, tracked...

6.5CVSS7.1AI score0.0389EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/09/06 5:22 a.m.36 views

Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution

A new security flaw has been addressed in the Apache OFBiz open-source enterprise resource planning ERP system that, if successfully exploited, could lead to unauthenticated remote code execution on Linux and Windows. The high-severity vulnerability, tracked as CVE-2024-45195 CVSS score: 7.5,...

9.8CVSS9.4AI score0.99983EPSS
Exploits15
The Hacker News
The Hacker News
added 2023/08/24 8:21 a.m.79 views

Thousands of Unpatched Openfire XMPP Servers Still Exposed to High-Severity Flaw

Thousands of Openfire XMPP servers are unpatched against a recently disclosed high-severity flaw and are susceptible to a new exploit, according to a new report from VulnCheck. Tracked as CVE-2023-32315 CVSS score: 7.5, the vulnerability relates to a path traversal vulnerability in Openfire's...

8.6CVSS8.2AI score0.99999EPSS
Exploits15
ThreatPost
ThreatPost
added 2020/12/03 11:0 a.m.146 views

Google Play Apps Remain Vulnerable to High-Severity Flaw

UPDATE Researchers are warning that several popular Google Play applications – including mobile browser app Edge – have yet to push out an important update addressing a high-severity vulnerability in the Google Play Core Library. The vulnerability exists in Google Play Core Library, which is...

6.8CVSS8.8AI score0.02883EPSS
Exploits1References5
ThreatPost
ThreatPost
added 2020/07/27 4:23 p.m.249 views

Attackers Exploiting High-Severity Network Security Flaw, Cisco Warns

Cisco is warning that a high-severity flaw in its network security software is being actively exploited – allowing remote, unauthenticated attackers to access sensitive data. Patches for the vulnerability CVE-2020-3452 in question, which ranks 7.5 out of 10 on the CVSS scale, were released last...

5CVSS7.8AI score0.99992EPSS
Exploits25References10
The Hacker News
The Hacker News
added 2020/02/28 1:0 p.m.5 views

GhostCat: New High-Risk Vulnerability Affects Servers Running Apache Tomcat

If your web server is running on Apache Tomcat, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it. Yes, that's possible because all versions 9.x/8.x/7.x/6.x of the Apache Tomcat released in the past 13...

9.8CVSS7.7AI score0.9927EPSS
Exploits45
ThreatPost
ThreatPost
added 2019/06/28 3:14 p.m.30 views

FDA Warns of Potentially Fatal Flaws in Medtronic Insulin Pumps

The Food and Drug Administration FDA has issued an emergency alert, warning that Medtronic MiniMed insulin pumps are vulnerable to potentially life-threatening cyberattacks. Specifically impacted are Medtronic’s MiniMed insulin pumps, the MiniMed 508 insulin pump and MiniMed Paradigm series insul...

5.8CVSS0.1AI score0.01234EPSS
Exploits0References11
ThreatPost
ThreatPost
added 2019/06/21 2:22 p.m.367 views

Mozilla Fixes Second Actively-Exploited Firefox Flaw

UPDATE Mozilla has fixed a high-severity vulnerability in its Firefox browser being actively exploited in the wild. The vulnerability CVE-2019-11708 is separate from a critical flaw under active attack that was patched earlier this week CVE-2019-11707. However, both vulnerabilities were discovere...

10CVSS9.7AI score0.55874EPSS
Exploits14References8
ThreatPost
ThreatPost
added 2019/05/16 1:53 p.m.147 views

Cisco Service Provider, WebEx Bugs Offer Up Remote Code Execution

Cisco is warning of critical remote code-execution RCE vulnerabilities in the Cisco Prime Infrastructure PI and Evolved Programmable Network EPN Manager, which is used by telcos, mobile carriers, cable companies and ISPs to manage their hardware infrastructure. The vendor also issued estimated...

10CVSS0.8AI score0.98092EPSS
Exploits16References9
securityvulns
securityvulns
added 2000/10/24 12:0 a.m.46 views

Allaire's JRUN Unauthenticated Access to WEB-INF directory

Foundstone, Inc. http://www.foundstone.com "Securing the Dot Com World" Security Advisory Allaire's JRUN ---------------------------------------------------------------------- FS Advisory ID: FS-102300-12-JRUN Release Date: October 23, 2000 Product: JRun 3.0 Vendor: Allaire Inc...

Exploits0
Packet Storm
Packet Storm
added 2000/08/02 12:0 a.m.35 views

FS-073100-10-BEA.txt

Foundstone, Inc. http://www.foundstone.com "Securing the Dot Com World" Security Advisory BEA's WebLogic .jsp/.jhtml remote command execution ---------------------------------------------------------------------- FS Advisory ID: FS-073100-10-BEA Release Date: July 31, 2000 Product: WebLogic Vendo...

Exploits0
Rows per page
Query Builder