Lucene search
+L

20 matches found

ptsecurity
ptsecurity
added 2025/05/09 12:0 a.m.7 views

PT-2025-20587 · Undefined · Undefined

CVE-2024-37009 is a critical RCE flaw in SAP NetWeaver AS Java, now being exploited by a Chinese threat group. The vulnerability allows unauthenticated attackers to fully compromise systems via the LM Configuration Wizard. SAP has issued a patch. Update immediately. SAP https://t.co/wk3OSxRmbZ...

6.6AI score
Exploits0References1
thn
thn
added 2024/07/16 4:1 a.m.59 views

CISA Warns of Actively Exploited RCE Flaw in GeoServer GeoTools Software

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a critical security flaw impacting OSGeo GeoServer GeoTools to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. GeoServer is an open-source software server written in Java that...

9.8CVSS9.7AI score0.99813EPSS
Exploits31
hivepro
hivepro
added 2024/04/12 12:27 p.m.19 views

Critical RCE Flaw Found in Fortinet FortiClientLinux

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/10 1:24 p.m.16 views

Critical RCE Flaw Found in EoL D-Link NAS Devices

...

7.3AI score
Exploits0
thn
thn
added 2022/11/15 5:1 p.m.128 views

Critical RCE Flaw Reported in Spotify's Backstage Software Catalog and Developer Platform

Spotify's Backstage has been discovered as vulnerable to a severe security flaw that could be exploited to gain remote code execution by leveraging a recently disclosed bug in a third-party module. The vulnerability CVSS score: 9.8, at its core, takes advantage of a critical sandbox escape in vm2...

10CVSS0.4AI score0.47868EPSS
Exploits2
thn
thn
added 2022/10/26 4:24 a.m.90 views

VMware Releases Patch for Critical RCE Flaw in Cloud Foundation Platform

VMware on Tuesday shipped security updates to address a critical security flaw in its VMware Cloud Foundation product. Tracked as CVE-2021-39144, the issue has been rated 9.8 out of 10 on the CVSS vulnerability scoring system, and relates to a remote code execution vulnerability via XStream open...

9.1CVSS1.1AI score0.98124EPSS
Exploits7
hivepro
hivepro
added 2022/09/01 10:53 a.m.52 views

RCE flaw resides in the Atlassian Bitbucket Server and Data Center

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Atlassian has patched a significant security hole in Bitbucket Server and Data Center, which could allow attackers to execute arbitrary code on susceptible systems. The vulnerability is identified...

4.4AI score0.99077EPSS
Exploits24
thn
thn
added 2021/12/14 11:9 a.m.1679 views

Hackers Exploit Log4j Vulnerability to Infect Computers with Khonsari Ransomware

Romanian cybersecurity technology company Bitdefender on Monday revealed that attempts are being made to target Windows machines with a novel ransomware family called Khonsari as well as a remote access Trojan named Orcus by exploiting the recently disclosed critical Log4j vulnerability. The atta...

10CVSS0.4AI score0.99999EPSS
Exploits354
threatpost
threatpost
added 2021/12/13 7:0 p.m.72 views

Where the Latest Log4Shell Attacks Are Coming From

Cybersecurity professionals across the world have been scrambling to shore up their systems against a critical remote code-execution RCE flaw CVE-2021-44228 in the Apache Log4j tool, discovered just days ago. Now under active exploit, the “Log4Shell” bug allows complete server takeover. Researche...

10CVSS9.8AI score0.99999EPSS
Exploits354References10
thn
thn
added 2021/10/08 4:47 a.m.105 views

New Patch Released for Actively Exploited 0-Day Apache Path Traversal to RCE Attacks

The Apache Software Foundation on Thursday released additional security updates for its HTTP Server product to remediate what it says is an "incomplete fix" for an actively exploited path traversal and remote code execution flaw that it patched earlier this week. CVE-2021-42013, as the new...

9.8CVSS9.4AI score0.99992EPSS
Exploits176
threatpost
threatpost
added 2021/04/06 8:55 p.m.86 views

Critical Bug in VMWare Carbon Black Allows Takeover

A critical security vulnerability in the VMware Carbon Black Cloud Workload appliance would allow privilege escalation and the ability to take over the administrative rights for the solution. The bug CVE-2021-21982 ranks 9.1 out of 10 on the CVSS vulnerability-severity scale. The VMware Carbon...

6.4CVSS1.7AI score0.01358EPSS
Exploits0References7
threatpost
threatpost
added 2021/02/24 5:14 p.m.941 views

VMWare Patches Critical RCE Flaw in vCenter Server

Click to Register VMware has patched three vulnerabilities in its virtual-machine infrastructure for data centers, the most serious of which is a remote code execution RCE flaw in its vCenter Server management platform. The vulnerability could allow attackers to breach the external perimeter of a...

7.5CVSS9.6AI score0.99999EPSS
Exploits102References10
threatpost
threatpost
added 2020/04/16 6:49 p.m.426 views

Cisco IP Phone Harbors Critical RCE Flaw

Cisco is warning of a critical flaw in the web server of its IP phones. If exploited, the flaw could allow an unauthenticated, remote attacker to execute code with root privileges or launch a denial-of-service DoS attack. Proof-of-concept PoC exploit code has been posted on GitHub for the...

10CVSS0.3AI score0.88374EPSS
Exploits12References14
thn
thn
added 2020/02/11 6:0 p.m.233 views

Update Microsoft Windows Systems to Patch 99 New Security Flaws

A few hours after Adobe today released security updates for five of its widely-distributed software, Microsoft also issued its February 2020 Patch Tuesday edition with patches for a total of 99 new vulnerabilities. According to the advisories, 12 of the total issues patched by the tech giant this...

9.3CVSS3AI score0.86863EPSS
Exploits17
threatpost
threatpost
added 2020/01/21 5:19 p.m.170 views

Citrix Accelerates Patch Rollout For Critical RCE Flaw

Citrix has quickened its rollout of patches for a critical vulnerability CVE-2019-19781 in the Citrix Application Delivery Controller ADC and Citrix Gateway products, on the heels of recent proof-of-concept exploits and skyrocketing exploitation attempts. Several versions of the products still...

7.5CVSS9.9AI score0.99999EPSS
Exploits48References17
thn
thn
added 2019/10/09 6:38 p.m.56 views

7-Year-Old Critical RCE Flaw Found in Popular iTerm2 macOS Terminal App

A 7-year-old critical remote code execution vulnerability has been discovered in iTerm2 macOS terminal emulator app—one of the most popular open source replacements for Mac's built-in terminal app. Tracked as CVE-2019-9535, the vulnerability in iTerm2 was discovered as part of an independent...

10CVSS3AI score0.0248EPSS
Exploits1
threatpost
threatpost
added 2019/07/17 8:55 p.m.563 views

Wormable BlueKeep Bug Still Threatens Legions of Windows Systems

For the past two months, security researchers have been sounding the alarm about BlueKeep, a critical remote code-execution vulnerability in Microsoft Windows that researchers said could lead to a “mega-worm” global infection. As of July 2, approximately 805,665 systems remain online that are...

10CVSS10AI score0.99999EPSS
Exploits123References9
thn
thn
added 2019/07/16 7:3 a.m.117 views

Zoom RCE Flaw Also Affects Its Rebranded Versions RingCentral and Zhumu

The same security vulnerabilities that were recently reported in Zoom for macOS also affect two other popular video conferencing software that under the hood, are just a rebranded version of Zoom video conferencing software. Security researchers confirmed The Hacker News that RingCentral, used by...

0.8AI score
Exploits0
thn
thn
added 2018/08/22 2:4 p.m.1190 views

New Apache Struts RCE Flaw Lets Hackers Take Over Web Servers

Semmle security researcher Man Yue Mo has disclosed a critical remote code execution vulnerability in the popular Apache Struts web application framework that could allow remote attackers to run malicious code on the affected servers. Apache Struts is an open source framework for developing web...

10CVSS0.3AI score0.99999EPSS
Exploits104
thn
thn
added 2017/06/21 9:8 p.m.39 views

Critical RCE Flaw Found in OpenVPN that Escaped Two Recent Security Audits

A security researcher has found four vulnerabilities, including a critical remote code execution bug, in OpenVPN, those were not even caught in the two big security audits of the open source VPN software this year. OpenVPN is one of the most popular and widely used open source VPN software...

5CVSS8.2AI score0.05539EPSS
Exploits0
Rows per page
Query Builder