Follow Cyber Kendra on Google News! | WhatsApp | Telegram

Vulnerability
Ivanti Discloses Critical RCE Flaw in Standalone Sentry, Urges Immediate Patching

Ivanti Discloses Critical RCE Flaw in Standalone Sentry, Urges Immediate Patching

Ivanti has disclosed a critical remote code execution vulnerability in its Standalone Sentry software and is strongly urging customers to apply patch…
ConnectWise Issues Critical Security Advisory for ScreenConnect Product

ConnectWise Issues Critical Security Advisory for ScreenConnect Product

ConnectWise has released a critical security advisory for its popular remote access and support tool ScreenConnect. The advisory addresses two vulne…
Zoom Fix Critical Windows Flaw and Six Other Bugs [Update Now]

Zoom Fix Critical Windows Flaw and Six Other Bugs [Update Now]

Video conferencing provider Zoom has released security updates to address seven vulnerabilities impacting its Windows, macOS, Linux, Android and iOS …
Sonicwall Patch Authentication Bypass Flaw in SonicOS SSL VPN

Sonicwall Patch Authentication Bypass Flaw in SonicOS SSL VPN

After Fortinet and Ivanti now Sonicwall has released the security update for its SonicOS SSL VPN.  A recently disclosed vulnerability in Sonicwall&#…
Jenkins Patch Critical CLI File Read Vulnerability Lead to RCE

Jenkins Patch Critical CLI File Read Vulnerability Lead to RCE

The Jenkins project has released new versions of Jenkins core and several plugins to address multiple security vulnerabilities, including some that c…
Critical Authentication Bypass Discovered in Fortra GoAnywhere MFT - Exploit Released

Critical Authentication Bypass Discovered in Fortra GoAnywhere MFT - Exploit Released

A critical Authentication Bypass vulnerability has been uncovered in Fortra's popular GoAnywhere Managed File Transfer (MFT) software that could …
Spring Framework Fixes Severe DoS Vulnerability in Latest Releases

Spring Framework Fixes Severe DoS Vulnerability in Latest Releases

A severe vulnerability has been discovered in the popular Java framework Spring that could allow denial-of-service (DoS) attacks. The vulnerability, …
New 'PixieFail' Vulnerabilities in UEFI Firmware Threaten Enterprise Systems

New 'PixieFail' Vulnerabilities in UEFI Firmware Threaten Enterprise Systems

A team of security researchers at Quarkslab have discovered a series of critical vulnerabilities affecting EDK II, the open source reference implemen…
New Critical Opera Browser Vulnerability Puts Millions of Users at Risk

New Critical Opera Browser Vulnerability Puts Millions of Users at Risk

A critical vulnerability has been discovered in the popular Opera web browser that could allow remote code execution on both Windows and Mac operatin…
Critical Ivanti Zero-Day Vulnerabilities Under Active Exploitation

Critical Ivanti Zero-Day Vulnerabilities Under Active Exploitation

In a recent disclosure by Ivanti, a leading IT service management solutions provider, two zero-day vulnerabilities in their products have been active…
New Security Flaws Uncovered in SSH Protocol

New Security Flaws Uncovered in SSH Protocol

A team of researchers from Ruhr University Bochum in Germany have uncovered new security vulnerabilities in the Secure Shell (SSH) protocol that coul…
Barracuda Patches Actively Exploited Flaw Used by Chinese APT

Barracuda Patches Actively Exploited Flaw Used by Chinese APT

Barracuda has disclosed a critical vulnerability in its Email Security Gateway (ESG) appliances that has been actively exploited by a Chinese state-s…
New 'Mayhem' Attack Bypasses Security in OpenSSH, OpenSSL and MySQL via Fault Injection

New 'Mayhem' Attack Bypasses Security in OpenSSH, OpenSSL and MySQL via Fault Injection

A new paper titled " Mayhem: Targeted Corruption of Register and Stack Variables " reveals a critical security vulnerability that could all…
Critical OpenSSH Flaw Could Allow Remote Code Execution

Critical OpenSSH Flaw Could Allow Remote Code Execution

A high-severity vulnerability has been discovered in OpenSSH that could potentially be exploited by an attacker to execute arbitrary commands on a ta…
CacheWarp - New Vulnerability Breaks Integrity of AMD SEV

CacheWarp - New Vulnerability Breaks Integrity of AMD SEV

Researchers from CISPA Helmholtz Center for Information Security have discovered a new software-based fault attack named CacheWarp that breaks the in…
'Reptar' - New Intel CPU Vulnerability Discovered by Google

'Reptar' - New Intel CPU Vulnerability Discovered by Google

A Google security researcher has uncovered a new CPU vulnerability impacting Intel desktop, mobile, and server CPUs.  The vulnerability dubbed ' …
AMD Warns of High-Risk Vulnerability in Graphics Drivers

AMD Warns of High-Risk Vulnerability in Graphics Drivers

The processor manufacturer AMD has disclosed a high-risk security vulnerability affecting certain graphics drivers for Radeon graphics chips.  The vu…
Signal Denies Rumors of Zero-day Vulnerability Bug

Signal Denies Rumors of Zero-day Vulnerability Bug

Yesterday, rumors circulated about a discovered zero-day exploit in the popular encrypted messaging app Signal that allegedly gives full access to a …
Curl Fix Heap Buffer Overflow Vulnerability Could Lead to Remote Code Execution

Curl Fix Heap Buffer Overflow Vulnerability Could Lead to Remote Code Execution

The Curl team has finally disclosed a high-severity vulnerability (CVE-2023-38545) that could allow remote code execution in applications using affec…
Is Curl Vulnerability leaked Before Schedule Time?

Is Curl Vulnerability leaked Before Schedule Time?

Last week, the developer of Curl announced a forthcoming version of Curl version 8.4.0 to be scheduled for release with the patch of two security vul…