Follow Cyber Kendra on Google News! | WhatsApp | Telegram

Vulnerability

VMware Releases Critical Security Updates to Fix Severe Vulnerabilities

VMware has released urgent security updates to address multiple critical vulnerabilities affecting VMware vCenter Server and VMware Cloud Foundation …

SolarWinds Patches Critical Vulnerability in Serv-U File Transfer Solution

SolarWinds has fixed a critical vulnerability in SolarWinds' widely-used Serv-U managed file transfer server that could allow remote attackers to…

[CVE-2024-3400] Palo Alto Networks Firewall Vulnerability Exploited in the Wild

In a startling revelation, cybersecurity firms Volexity and watchTowr have reported that a critical zero-day vulnerability in Palo Alto Networks Glob…

"BatBadBut" Vulnerability Discovered in Rust Standard Library on Windows

A critical security vulnerability, dubbed " BatBadBut ," has been discovered in the Rust standard library, affecting all versions before 1.…

Newly Uncovered "Branch History Injection" Attack Bypass Spectre Mitigations

A team of cybersecurity researchers has unveiled a new variant of the notorious Spectre v2 vulnerability , dubbed " Branch History Injection &qu…

New HTTP/2 Vulnerability Poses Severe Threat to Server Availability

A recently discovered class of vulnerabilities within numerous HTTP/2 protocol implementations, dubbed the "CONTINUATION Flood," has been f…

GoFetch Flaw Exposes Cryptographic Key Leakage Risk in Apple's M-Series Chips

A team of academic researchers has uncovered a concerning vulnerability affecting Apple's M-series chips that could allow attackers to extract en…

Critical Security Flaws Discovered in OpenMetadata Platform

Security researcher Alvaro Muñoz of the GHSL team has uncovered multiple critical vulnerabilities in OpenMetadata, an open-source metadata management…

Ivanti Discloses Critical RCE Flaw in Standalone Sentry, Urges Immediate Patching

Ivanti has disclosed a critical remote code execution vulnerability in its Standalone Sentry software and is strongly urging customers to apply patch…

ConnectWise Issues Critical Security Advisory for ScreenConnect Product

ConnectWise has released a critical security advisory for its popular remote access and support tool ScreenConnect. The advisory addresses two vulne…

Zoom Fix Critical Windows Flaw and Six Other Bugs [Update Now]

Video conferencing provider Zoom has released security updates to address seven vulnerabilities impacting its Windows, macOS, Linux, Android and iOS …

Sonicwall Patch Authentication Bypass Flaw in SonicOS SSL VPN

After Fortinet and Ivanti now Sonicwall has released the security update for its SonicOS SSL VPN.  A recently disclosed vulnerability in Sonicwall&#…

Jenkins Patch Critical CLI File Read Vulnerability Lead to RCE

The Jenkins project has released new versions of Jenkins core and several plugins to address multiple security vulnerabilities, including some that c…

Critical Authentication Bypass Discovered in Fortra GoAnywhere MFT - Exploit Released

A critical Authentication Bypass vulnerability has been uncovered in Fortra's popular GoAnywhere Managed File Transfer (MFT) software that could …

Spring Framework Fixes Severe DoS Vulnerability in Latest Releases

A severe vulnerability has been discovered in the popular Java framework Spring that could allow denial-of-service (DoS) attacks. The vulnerability, …

New 'PixieFail' Vulnerabilities in UEFI Firmware Threaten Enterprise Systems

A team of security researchers at Quarkslab have discovered a series of critical vulnerabilities affecting EDK II, the open source reference implemen…

New Critical Opera Browser Vulnerability Puts Millions of Users at Risk

A critical vulnerability has been discovered in the popular Opera web browser that could allow remote code execution on both Windows and Mac operatin…

Critical Ivanti Zero-Day Vulnerabilities Under Active Exploitation

In a recent disclosure by Ivanti, a leading IT service management solutions provider, two zero-day vulnerabilities in their products have been active…