Tag: rce
-
PHP Updates Urged Over Critical Vuln That Could Lead To RCE
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35979/PHP-Updates-Urged-Over-Critical-Vuln-That-Could-Lead-To-RCE.html
-
256,000+ Publicly Exposed Windows Servers Vulnerable to MSMQ RCE Flaw
by
in SecurityNewsCybersecurity watchdog Shadowserver has identified 256,000+ publicly exposed servers vulnerable to a critical Remote Code Execution (RCE) flaw in Micr… First seen on gbhackers.com Jump to article: gbhackers.com/256000-windows-servers-msmq-rce-flaw/
-
Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103)
by
in SecurityNewsJune 2024 Patch Tuesday is here and Microsoft has delivered fixes for a critical MSMQ flaw (CVE-2024-30080) and a RCE vulnerability in Microsoft Outlo… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/06/11/cve-2024-30080-cve-2024-30103/
-
Microsoft Urges Windows Admins to Patch Microsoft Message Queuing RCE Flaw
by
in SecurityNewsMicrosoft has disclosed two Critical remote code execution vulnerabilities in MSMQ (Microsoft Message Queuing) and the Windows Wi-Fi Driver. The CVE f… First seen on gbhackers.com Jump to article: gbhackers.com/microsoft-message-queuing-rce-flaw/
-
Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs
by
in SecurityNewsToday is Microsoft’s June 2024 Patch Tuesday, which includes security updates for 51 flaws, eighteen remote code execution flaws, and one publicly dis… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-june-2024-patch-tuesday-fixes-51-flaws-18-rces/
-
TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers
by
in SecurityNewsThe TellYouThePass ransomware gang has been exploiting the recently patched CVE-2024-4577 remote code execution vulnerability in PHP to deliver webshe… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/tellyouthepass-ransomware-exploits-recent-php-rce-flaw-to-breach-servers/
-
PHP addressed critical RCE flaw potentially impacting millions of servers
by
in SecurityNewsA new PHP for Windows remote code execution (RCE) flaw affects version 5.x and earlier versions, potentially impacting millions of servers worldwide. … First seen on securityaffairs.com Jump to article: securityaffairs.com/164302/breaking-news/php-critical-rce.html
-
Week in review: Atlassian Confluence RCE PoC, new Kali Linux, Patch Tuesday forecast
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: High-risk Atlassian Confluence RCE fixed, PoC availa… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/06/09/week-in-review-atlassian-confluence-rce-poc-new-kali-linux-patch-tuesday-forecast/
-
PHP updates urged over critical vulnerability that could lead to RCE
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/php-updates-urged-over-critical-vulnerability-that-could-lead-to-rce
-
Alleged RCE Vulnerability Threatens Subdomains of Italian Ministry of Defence
by
in SecurityNewsA threat actor known as spr1ngtr4p has purportedly advertised a Remote Code Execution (RCE) vulnerability affecting a subdomain of Italy’s Ministry of… First seen on thecyberexpress.com Jump to article: thecyberexpress.com/rce-vulnerability-italian-ministry-of-defence/
-
Understanding the RCE Vulnerabilities in WordPress Plugins
by
in SecurityNewsImagine handing over the controls of your website to someone you don’t trust that’s the risk of RCE vulnerabilities in WordPress. Attackers can modi… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/06/understanding-the-rce-vulnerabilities-in-wordpress-plugins/
-
PHP fixes critical RCE flaw impacting all versions for Windows
by
in SecurityNewsA new PHP for Windows remote code execution (RCE) vulnerability has been disclosed, impacting all releases since version 5.x, potentially impacting a … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/php-fixes-critical-rce-flaw-impacting-all-versions-for-windows/
-
Zyxel addressed three RCEs in endlife NAS devices
by
in SecurityNewsZyxel Networks released an emergency security update to address critical vulnerabilities in end-of-life NAS devices. Zyxel Networks released an emerge… First seen on securityaffairs.com Jump to article: securityaffairs.com/164150/security/zyxel-rce-eof-nas-devices.html
-
Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/exploit-fortinet-critical-rce-bug-siem-root-access
-
Details of Atlassian Confluence RCE Vulnerability Disclosed
by
in SecurityNewsSonicWall has shared technical details on a recently addressed high-severity remote code execution flaw in Confluence. The post l has shared technical… First seen on securityweek.com Jump to article: www.securityweek.com/details-of-atlassian-confluence-rce-vulnerability-disclosed/
-
PoC for Progress Telerik RCE chain released (CVE-2024-4358, CVE-2024-1800)
by
in SecurityNewsSecurity researchers have published a proof-of-concept (PoC) exploit that chains together two vulnerabilities (CVE-2024-4358, CVE-2024-1800) to achiev… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/06/04/cve-2024-4358-cve-2024-1800-poc/
-
Zyxel issues emergency RCE patch for endlife NAS devices
by
in SecurityNewsZyxel Networks has released an emergency security update to address three critical vulnerabilities impacting older NAS devices that have reached end-o… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/zyxel-issues-emergency-rce-patch-for-end-of-life-nas-devices/
-
High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683)
by
in SecurityNewsIf you’re self-hosting an Atlassian Confluence Server or Data Center installation, you should upgrade to the latest available version to fix a high-se… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/06/03/cve-2024-21683-poc/
-
Experts released PoC exploit code for RCE in Fortinet SIEM
by
in SecurityNewsResearchers released a proof-of-concept (PoC) exploit for remote code execution flaw CVE-2024-23108 in Fortinet SIEM solution. Security researchers at… First seen on securityaffairs.com Jump to article: securityaffairs.com/163797/hacking/fortinet-siem-critical-rce-poc.html
-
Critical Netflix Genie Bug Opens Big Data Orchestration to RCE
by
in SecurityNewsThe severe security vulnerability (CVE-2024-4701, CVSS 9.9) gives remote attackers a way to burrow into Netflix’s Genie open source platform, which is… First seen on darkreading.com Jump to article: www.darkreading.com/application-security/netflix-fixes-critical-vulnerability-on-big-data-orchestration-service
-
Exploit released for maximum severity Fortinet RCE bug, patch now
by
in SecurityNews‹Security researchers have released a proof-of-concept (PoC) exploit for a maximum-severity vulnerability in Fortinet’s security information and event… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/exploit-released-for-maximum-severity-fortinet-rce-bug-patch-now/
-
TP-Link fixes critical RCE bug in popular C5400X gaming router
by
in SecurityNewsThe TP-Link Archer C5400X gaming router is vulnerable to security flaws that could enable an unauthenticated, remote attacker to execute commands on t… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/tp-link-fixes-critical-rce-bug-in-popular-c5400x-gaming-router/
-
Critical Bug Allows DoS, RCE, Data Leaks in All Major Cloud Platforms
by
in SecurityNewsAn on-by-default endpoint in ubiquitous logging service Fluent Bit contains an oversight that hackers can toy with to rattle most any cloud environmen… First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/critical-bug-dos-rce-data-leaks-in-all-major-cloud-platforms
-
AI-as-a-Service Platform Patches Critical RCE Vulnerability
by
in SecurityNewsHackers Could Exploit Bug on Replicate to Steal Data, Manipulate AI Models. Attackers could have exploited a now-mitigated critical vulnerability in t… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ai-as-a-service-platform-patches-critical-rce-vulnerability-a-25324
-
Experts released PoC exploit code for RCE in QNAP QTS
by
in SecurityNewsExperts warn of fifteen vulnerabilities in the QNAP QTS, the operating system for the Taiwanese vendor’s NAS products. An audit of QNAP QTS conducted … First seen on securityaffairs.com Jump to article: securityaffairs.com/163470/hacking/fifteen-vulnerabilities-in-the-qnap-qts.html
-
PoC Exploit Released for QNAP QTS zero-day RCE Flaw
by
in SecurityNewsResearchers have shown a proof-of-concept (PoC) attack for a zero-day remote code execution (RCE) flaw in the QTS operating system from QNAP. Users of… First seen on gbhackers.com Jump to article: gbhackers.com/poc-exploit-released-2/
-
QNAP QTS zero-day in Share feature gets public RCE exploit
by
in SecurityNewsAn extensive security audit of QNAP QTS, the operating system for the company’s NAS products, has uncovered fifteen vulnerabilities of varying severit… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/qnap-qts-zero-day-in-share-feature-gets-public-rce-exploit/
-
6K-plus AI models may be affected by critical RCE vulnerability
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/6k-plus-ai-models-may-be-affected-by-critical-rce-vulnerability
-
Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)
by
in SecurityNewsNew versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely exe… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/05/16/git-cve-2024-32002/
-
PoC Exploit Released For D-LINK RCE Zero-Day Vulnerability
by
in SecurityNewsTwo critical vulnerabilities have been discovered in D-Link DIR-X4860 routers which were associated with Authentication bypass due to HNAP port and re… First seen on gbhackers.com Jump to article: gbhackers.com/d-link-rce-zero-day-exploit-released/