Tag: critical vulnerability

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Atlassian Confluence vulnerability

Cybersecurity Threat Advisory: Critical Atlassian Confluence vulnerability

A critical Atlassian Confluence template injection vulnerability has been identified. It affects all outdated versions of Confluence Data Center and Server, allowing unauthenticated attackers to achieve remote code execution (RCE). Read this Cybersecurity Threat Advisory in detail to learn about...

/ January 23, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Cisco Unity Connection vulnerability

Cybersecurity Threat Advisory: Cisco Unity Connection vulnerability

A new Cisco Unity Connection vulnerability, designated as CVE-2024-20272, has been discovered which poses a significant risk to organizations utilizing Cisco Unity Connection. Read this Cybersecurity Threat Advisory in detail to learn about the vulnerability and how to secure your...

/ January 17, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical RCE vulnerability

Cybersecurity Threat Advisory: Critical RCE vulnerability

A critical pre-authentication remote code execution (RCE) vulnerability, CVE-2024-21591, has been patched in Juniper Networks’ Junos OS on SRX firewalls and EX switches. Exploitable via an out-of-bounds write, the flaw poses risks of denial-of-service (DoS), RCE attacks, or unauthorized root...

/ January 16, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: F5 BIG-IP RCE vulnerability

Cybersecurity Threat Advisory: F5 BIG-IP RCE vulnerability

This Cybersecurity Threat Advisory involves a critical vulnerability discovered in F5 BIG-IP products, identified as CVE-2023-46747. The vulnerability allows unauthenticated remote code execution and poses significant security risks. With a CVSS score of 9.8, immediate attention is required to mitigate...

/ October 27, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: WS_FTP Server vulnerabilities uncovered

Cybersecurity Threat Advisory: WS_FTP Server vulnerabilities uncovered

Multiple vulnerabilities have been found in all versions of WS_FTP Server. The critical and high vulnerabilities include a directory traversal flaw (CVE-2023-42657) with a CVSS score of 9.9, a high-severity reflected cross-site scripting (XSS) issue (CVE-2023-40045, CVSS 8.3), a SQL...

/ September 29, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical security patches for GitLab

Cybersecurity Threat Advisory: Critical security patches for GitLab

This Cybersecurity Threat Advisory highlights GitLab’s recent critical vulnerability, which security update have been released for. A successful exploitation can allow threat actors to mask themselves as other users during scheduled security scans while they run automated tasks (also known...

/ September 22, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New VMware Aria vulnerability identified

Cybersecurity Threat Advisory: New VMware Aria vulnerability identified

Today’s Cybersecurity Threat Advisory highlights an SSH authentication bypass flaw, identified as CVE-2023-34039, which has been discovered in VMware Aria. It has a severity rating of “critical” and a CVSS v3 scope of 9.8. This vulnerability allows remote attackers to...

/ September 7, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Zero-day vulnerabilities found in Atera RMM

Cybersecurity Threat Advisory: Zero-day vulnerabilities found in Atera RMM

The latest Cybersecurity Threat Advisory involves two zero-day vulnerabilities that were discovered in Atera RMM Windows installers. These two vulnerabilities are deemed critical and provide privilege escalation capabilities upon a successful exploitation. Barracuda MSP recommends updating to version 1.8.4.9 to...

/ July 26, 2023
Cybersecurity Threat Advisory
Critical Adobe ColdFusion vulnerability

Critical Adobe ColdFusion vulnerability

The latest cybersecurity threat advisory highlights vulnerabilities affecting Adobe ColdFusion versions 2018, 2021, and 2023, which are actively being exploited by threat actors in the wild. A successful exploitation can lead to arbitrary code execution and security feature bypass. Barracuda...

/ July 19, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical MOVEit vulnerability discovered

Cybersecurity Threat Advisory: Critical MOVEit vulnerability discovered

A critical vulnerability has been discovered in the MOVEit Transfer software, prompting urgent action from customers to patch their systems. This flaw, identified as CVE-2023-36934, allows an attacker to execute arbitrary commands on the affected system with elevated privileges without...

/ July 8, 2023