Tag: RCE

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical RCE flaw in Apache Roller blog server

Cybersecurity Threat Advisory: Critical RCE flaw in Apache Roller blog server

Researchers have discovered a critical session management vulnerability within Apache Roller. It is being tracked as CVE-2025-24859 and has been assigned the maximum CVSS score of 10.0. Review the details in this Cybersecurity Threat Advisory to mitigate your risks. What...

/ April 17, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Ivanti Connect Secure flaw

Cybersecurity Threat Advisory: Critical Ivanti Connect Secure flaw

A critical vulnerability, identified as CVE-2025-22457, has been discovered in Ivanti Connect Secure (ICS) VPN appliances. This flaw is actively exploited in the wild, allowing attackers to execute arbitrary code remotely. Review the details within this Cybersecurity Threat Advisory to...

/ April 9, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Apache RCE vulnerability

Cybersecurity Threat Advisory: Apache RCE vulnerability

A critical remote code execution (RCE) vulnerability in Apache Parquet, identified as CVE-2025-30065, with a CVSS score of 10.0, has been discovered. Continue reading this Cybersecurity Threat Advisory to learn how to effectively mitigate your risks. What is the threat?...

/ April 9, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Ivanti vulnerability found in appliances

Cybersecurity Threat Advisory: Critical Ivanti vulnerability found in appliances

Researchers identified a critical vulnerability, CVE-2025-0282, that affects Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons, zero trust access (ZTA) gateways. This vulnerability can enable unauthenticated remote code execution (RCE), allow attackers to compromise the security and integrity of...

/ April 4, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: RCE vulnerability in Veeam Backup & Replication

Cybersecurity Threat Advisory: RCE vulnerability in Veeam Backup & Replication

A vulnerability, tracked as CVE-2025-23120, with a CVSS score of 9.9, has been discovered in Veeam Backup & Replication. This vulnerability can allow attackers to exploit the system and execute remote code on the Veeam Backup Server. Continue reading this...

/ March 26, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Apache Tomcat vulnerability

Cybersecurity Threat Advisory: Apache Tomcat vulnerability

A severe remote code execution (RCE) vulnerability in Apache Tomcat, identified as CVE-2025-24813, is actively exploited in the wild, allowing attackers to gain server control using a simple PUT request. Review the details in this Cybersecurity Threat Advisory to learn...

/ March 19, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Microsoft Windows zero-click RCE vulnerability

Cybersecurity Threat Advisory: Microsoft Windows zero-click RCE vulnerability

A critical Microsoft Windows Lightweight Directory Access Protocol (LDAP) vulnerability has been discovered, identified as CVE-2024-49112. The flaw has a CVSS severity score of 9.8, representing a major threat to enterprise networks. Continue reading this Cybersecurity Threat Advisory to learn...

/ January 3, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Apache Struts 2 vulnerability

Cybersecurity Threat Advisory: Critical Apache Struts 2 vulnerability

The Apache Software Foundation (ASF) has issued a security update to address a critical vulnerability in both end-of-life and current versions of Apache Struts 2. Under specific conditions, this vulnerability could lead to remote code execution (RCE). Review this Cybersecurity...

/ December 30, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Cleo file transfer critical vulnerability

Cybersecurity Threat Advisory: Cleo file transfer critical vulnerability

A critical vulnerability, identified as CVE-2024-50623, has been discovered in Cleo’s file transfer software suite. This vulnerability allows attackers to exploit an unrestricted file upload and download flaw, potentially leading to remote code execution (RCE) on vulnerable systems. Continue reading...

/ December 10, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New VPN client vulnerabilities to watch out for

Cybersecurity Threat Advisory: New VPN client vulnerabilities to watch out for

Vulnerabilities were discovered in SonicWall NetExtender, CVE-2024-29014, and Palo Alto GlobalConnect, CVE-2024-5921, which can lead to remote code execution (RCE). Continue reading this Cybersecurity Threat Advisory to limit your exposure to these vulnerabilities. What is the threat? The vulnerabilities exhibit...

/ December 5, 2024