Tag: RCE

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Exploited Jenkins vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Exploited Jenkins vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability found in Jenkins, identified as CVE-2024-23897 with a CVSS score of 9.8, to its Known Exploited Vulnerabilities (KEV) catalogue. This vulnerability is a path traversal flaw within the...

/ August 21, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical zero-click vulnerability in Microsoft Outlook
FeaturedSecurity

Cybersecurity Threat Advisory: Critical zero-click vulnerability in Microsoft Outlook

A critical zero-click remote code execution (RCE) vulnerability, identified as CVE-2024-30103, was recently discovered in Microsoft Outlook. This flaw allows malicious actors to execute arbitrary code on a victim’s system simply by opening a specially crafted email. Review the details...

/ August 15, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical zero-day vulnerability in Apache OFBiz
FeaturedSecurity

Cybersecurity Threat Advisory: Critical zero-day vulnerability in Apache OFBiz

CVE-2024-38856 is a new Apache OFBiz ERP system critical zero-day vulnerability. If you are using this system, please continue reading this Cybersecurity Threat Advisory to learn which steps you should take to mitigate your risk. What is the threat? Researchers...

/ August 7, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: RCE vulnerability in Ghostscript
FeaturedSecurity

Cybersecurity Threat Advisory: RCE vulnerability in Ghostscript

A Ghostscript remote code execution (RCE) vulnerability, tracked as CVE-2024-29510 (with a CVSS rating of 5.5), is currently being exploited. This exploit can allow attackers to bypass the -dSAFER sandbox and execute code remotely. Review this Cybersecurity Threat Advisory to...

/ July 9, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Atlassian Confluence RCE vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Atlassian Confluence RCE vulnerability

A new high-severity remote code execution (RCE) vulnerability known as CVE-2024-21683 has been discovered in Atlassian’s Confluence Data Center and Server. This vulnerability permits an attacker with an account on the service to gain server control. Review this Cybersecurity Threat...

/ June 18, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Fluent Bit critical vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Fluent Bit critical vulnerability

This Cybersecurity Threat Advisory highlights a critical vulnerability discovered within a popular logging and metric solution called Fluent Bit. CVE-2024-4323, a new memory corruption vulnerability, has the potential to cause denial of service (DOS), information leakage, and code execution (RCE)....

/ May 22, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical RCE vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Critical RCE vulnerability

A critical pre-authentication remote code execution (RCE) vulnerability, CVE-2024-21591, has been patched in Juniper Networks’ Junos OS on SRX firewalls and EX switches. Exploitable via an out-of-bounds write, the flaw poses risks of denial-of-service (DoS), RCE attacks, or unauthorized root...

/ January 16, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Apache Struts2 RCE vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Apache Struts2 RCE vulnerability

A new vulnerability known as CVE-2023-50164 is being used by attackers to exploit the file upload functionality in Apache Struts2, an open-source framework for developing Java web applications. Barracuda MSP advises users to review this Cybersecurity Threat Advisory and upgrade...

/ January 9, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: F5 BIG-IP RCE vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: F5 BIG-IP RCE vulnerability

This Cybersecurity Threat Advisory involves a critical vulnerability discovered in F5 BIG-IP products, identified as CVE-2023-46747. The vulnerability allows unauthenticated remote code execution and poses significant security risks. With a CVSS score of 9.8, immediate attention is required to mitigate...

/ October 27, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Atlassian remote code execution (RCE) bugs
FeaturedSecurity

Cybersecurity Threat Advisory: Atlassian remote code execution (RCE) bugs

This Cybersecurity Threat Advisory highlights RCE vulnerabilities discovered in Atlassian Confluence Data Center & Server and Bamboo. Atlassian has released patches to address these security flaws, which could potentially allow attackers to execute arbitrary code on affected systems. Barracuda MSP...

/ July 26, 2023
1 2