Critical Archives - Ady DeeJay

Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility

March 21, 2025

by Ady DeeJay

Comments (0)

Mar 21, 2025Ravie LakshmananCyber Attack / Vulnerability Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center. The two critical-rated vulnerabilities in question are listed below – CVE-2024-20439 (CVSS score: 9.8) – The presence of an undocumented static user credential

February 4, 2025

by Ady DeeJay

Comments (0)

Feb 04, 2025The Hacker NewsVulnerability / Cloud Security Microsoft has released patches to address two Critical-rated security flaws impacting Azure AI Face Service and Microsoft Account that could allow a malicious actor to escalate their privileges under certain conditions. The flaws are listed below – CVE-2025-21396 (CVSS score: 7.5) –

CISA Warn Of Critical Ivanti CSA Vulnerabilities: Patch Now

January 23, 2025

by Ady DeeJay

Comments (0)

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have jointly issued a Cybersecurity Advisory to address the active exploitation of critical vulnerabilities in Ivanti Cloud Service Appliances (CSA). These Ivanti CSA Vulnerabilities —CVE-2024-8963, CVE-2024-9379, CVE-2024-8190, and CVE-2024-9380—were exploited in September 2024 by threat actors

July 29, 2024

by Ady DeeJay

Comments (0)

Jul 29, 2024Ravie LakshmananEnterprise Security / Data Protection Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited in the wild. The vulnerability, tracked as CVE-2023-45249 (CVSS score: 9.8), concerns a case of remote code execution that stems from the

POC Exploit Code Published for Critical Apache HugeGraph RCE Vulnerability

June 7, 2024

by Ady DeeJay

Comments (0)

If you haven’t upgraded to version 1.3.0 of Apache HugeGraph, now is the time. At least two proof-of-concept (POC) exploits for a CVSS 9.8-rated remote command execution (RCE) vulnerability in the open-source graph database have been made public. Apache HugeGraph is widely used by developers to build applications based on

April 20, 2024

by Ady DeeJay

Comments (0)

Apr 20, 2024NewsroomVulnerability / Network Security Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as “intricate” and a combination of two

February 3, 2024

by Ady DeeJay

Comments (0)

Feb 03, 2024NewsroomIntelligence Agency / Cyber Security The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical infrastructure entities in the U.S. and other countries. The officials include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad

January 30, 2024

by Ady DeeJay

Comments (0)

Jan 30, 2024NewsroomDevSecOps / Vulnerability GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating a workspace. Tracked as CVE-2024-0402, the vulnerability has a CVSS score of 9.9 out of

October 6, 2023

by Ady DeeJay

Comments (0)

Oct 06, 2023NewsroomServer Security / Vulnerability Multiple security vulnerabilities have been disclosed in the Intelligent Platform Management Interface (IPMI) firmware for Supermicro baseboard management controllers (BMCs) that could result in privilege escalation and execution of malicious code on affected systems. The seven flaws, tracked from CVE-2023-40284 through CVE-2023-40290, vary in

August 5, 2023

by Ady DeeJay

Comments (0)

Aug 05, 2023THNVulnerability / Cyber Threat Microsoft on Friday disclosed that it has addressed a critical security flaw impacting Power Platform, but not before it came under criticism for its failure to swiftly act on it. “The vulnerability could lead to unauthorized access to Custom Code functions used for Power

Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility

Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score

CISA Warn Of Critical Ivanti CSA Vulnerabilities: Patch Now

Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild

POC Exploit Code Published for Critical Apache HugeGraph RCE Vulnerability

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks

URGENT: Upgrade GitLab – Critical Workspace Creation Flaw Allows File Overwrite

Supermicro’s BMC Firmware Found Vulnerable to Multiple Critical Vulnerabilities

Microsoft Addresses Critical Power Platform Flaw After Delays and Criticism

Recent Posts

Recent Comments

Categories

Archives

Recent Posts

Recent Comments

Categories

Archives

Tags