Security Vulnerabilities

The latest Security Vulnerabilities

NewsSecurity Vulnerabilities

WinZip Mark-of-the-Web Bypass Vulnerability [CVE-2024-8811]

CVE number = CVE-2024-8811 This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip.

Read More
NewsSecurity Vulnerabilities

mySCADA myPRO Hard-Coded Credentials Remote Code Execution Vulnerability [CVE-2024-4708]

CVE number = CVE-2024-4708 CVSS Score = 9.8 This vulnerability allows remote attackers to execute arbitrary code on affected installations

Read More
NewsSecurity Vulnerabilities

Nextcloud Desktop Client synchronized files vulnerability [CVE-2024-46958]

CVE number = CVE-2024-46958 In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files (between the server and client)

Read More
NewsSecurity Vulnerabilities

Yubico YubiKey 5 Series ECDSA secret-key extraction attack vulnerability [CVE-2024-45678]

CVE number = CVE-2024-45678 Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before

Read More
NewsSecurity Vulnerabilities

Adobe Acrobat Reader DC Doc Object Use-After-Free Information Disclosure Vulnerability [CVE-2024-45107]

CVE Number = CVE-2024-45107 CVSS Score = 3.3 This vulnerability allows remote attackers to disclose sensitive information on affected installations

Read More
NewsSecurity Vulnerabilities

NAC Telecommunication Systems SQL Command Injection vulnerability [CVE-2024-6919]

CVE number = CVE-2024-6919 CVSS Score = 9.8 Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)

Read More
NewsSecurity Vulnerabilities

Critical vulnerability in SonicWall SonicOS [CVE-2024-40766]

SonicWall has issued a security advisory regarding a critical access control vulnerability (CVE-2024-40766) in its SonicOS. This flaw could allow

Read More
NewsSecurity Vulnerabilities

Drupal Full Path Disclosure Vulnerability [CVE-2024-45440]

CVE number = CVE-2024-45440 core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the

Read More
NewsSecurity Vulnerabilities

Linux Kernel Netfilter Conntrack Type Confusion Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Linux Kernel. An attacker must first obtain

Read More
NewsSecurity Vulnerabilities

Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability [CVE-2024-27857]

CVE number = CVE-2024-27857 CVSS Score = 7.8 This vulnerability allows remote attackers to execute arbitrary code on affected installations

Read More