vulnerabilities

Patch Tuesday | Oct 09, 2024

Microsoft patches a brace of exploited zero days

Redmond pushes fixes for 117 vulnerabilities, three rated critical, five as publicly known , and eight marked as “exploitation more likely.” Beyond Microsoft, there are...

| Security | Sep 27, 2024

CUPS creator: Fixes coming soon

“We have been working on fixes for the last three weeks and hope to have them available soon. We are removing support for the old CUPS browse protocol completely”

Security | Sep 26, 2024

Critical 9.9 Linux bug: CUPS your ears, the details are here!

Some 300,000 endpoints may be publicly exposed to RCE, but these are likely to be largely desktops not servers.

Security | Sep 26, 2024

Critical NVIDIA container bug is an ‘old school’ risk to AI workloads

An attacker would need to craft a malicious container and run it "either directly (for example in services allowing shared GPU resources) or indirectly through a supply chain or social engineering attack"

Security | Sep 17, 2024

Exploit lands for CVSS 10 Ivanti bug

"Defender won’t catch this..."

Security | Aug 07, 2024

Ivanti is the Rihanna of CVEs, Qualys' top exploit chart shows

Still a hit with hackers after all these months

Security | Jul 29, 2024

Bonkers VMware vulnerability abused in ransomware attacks

net group “ESX Admins” username /domain /add.

vulnerabilities | Jul 11, 2024

Trio of unauthenticated ServiceNow vulnerabilities exposed 42,000

CVE-2024-4879 (CVSS 9.8) lets “an unauthenticated user remotely execute code” -- ServiceNow swiftly pushed fix to hosted instances but those self-hosting must...

Security | Jul 08, 2024

Fake OpenSSH "exploit" is a real exploit. Just not the one you thought.

Cisco says 42 products confirmed exposed to CVE-2024-6387 -- but OpenSSH exploit is malicious: Beware bogus POCs says Kaspersky

document.currentScript.parentNode.innerHTML = (parseInt(document.currentScript.closest('.iteration-container').dataset.length)).toString();