RCE – Page 4 – MCYSEKA-Maritime Cyber Security Knowledge Archive

Expert released PoC exploit code for critical Microsoft Word RCE flaw

Security researcher released a proof-of-concept exploit code for a critical flaw, tracked as CVE-2023-21716, in Microsoft Word. Security researcher Joshua Drake released a proof-of-concept for a critical vulnerability, tracked as CVE-2023-21716 (CVSS score 9.8 out of 10), in Microsoft Word. The vulnerability can be exploited by a remote attacker to execute arbitrary code on a […]

The post Expert released PoC exploit code for critical Microsoft Word RCE flaw appeared first on Security Affairs.

March 7, 2023

0 comment

Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine

Cisco addressed a critical vulnerability in the ClamAV open source antivirus engine that can lead to remote code execution on vulnerable devices. Cisco fixed a critical flaw, tracked as CVE-2023-20032 (CVSS score: 9.8), in the ClamAV open source antivirus engine. The vulnerability resides in the residing in the HFS+ file parser component, an attacker can trigger […]

The post Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine appeared first on Security Affairs.

February 17, 2023

0 comment

Watch out! Experts plans to release VMware vRealize Log RCE exploit next week

Horizon3’s Attack Team made the headlines again announcing the releasse of a PoC exploit code for remote code execution in VMware vRealize Log. Researchers from the Horizon3’s Attack Team announced the release of PoC exploit code for remote code execution in VMware vRealize Log. The PoC exploit code will trigger a series of flaws in […]

The post Watch out! Experts plans to release VMware vRealize Log RCE exploit next week appeared first on Security Affairs.

January 29, 2023

0 comment

Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)

Experts warn of a spike in the attacks that between August and October 2022 attempted to exploit a Realtek Jungle SDK RCE (CVE-2021-35394). Palo Alto Networks researchers reported that between August and October 2022 the number of attacks that attempted to exploit a Realtek Jungle SDK RCE (CVE-2021-35394) (CVSS score 9.8) accounted for more than […]

The post Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394) appeared first on Security Affairs.

January 26, 2023

0 comment

Expert found critical flaws in OpenText Enterprise Content Management System

The OpenText enterprise content management (ECM) system is affected by multiple vulnerabilities, including a critical RCE. Armin Stock (Atos), researcher at cybersecurity firm Sec Consult, discovered multiple vulnerabilities in the OpenText enterprise content management (ECM) product. OpenText Extended ECM is an enterprise CMS platform that manages the information lifecycle by integrating with leading enterprise applications, […]

The post Expert found critical flaws in OpenText Enterprise Content Management System appeared first on Security Affairs.

January 22, 2023

0 comment

Patch your Zoho ManageEngine instance immediately! PoC Exploit for CVE-2022-47966 will be released soon

A PoC exploit code for the unauthenticated remote code execution vulnerability CVE-2022-47966 in Zoho ManageEngine will be released soon. The CVE-2022-47966 flaw is an unauthenticated remote code execution vulnerability that impacts multiple Zoho products with SAML SSO enabled in the ManageEngine setup. The issue also impacts products that had the feature enabled in the past. The […]

The post Patch your Zoho ManageEngine instance immediately! PoC Exploit for CVE-2022-47966 will be released soon appeared first on Security Affairs.

January 17, 2023

0 comment

Popular JWT cloud security library patches “remote” code execution hole

It’s remotely triggerable, but attackers would already have pretty deep network access if they could “prime” your server for compromise.

January 10, 2023

0 comment

Remote code execution bug discovered in the popular JsonWebToken library

The open-source jsonwebtoken (JWT) library is affected by a high-severity security flaw that could lead to remote code execution. The open-source JsonWebToken (JWT) library is affected by a high-severity security flaw, tracked as CVE-2022-23529 (CVSS score: 7.6), that could lead to remote code execution. The package is maintained by Auth0, it had over 9 million weekly downloads […]

The post Remote code execution bug discovered in the popular JsonWebToken library appeared first on Security Affairs.

January 10, 2023

0 comment

Automotive Industry Exposed to Have Major API Vulnerabilities

By Habiba Rashid
The impacted automotive giants include BMW, Toyota, Ford, Honda, Mercedes-Benz and many more.
This is a post from HackRead.com Read the original post: Automotive Industry Exposed to Have Major API Vulnerabilities

January 10, 2023

0 comment

Log4Shell VMware vCenter Server (CVE-2021-44228)

Log4Shell is a critical vulnerability with the highest possible CVSSv3 score of 10.0 that affects thousands of products running Apache Log4j and leaves millions of targets potentially vulnerable. CVE-2021-44228 affects log4j versions 2.0-beta9 to 2.14….

December 17, 2021

0 comment

1 2 3 4