More results...
A newly disclosed set of vulnerabilities in Versa Networks’ SD-WAN orchestration platform, Versa Director, with the flaws enabling authenticated attackers to upload malicious files and execute arbitrary commands on affected systems. The vulnerabilities…
A newly disclosed critical vulnerability in Dover Fueling Solutions’ ProGauge MagLink LX consoles has sent shockwaves through the global fuel infrastructure sector. The flaw, tracked as CVE-2025-5310, allows remote attackers to seize control of fueling…
IBM has issued a critical security update for its QRadar SIEM platform after researchers uncovered multiple vulnerabilities, including a severe flaw that allows privileged users to execute arbitrary commands on affected systems. The vulnerabilities, di…
A newly disclosed vulnerability in Apache SeaTunnel, a popular distributed data integration platform, has raised alarms in the cybersecurity community. The flaw, tracked as CVE-2025-32896, allows unauthorized users to exploit insecure REST API endpoint…
Banana Squad hid data-stealing malware in fake GitHub repos posing as Python tools, tricking users and targeting sensitive info like browser and wallet data.
The ClamAV development team has rolled out two crucial security patch releases, versions 1.4.3 and 1.0.9, aimed at resolving significant vulnerabilities that could compromise system integrity. Alongside these patches, the team has introduced Linux aarc…
Cisco has resolved a high-severity vulnerability in Meraki MX and Meraki Z devices. Atlassian pushed patches for multiple third-party dependencies.
The post High-Severity Vulnerabilities Patched by Cisco, Atlassian appeared first on SecurityWeek.
A newly disclosed vulnerability in Cisco’s AnyConnect VPN implementation for Meraki MX and Z Series devices poses a significant risk to enterprise networks, enabling unauthenticated attackers to disrupt remote access by triggering denial-of-service (Do…
A newly disclosed vulnerability in Apache Traffic Server (ATS) has raised serious concerns among enterprise users and cloud providers, as attackers can exploit a flaw in the Edge Side Includes (ESI) plugin to trigger denial-of-service (DoS) attacks by …
A critical Server-Side Request Forgery (SSRF) vulnerability has been discovered in the @opennextjs/cloudflare package, posing a significant security threat to websites deployed using the Cloudflare adapter for Open Next. The flaw, now tracked as CVE-20…