Skip to content
GeekWire
  • HOME
  • NEWS
    • CERT
    • EXPLOITS
    • NCSC
    • NVD
    • SECURELIST
    • US-CERT
  • BLOG
    • Books
    • OSINT
    • Pentest
    • Privacy
  • GHDB
  • CHDB
  • OSINT
  • LABS
  • ARCHIVE
  • ABOUT
    • Privacy Policy
    • Terms of Use
    • External Links
    • Sitemap
GeekWire
GeekWire
  • HOME
  • NEWS
    • CERT
    • EXPLOITS
    • NCSC
    • NVD
    • SECURELIST
    • US-CERT
  • BLOG
    • Books
    • OSINT
    • Pentest
    • Privacy
  • GHDB
  • CHDB
  • OSINT
  • LABS
  • ARCHIVE
  • ABOUT
    • Privacy Policy
    • Terms of Use
    • External Links
    • Sitemap

Flaws

VMware Disputes Old Flaws at Root of ESXiArgs Ransomware Attacks

8 February 2023

Edward Hawkins, the High-Profile Product Incident Response Manager at VMware, has refuted claims that two-year-old vulnerabilities have …

Tags Flaws, France, Italy, Old, Root

Exploit Released for GoAnywhere File Transfer Zero-Day Flaw

7 February 2023

A zero-day vulnerability affecting on-premise instances of Fortra’s GoAnywhere MFT-managed file transfer solution was actively exploited, …

Tags Cyber Security News, File Transfer, Flaws, Security Pro, Vulnerability

Firmware Flaws Could Spell ‘Lights Out’ for Servers

31 January 2023

Five vulnerabilities in the baseboard management controller (BMC) firmware used in servers of 15 major vendors could give attackers the …

Tags Cloud, Firmware, Flaws, IT, Servers

Flaw in Diksha App Exposed the Data of Millions of Indian Students

23 January 2023

The data was stored by the Digital Infrastructure for Knowledge Sharing app, or Diksha, a public education app launched in 2017. At the …

Tags Apps, Data, Exposed, Flaws, Indian

Cisco Unified CM SQL Injection Flaw Let Attackers Execute Crafted SQL Queries

23 January 2023

Cisco released fixes for Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition to address …

Tags Attackers, Cyber Security News, Databases, Flaws, Let

Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware

20 January 2023

A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day in attacks …

Tags 0-Day, Drop, Firewalls, Flaws, FortiOS

Microsoft Azure Services Found Vulnerable to Server-Side Request Forgery Attacks

18 January 2023

Cyber researchers discovered last year that four of Microsoft Azure`s Services had security issues that made them vulnerable to server-side …

Tags Azure (Microsoft), Exposed, Flaws, Services, SSRF

Experts found SSRF flaws in four different Microsoft Azure services

18 January 2023

SSRF vulnerabilities in four Microsoft Azure services could be exploited to gain unauthorized access to cloud resources. Researchers at the …

Tags Azure (Microsoft), Cloud Provider, Exposed, Flaws, Services

Microsoft Azure Services Flaws Could’ve Exposed Cloud Resources to Unauthorized Access

17 January 2023

Four different Microsoft Azure services have been found vulnerable to server-side request forgery (SSRF) attacks that could be exploited to …

Tags Flaws, IT, Microsoft, News, Services

CISA Warns for Flaws Affecting Industrial Control Systems from Major Manufacturers

16 January 2023

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released several Industrial Control Systems (ICS) advisories warning …

Tags CISA, Flaws, Industrial Control Systems, IT, Manufacturers

FortiOS SSL-VPN Zero-day Flaw Exploited to Attack Government Organizations

14 January 2023

There have been a number of attacks against government organizations and government-related targets using FortiOS SSL-VPN zero-day …

Tags Attacks, Flaws, Governments, Organizations, Security Pro

FortiOS Flaw Exploited as Zero-Day in Attacks on Government and Organizations

13 January 2023

A zero-day vulnerability in FortiOS SSL-VPN that Fortinet addressed last month was exploited by unknown actors in attacks targeting the …

Tags Attacks, Flaws, Fortinet, Governments, Organizations

Experts Detail Chromium Browser Security Flaw Putting Confidential Data at Risk

12 January 2023

Details have emerged about a now-patched vulnerability in Google Chrome and Chromium-based browsers that, if successfully exploited, could …

Tags Data Safety, Experts, Flaws, Google Chrome, Risks

Microsoft Patch Tuesday – 98 Flaws Patched Including the One Exploited in the Wild

11 January 2023

A total of 98 vulnerabilities were fixed on January Patch Tuesday 2023 by Microsoft, including a zero-day vulnerability that was exploited …

Tags Cyber Security News, Flaws, One, Security Pro, Vulnerability
Older posts
Page1 Page2 … Page92 Next →
Cookie-Free

NVD

  • CVE-2023-25168 – Wings is Pterodactyl’s server control plane. This vulnerability can be used to delete file …9 February 2023
  • CVE-2022-40480 – Nordic Semiconductor, Microchip Technology NRF5340-DK DT100112 was discovered to contain a …8 February 2023
  • CVE-2023-0718 – The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a mis …8 February 2023
  • CVE-2023-24828 – Onedev is a self-hosted Git Server with CI/CD and Kanban. In versions prior to 7.9.12 the …8 February 2023
  • CVE-2022-45192 – An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio ran …8 February 2023
  • CVE-2022-45190 – An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio ran …8 February 2023

EXPLOITS

  • Feehi CMS 2.1.1 – Remote Code Execution (Authenticated)22 November 2022
  • SmartRG Router SR510n 2.6.13 – Remote Code Execution22 November 2022
  • CVAT 2.0 – Server Side Request Forgery18 November 2022
  • MSNSwitch Firmware MNT.2408 – Remote Code Execution18 November 2022
  • Open Web Analytics 1.7.3 – Remote Code Execution18 November 2022
  • IOTransfer V4 – Unquoted Service Path11 November 2022

SECURELIST

  • Web beacons on websites and in e-mail7 February 2023
  • Prilex modification now targeting contactless credit card transactions31 January 2023
  • Come to the dark side: hunting IT professionals on the dark web30 January 2023
  • What your SOC will be facing in 202323 January 2023
  • Roaming Mantis implements new DNS changer in its malicious mobile app in 202219 January 2023
  • What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks18 January 2023
Copyright © 2023 GeekWire | Cookie-Free | Privacy Policy | We are not responsible for the content of external sites.
Next Page »