Cyber Newsroom Feed

The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.

CVE News RSS Feed
  • huntress.com
SlashAndGrab: ScreenConnect Post-Exploitation in the Wild (CVE-2024-1709 & CVE-2024-1708) | Huntress

Table of Contents: Adversaries Deploying RansomwareAdversaries EnumeratingAdversary Cryptocurrency MinersAdversaries Installing Additional Remote AccessDownloading Tools and PayloadsAdversaries Droppi ... Read more

Published Date: Feb 23, 2024 (9 months, 4 weeks ago)
CVE-2024-1709 CVE-2024-1708
  • huntress.com
Understanding the ConnectWise ScreenConnect CVE-2024-1709 & CVE-2024-1708 | Huntress

On February 19, 2024, ConnectWise published a security advisory for ScreenConnect version 23.9.8, referencing two vulnerabilities and software weaknesses. The same day, Huntress researchers worked to ... Read more

Published Date: Feb 21, 2024 (10 months ago)
  • 0patch.com
Micropacthes For "OverLog", Remote Denial of Service Vulnerability in Windows Event Log Service (CVE-2022-37981)

We recently delivered patches for the "LogCrusher" vulnerability that allows an attacker to remotely crash Windows Event Log service on some older Windows systems that we have security-adopted. Varoni ... Read more

Published Date: Feb 19, 2024 (10 months ago)
CVE-2022-37981
  • cert.pl
Vulnerabilities in Comarch ERP XL software

CVE ID CVE-2023-4537 Publication date 15 February 2024 Vendor Comarch SA Product Comarch ERP XL Vulnerable versions From 2020.2.2 through 2023.2 Vulnerability type (CWE) Missing Encryption of Sensitiv ... Read more

Published Date: Feb 15, 2024 (10 months, 1 week ago)
CVE-2023-4539 CVE-2023-4538 CVE-2023-4537
  • cert.pl
Vulnerability in iZZi connect application

CVE ID CVE-2024-0390 Publication date 15 February 2024 Vendor INPRAX sp. z o.o. Product iZZi connect Vulnerable versions All below 2024010401 Vulnerability type (CWE) Use of Hard-coded Credentials (CW ... Read more

Published Date: Feb 15, 2024 (10 months, 1 week ago)
CVE-2024-0390
  • Zero Day Initiative
The February 2024 Security Update Review

None ... Read more

Published Date: Feb 12, 2024 (10 months, 1 week ago)
  • 0patch.com
Micropatches For Another Remote Windows Event Log Denial Of Service ("LogCrusher", no CVE)

While recently patching the (still 0day) "EventLogCrasher" vulnerability, we came across another similar vulnerability published in January 2023 by Dolev Taler, a security researcher at Varonis.Dolev' ... Read more

Published Date: Feb 09, 2024 (10 months, 1 week ago)
CVE-2022-37981
  • Zero Day Initiative
CVE-2023-46263: Ivanti Avalanche Arbitrary File Upload Vulnerability

None ... Read more

Published Date: Feb 06, 2024 (10 months, 2 weeks ago)
CVE-2023-46263
  • 0patch.com
Micropatches Released For Microsoft Windows XAML diagnostics API Elevation of Privilege (CVE-2023-36003)

December 2023 Windows Updates brought a patch for CVE-2023-36003, a privilege escalation vulnerability in Microsoft Windows XAML diagnostics API. The vulnerability allows a low-privileged Windows proc ... Read more

Published Date: Feb 06, 2024 (10 months, 2 weeks ago)
CVE-2023-36003
  • cert.pl
Vulnerabilities in Hongdian Router H8951-4G-ESP software

CVE ID CVE-2023-49253 Publication date 12 January 2024 Vendor Hongdian Product H8951-4G-ESP Vulnerable versions before build 2310271149 Vulnerability type (CWE) Use of Hard-coded Credentials (CWE-798) ... Read more

Published Date: Jan 12, 2024 (11 months, 1 week ago)
CVE-2023-49262 CVE-2023-49261 CVE-2023-49260 CVE-2023-49259 CVE-2023-49258 CVE-2023-49257 CVE-2023-49256 CVE-2023-49255 CVE-2023-49254 CVE-2023-49253 ...+1 more CVE

Filters

Showing 10 of 2622 Results
© cvefeed.io
Latest DB Update: Dec. 22, 2024 13:05