Cyber Newsroom Feed

The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.

CVE News RSS Feed
  • 0patch.com
Micropatches Released for Microsoft Outlook Information Disclosure Vulnerability (CVE-2023-35636)

In December 2023, still-Supported Microsoft Outlook versions got an official patch for CVE-2023-35636, a vulnerability that allowed an attacker to coerce user's Outlook to authenticate to attacker's r ... Read more

Published Date: Feb 23, 2024 (11 months, 1 week ago)
CVE-2023-35636
  • huntress.com
SlashAndGrab: ScreenConnect Post-Exploitation in the Wild (CVE-2024-1709 & CVE-2024-1708) | Huntress

Table of Contents: Adversaries Deploying RansomwareAdversaries EnumeratingAdversary Cryptocurrency MinersAdversaries Installing Additional Remote AccessDownloading Tools and PayloadsAdversaries Droppi ... Read more

Published Date: Feb 23, 2024 (11 months, 1 week ago)
CVE-2024-1709 CVE-2024-1708
  • huntress.com
Understanding the ConnectWise ScreenConnect CVE-2024-1709 & CVE-2024-1708 | Huntress

On February 19, 2024, ConnectWise published a security advisory for ScreenConnect version 23.9.8, referencing two vulnerabilities and software weaknesses. The same day, Huntress researchers worked to ... Read more

Published Date: Feb 21, 2024 (11 months, 1 week ago)
  • 0patch.com
Micropacthes For "OverLog", Remote Denial of Service Vulnerability in Windows Event Log Service (CVE-2022-37981)

We recently delivered patches for the "LogCrusher" vulnerability that allows an attacker to remotely crash Windows Event Log service on some older Windows systems that we have security-adopted. Varoni ... Read more

Published Date: Feb 19, 2024 (11 months, 1 week ago)
CVE-2022-37981
  • cert.pl
Vulnerabilities in Comarch ERP XL software

CVE ID CVE-2023-4537 Publication date 15 February 2024 Vendor Comarch SA Product Comarch ERP XL Vulnerable versions From 2020.2.2 through 2023.2 Vulnerability type (CWE) Missing Encryption of Sensitiv ... Read more

Published Date: Feb 15, 2024 (11 months, 2 weeks ago)
CVE-2023-4539 CVE-2023-4538 CVE-2023-4537
  • cert.pl
Vulnerability in iZZi connect application

CVE ID CVE-2024-0390 Publication date 15 February 2024 Vendor INPRAX sp. z o.o. Product iZZi connect Vulnerable versions All below 2024010401 Vulnerability type (CWE) Use of Hard-coded Credentials (CW ... Read more

Published Date: Feb 15, 2024 (11 months, 2 weeks ago)
CVE-2024-0390
  • Zero Day Initiative
The February 2024 Security Update Review

None ... Read more

Published Date: Feb 12, 2024 (11 months, 2 weeks ago)
  • 0patch.com
Micropatches For Another Remote Windows Event Log Denial Of Service ("LogCrusher", no CVE)

While recently patching the (still 0day) "EventLogCrasher" vulnerability, we came across another similar vulnerability published in January 2023 by Dolev Taler, a security researcher at Varonis.Dolev' ... Read more

Published Date: Feb 09, 2024 (11 months, 3 weeks ago)
CVE-2022-37981
  • Zero Day Initiative
CVE-2023-46263: Ivanti Avalanche Arbitrary File Upload Vulnerability

None ... Read more

Published Date: Feb 06, 2024 (11 months, 3 weeks ago)
CVE-2023-46263
  • 0patch.com
Micropatches Released For Microsoft Windows XAML diagnostics API Elevation of Privilege (CVE-2023-36003)

December 2023 Windows Updates brought a patch for CVE-2023-36003, a privilege escalation vulnerability in Microsoft Windows XAML diagnostics API. The vulnerability allows a low-privileged Windows proc ... Read more

Published Date: Feb 06, 2024 (11 months, 3 weeks ago)
CVE-2023-36003

Filters

Showing 10 of 3303 Results
© cvefeed.io
Latest DB Update: Feb. 02, 2025 12:54