CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Admins better Spring into action over latest critical open source vuln
If you're running an application built using the Spring development framework, now is a good time to check it's fully updated – a new, critical-severity vulnerability has just been disclosed. Tracked ... Read more
-
The Hacker News
Researchers Uncover Vulnerabilities in Open-Source AI and ML Models
AI Security / Vulnerability A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) models, some of which c ... Read more
-
Help Net Security
Patching problems: The “return” of a Windows Themes spoofing vulnerability
Despite two patching attempts, a security issue that may allow attackers to compromise Windows user’s NTLM (authentication) credentials via a malicious Windows themes file still affects Microsoft’s op ... Read more
-
0patch.com
We Patched CVE-2024-38030, Found Another Windows Themes Spoofing Vulnerability (0day)
TL;DR: While patching CVE-2024-38030, we found another similar issue, reported it to Microsoft and created free micropatches for 0patch users on both legacy and still-supported Windows versions so the ... Read more
-
TheCyberThrone
Spring Security fixes Critical Vulnerability CVE-2024-38821
Spring Security has disclosed a critical vulnerability impacting WebFlux applications, enables an authorization bypass under specific conditions. If exploited, this vulnerability could potentially all ... Read more
-
The Cyber Express
Apple Silences the Critics: visionOS 2.1 Plugs Major Security Holes
Apple has launched the highly anticipated visionOS 2.1 update for its innovative mixed reality headset, the Apple Vision Pro. This update is particularly important as it addresses a range of Apple Vis ... Read more
-
The Hacker News
New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors
Hardware Security / Vulnerability More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are ... Read more
-
Cybersecurity News
CLFS Flaw in Windows 11 Allows for Privilege Escalation, PoC Published
A high-severity vulnerability has been discovered in the Common Log File System (CLFS) driver in Windows 11, enabling local users to escalate their privileges. CLFS is responsible for efficiently mana ... Read more
-
Cybersecurity News
CVE-2024-38821 (CVSS 9.1) Allows Authorization Bypass in Spring WebFlux Applications
In a recent security advisory, Spring Security disclosed CVE-2024-38821, a critical vulnerability impacting WebFlux applications, with a CVSS severity score of 9.1. The flaw enables an “authorization ... Read more
-
Cybersecurity News
CVE-2024-22036 (CVSS 9.1): Critical RCE Vulnerability Discovered in SUSE Rancher
A new vulnerability, CVE-2024-22036, has been disclosed by the SUSE Rancher Security team, highlighting a critical flaw that enables remote code execution (RCE) in Rancher environments. Rated 9.1 on t ... Read more