CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
InfoSec Write-ups
Critical Vulnerabilities in porte_plume plugin to Remote Exploits -$$$$ Bounty -CVE-2024–7954
Description:The porte_plume plugin, utilized by SPIP versions prior to 4.30-alpha2, 4.2.13, and 4.1.16, is susceptible to a critical arbitrary code execution (RCE) vulnerability. This flaw allows a re ... Read more
-
HTB | Editorial — SSRF and CVE-2022–24439
This is a Linux box. You can find it here.Skill LearnedSSRFgitCVE-2022–24439NMAPIP:10.10.11.11nmap -sT -p- --min-rate 10000 10.10.11.20nmap -sC -sV -p 22,80 10.10.11.20nmapPort 80let’s visit port 80po ... Read more
-
TheCyberThrone
Apple fixes critical bugs in iOS 18
If you have any Apple devices running iOS 18, then make sure they have the latest patches installed.Apple has released an urgent iOS 18.0.1 and iPadOS 18.0.1 updates to fix two vulnerabilities, respec ... Read more
-
Help Net Security
Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: October 2024 Patch Tuesday forecast: Recall can be recalled October arrived, and Microsoft started the ... Read more
-
TheCyberThrone
PoC for Microsoft Office Zeroday CVE-2024-38200 released
Security researcher Metin Yunus Kandemir have released the technical details and a PoC exploit that reveals a critical information disclosure flaw in Microsoft Office. This vulnerability, which affect ... Read more
-
The Hacker News
Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability
Data Privacy / Mobile Security Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user's passwords to be read out aloud by its VoiceOver assist ... Read more
-
TheCyberThrone
CISA adds Zimbra Vulnerability CVE-2024-45519 to its KEV Catalog
The US CISA has added Synacor Zimbra vulnerability to its Known Exploited Vulnerabilities Catalog based on the evidence of active exploitation.The vulnerability tracked as CVE-2024-45519 with a CVSS s ... Read more
-
Cybersecurity News
D3D Security IP Cameras Risk Data Breach, Live Feed Access, No Patch Available
The Indian Computer Emergency Response Team (CERT-In) has issued an urgent advisory concerning two critical vulnerabilities discovered in the D3D Security IP Camera D8801, which could potentially allo ... Read more
-
Cybersecurity News
Okta Patches Vulnerability Allowing Unauthorized Access
Identity and access management giant, Okta, recently addressed a vulnerability that could have allowed malicious actors with valid credentials to bypass critical security measures. The vulnerability, ... Read more
-
Cybersecurity News
CVE-2024-9441: Unpatched Flaw Exposes Linear eMerge Systems to Remote Attacks, PoC Published
A severe security vulnerability has been identified in the Linear eMerge e3-Series access control systems, affecting versions up to 1.00-07. Designated as CVE-2024-9441 with a CVSS score of 9.8, this ... Read more