CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Cisco Small Business IP Phones Affected by Critical Vulnerabilities, No Patch!
In a recent security advisory, Cisco disclosed multiple critical vulnerabilities affecting their Small Business SPA300 and SPA500 Series IP Phones. These vulnerabilities, identified as CVE-2024-20450, ... Read more
-
Cybersecurity News
Apache CloudStack Releases Critical Patches (CVE-2024-42062 and CVE-2024-42222)
The Apache CloudStack project has issued an urgent security advisory, urging users to update their software immediately to address two critical vulnerabilities, CVE-2024-42062 and CVE-2024-42222. Thes ... Read more
-
seclists.org
KL-001-2024-010: Journyx Unauthenticated XML External Entities Injection
Full Disclosure mailing list archives From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 7 Aug 2024 18:54:52 -0500 KL-001-2024-010: Journyx Unauthenticated XML ... Read more
-
seclists.org
KL-001-2024-009: Journyx Reflected Cross Site Scripting
Full Disclosure mailing list archives KL-001-2024-009: Journyx Reflected Cross Site Scripting From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 7 Aug 2024 18:5 ... Read more
-
seclists.org
KL-001-2024-008: Journyx Authenticated Remote Code Execution
Full Disclosure mailing list archives KL-001-2024-008: Journyx Authenticated Remote Code Execution From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 7 Aug 2024 ... Read more
-
seclists.org
KL-001-2024-007: Journyx Unauthenticated Password Reset Bruteforce
Full Disclosure mailing list archives From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 7 Aug 2024 18:51:14 -0500 KL-001-2024-007: Journyx Unauthenticated Pass ... Read more
-
seclists.org
KL-001-2024-006: Open WebUI Arbitrary File Upload + Path Traversal
Full Disclosure mailing list archives From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 7 Aug 2024 18:49:23 -0500 KL-001-2024-006: Open WebUI Arbitrary File Up ... Read more
-
seclists.org
KL-001-2024-005: Open WebUI Stored Cross-Site Scripting
Full Disclosure mailing list archives KL-001-2024-005: Open WebUI Stored Cross-Site Scripting From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 7 Aug 2024 18:4 ... Read more
-
The Register
Devices with insecure SSH services are everywhere, say infosec duo
Black Hat A funny thing happened to security researchers at attack surface management company runZero when they were digging into the xz backdoor earlier this year: They found a whole bunch of vulnera ... Read more
-
BleepingComputer
Windows Update downgrade attack "unpatches" fully-updated systems
SafeBreach security researcher Alon Leviev revealed at Black Hat 2024 that two zero-days could be exploited in downgrade attacks to "unpatch" fully updated Windows 10, Windows 11, and Windows Server s ... Read more