CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Your victim's Windows PC fully patched? Just force undo its updates and exploit away
Black Hat Techniques to forcibly remove security patches from Windows machines so that fixed vulnerabilities are exploitable again were demonstrated this week. These methods are a handy means for rogu ... Read more
-
Cybersecurity News
PoC Exploit Released for Apache OFBiz Remote Code Execution Flaw (CVE-2024-38856)
Today, cybersecurity researcher Zeyad Azima from SecureLayer7 and Youssef Muhammad have published a proof-of-concept (PoC) exploit code for a critical vulnerability (CVE-2024-38856) in the Apache OFBi ... Read more
-
Cybersecurity News
Zero-Day Vulnerability: 18 Years of Exploiting the ‘0.0.0.0’ Flaw
A study revealed a hidden vulnerability that has plagued the world’s largest browsers for 18 years, leaving private and corporate networks susceptible to cyberattacks. Researchers from Oligo Security ... Read more
-
Cybersecurity News
CVE-2024-21302, CVE-2024-38202: Zero-Day Vulnerabilities Expose Windows Systems to “Unpatching” Attacks
At Black Hat 2024, security researcher Alon Leviev from SafeBreach security researcher unveiled two zero-day vulnerabilities (CVE-2024-21302, CVE-2024-38202) that could be exploited to reverse patches ... Read more
-
Cybersecurity News
Cisco Small Business IP Phones Affected by Critical Vulnerabilities, No Patch!
In a recent security advisory, Cisco disclosed multiple critical vulnerabilities affecting their Small Business SPA300 and SPA500 Series IP Phones. These vulnerabilities, identified as CVE-2024-20450, ... Read more
-
Cybersecurity News
Apache CloudStack Releases Critical Patches (CVE-2024-42062 and CVE-2024-42222)
The Apache CloudStack project has issued an urgent security advisory, urging users to update their software immediately to address two critical vulnerabilities, CVE-2024-42062 and CVE-2024-42222. Thes ... Read more
-
seclists.org
KL-001-2024-010: Journyx Unauthenticated XML External Entities Injection
Full Disclosure mailing list archives From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 7 Aug 2024 18:54:52 -0500 KL-001-2024-010: Journyx Unauthenticated XML ... Read more
-
seclists.org
KL-001-2024-009: Journyx Reflected Cross Site Scripting
Full Disclosure mailing list archives KL-001-2024-009: Journyx Reflected Cross Site Scripting From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 7 Aug 2024 18:5 ... Read more
-
seclists.org
KL-001-2024-008: Journyx Authenticated Remote Code Execution
Full Disclosure mailing list archives KL-001-2024-008: Journyx Authenticated Remote Code Execution From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 7 Aug 2024 ... Read more
-
seclists.org
KL-001-2024-007: Journyx Unauthenticated Password Reset Bruteforce
Full Disclosure mailing list archives From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 7 Aug 2024 18:51:14 -0500 KL-001-2024-007: Journyx Unauthenticated Pass ... Read more