CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
CVE-2024-42458 (CVSS 9.8) – New Security Vulnerability in Neat VNC: Urgent Patch Released
Neat VNC, a popular open-source VNC server library used for remote desktop access and screen sharing, has been found vulnerable to a security vulnerability (CVE-2024-42458, CVSS 9.8). This flaw could ... Read more
-
The Register
Hello? Are you talking on a Cisco SPA300 or SPA500 IP phone? Now's the time to junk 'em
A boffin from British defence contractor BAE has found three critical flaws in Cisco's Small Business SPA300 and SPA500 IP phones – and another couple of nasties – none of which will be fixed or mitig ... Read more
-
The Cyber Express
SEC Won’t Bring Charges Against Progress Software Over MOVEit Supply Chain Attack
In a surprising move, the U.S. Securities and Exchange Commission (SEC) has decided not to bring charges against Progress Software over last year’s MOVEit software supply chain attack that exposed the ... Read more
-
The Cyber Express
Downgrade Attacks Could Affect Fully Updated Windows Systems With Previously Patched Vulnerabilities
A security researcher has uncovered a new threat within the Windows operating system that challenges the very notion of a fully-patched system. The new threat demonstrated by the researcher-built tool ... Read more
-
BleepingComputer
Cisco warns of critical RCE zero-days in end of life IP phones
Cisco is warning of multiple critical remote code execution zero-days in the web-based management interface of the end-of-life Small Business SPA 300 and SPA 500 series IP phones. The vendor has not m ... Read more
-
BleepingComputer
CISA warns about actively exploited Apache OFBiz RCE flaw
The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz. Apache OFBiz (Open For Business) is a ... Read more
-
BleepingComputer
Exploit released for Cisco SSM bug allowing admin password changes
Cisco warns that exploit code is now available for a maximum severity vulnerability that lets attackers change any user password on unpatched Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) l ... Read more
-
Cybersecurity News
Cisco Warns of Public PoC Exploit Code of Critical CVE-2024-20419 (CVSS 10) Flaw
Cisco has recently updated its security advisory, alerting users to a critical vulnerability identified as CVE-2024-20419. This flaw affects the Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem ... Read more
-
TheCyberThrone
Apache Cloudstack fixes CVE-2024-42062 & CVE-2024-42222
Apache CloudStack project has released patches for addressing two critical vulnerabilities, that could allow attackers to gain unauthorized access to sensitive information and compromise the integri ... Read more
-
Cybersecurity News
HPE Aruba Networking Addresses Severe Vulnerabilities in Access Points
HPE Aruba Networking has released security updates to address multiple critical vulnerabilities in its Aruba Access Points running InstantOS and ArubaOS 10. These vulnerabilities could potentially all ... Read more