CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
cert.pl
Vulnerability in CoolKit Technology eWeLink mobile application (Android & iOS)
CVE ID CVE-2023-6998 Publication date 30 December 2023 Vendor CoolKit Technology Product eWeLink (Android & iOS) Vulnerable versions All below 5.2.0 Vulnerability type (CWE) Improper Privilege Managem ...
-
cert.pl
Vulnerability in MegaBIP and SmodBIP software
CVE ID CVE-2023-5378 Publication date 20 December 2023 Vendor Jan Syski Product SmodBIP and MegaBIP Vulnerable versions SmodBIP: all, MegaBIP: all through 4.36.2 Vulnerability type (CWE) Improper Inpu ...
-
cert.pl
Russian Foreign Intelligence Service (SVR) Cyber Actors Use JetBrains TeamCity CVE in Global Targeting
The Federal Bureau of Investigation (FBI), US Cybersecurity & Infrastructure Security Agency (CISA), National Security Agency (NSA), Polish Military Counterintelligence Service (SKW), CERT Polska (CER ...
-
cert.pl
Vulnerability in SAS 9.4 software
CVE ID CVE-2023-4932 Publication date 12 December 2023 Vendor SAS Institute Product SAS Vulnerable versions 9.4_M7 and 9.4_M8 Vulnerability type (CWE) Reflected XSS (CWE-79) Report source Report to CE ...
-
0patch.com
Free Micropatches For Microsoft Access Forced Authentication Through Firewall (0day)
Update 2/14/2024: Either January 30 or February 1 Office update brought a fix for this issue: now, Access warns the user for any ODBC connection to SQL Server. Our patch only shows a warning when such ...
-
0patch.com
We Patched CVE-2023-28244 Before It Was Cool
How Our Patch For CVE-2022-33647 Fixed CVE-2023-28244 Five Months In Advance By Blaz Satler of 0patch TeamThe Initial Vulnerability - CVE-2022-33647 In September 2022, Microsoft released patches for C ...
-
0patch.com
Micropatches Released For Microsoft WordPad Information Disclosure (CVE-2023-36563)
October 2023 Windows Updates brought a patch for CVE-2023-36563, an "Information Disclosure" vulnerability in WordPad that was found by Microsoft Threat Intelligence as being exploited in the wild. A ...
-
huntress.com
Critical Vulnerability: SysAid CVE-2023-47246 | Huntress
On November 8, 2023, SysAid published an advisory expressing that their on-premise server software had a previously undisclosed vulnerability and is aware of public in-the-wild exploitation. Days prio ...
-
huntress.com
Bitter Pill: Pharmaceutical Vendor Linked to Pharmacy and Health Clinic Cyberattack | Huntress
In a concerning development within the healthcare sector, Huntress has identified a series of unauthorized access that signifies internal reconnaissance and preparation for additional threat actor act ...
-
cert.pl
Vulnerability in Apereo CAS software
CVE ID CVE-2023-4612 Publication date 03 November 2023 Vendor Apereo Foundation Product CAS Vulnerable versions All through 7.0.0-RC7 Vulnerability type (CWE) Improper Authentication (CWE-287) Report ...