CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Cyber Express
Downgrade Attacks Could Affect Fully Updated Windows Systems With Previously Patched Vulnerabilities
A security researcher has uncovered a new threat within the Windows operating system that challenges the very notion of a fully-patched system. The new threat demonstrated by the researcher-built tool ... Read more
-
BleepingComputer
Cisco warns of critical RCE zero-days in end of life IP phones
Cisco is warning of multiple critical remote code execution zero-days in the web-based management interface of the end-of-life Small Business SPA 300 and SPA 500 series IP phones. The vendor has not m ... Read more
-
BleepingComputer
CISA warns about actively exploited Apache OFBiz RCE flaw
The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz. Apache OFBiz (Open For Business) is a ... Read more
-
BleepingComputer
Exploit released for Cisco SSM bug allowing admin password changes
Cisco warns that exploit code is now available for a maximum severity vulnerability that lets attackers change any user password on unpatched Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) l ... Read more
-
Cybersecurity News
Cisco Warns of Public PoC Exploit Code of Critical CVE-2024-20419 (CVSS 10) Flaw
Cisco has recently updated its security advisory, alerting users to a critical vulnerability identified as CVE-2024-20419. This flaw affects the Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem ... Read more
-
TheCyberThrone
Apache Cloudstack fixes CVE-2024-42062 & CVE-2024-42222
Apache CloudStack project has released patches for addressing two critical vulnerabilities, that could allow attackers to gain unauthorized access to sensitive information and compromise the integri ... Read more
-
Cybersecurity News
HPE Aruba Networking Addresses Severe Vulnerabilities in Access Points
HPE Aruba Networking has released security updates to address multiple critical vulnerabilities in its Aruba Access Points running InstantOS and ArubaOS 10. These vulnerabilities could potentially all ... Read more
-
The Register
Using 1Password on Mac? Patch up if you don’t want your Vaults raided
Password manager 1Password is warning that all Mac users running versions before 8.10.36 are vulnerable to a bug that allows attackers to steal vault items. 1Password Vaults are essentially mini passw ... Read more
-
TheCyberThrone
Jenkins Patches Critical Vulnerability CVE-2024-43044
Jenkins has released an urgent advisory detailing two vulnerabilities, that expose Jenkins instances to arbitrary file read and unauthorized access risks,The critical one of the two vulnerabilities, t ... Read more
-
The Cyber Express
Critical 1Password Vulnerability: Hackers Could Exploit Security Flaw to Access Unlock Keys
AgileBits, the developer behind the 1Password password manager, has disclosed a severe security vulnerability that could potentially allow attackers to extract sensitive information from macOS users. ... Read more