• Cybersecurity News

The Hewlett Packard Enterprise (HPE) Product Security Response Team has issued a critical advisory concerning multiple command injection vulnerabilities (CVE-2024-42505, CVE-2024-42506, CVE-2024-42507 ... Read more

• Cybersecurity News

In a newly published security advisory, several critical vulnerabilities have been identified in Navidrome, a popular open-source music streaming server. These flaws, disclosed under CVE-2024-47062 wi ... Read more

• Cybersecurity News

Attacker commands enumerating machine details | Image: HuntressRecently, the cybersecurity company Huntress reported a new wave of cyberattacks targeting the widely-used Foundation Accounting Software ... Read more

• TheCyberThrone

The US CISA added Ivanti vulnerability tracked as CVE-2024-8190 to its Known Exploited Vulnerabilities Catalog based on the evidence of active exploitationThe vulnerability affects Ivanti Cloud Servic ... Read more

• TheCyberThrone

SolarWinds has released patches for two vulnerabilities affecting their Access Rights Manager (ARM) software, that have the potential to compromise the security of networks utilizing ARM, with impacts ... Read more

• TheCyberThrone

Apache OFBiz has got a security update for a flaw CVE-2024-45195 with a CVSS score of 7.5 that  allows attackers to bypass authorization checks and execute arbitrary code on the server, even without v ... Read more

• Cybersecurity News

Image: Rapid7According to a report from Imperva, over 25,000 malicious requests targeting 4,000 unique sites have been detected since the CVE-2024-45195 vulnerability in Apache OFBiz was disclosed. Th ... Read more

• The Cyber Express

IBM has revealed several severe vulnerabilities within its webMethods Integration Server, a platform widely utilized for integration and API management. These IBM webMethods Integration vulnerabilitie ... Read more

• Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Vulnerability allows Yubico security keys to be cloned Researchers have unearthed a cryptographic vuln ... Read more

• security.nl

Apache heeft een kritieke kwetsbaarheid in ERP-oplossing OFBiz verholpen waardoor een ongeauthenticeerde aanvaller op afstand code op het ERP-systeem kan uitvoeren. Onlangs werden twee andere beveilig ... Read more

• The Cyber Express

Popular open-source enterprise Resource Planning (ERP) system, Apache OFBiz, recently discovered harboring a critical Remote Code Execution (RCE) vulnerability. Tracked as CVE-2024-45195, the Apache O ... Read more

• Help Net Security

For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to unauthenticated remote code ... Read more

• The Hacker News

Cybersecurity / Vulnerability A new security flaw has been addressed in the Apache OFBiz open-source enterprise resource planning (ERP) system that, if successfully exploited, could lead to unauthenti ... Read more

• BleepingComputer

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers. ... Read more