[update]
-
CVE-2024-5955 | Trellix ePolicy Orchestrator up to 5.10 Service Pack 1 Update 2 cross site scripting
·
A vulnerability, which was classified as problematic, was found in Trellix ePolicy Orchestrator up to 5.10 Service Pack 1 Update 2. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-5955. It is possible to initiate the attack remotely. There is no exploit available. It is…
-
Four years after SUNBURST, SolarWinds goes private, SuperOps fund raise, Broadcom’s partner program and more in this week’s security update.
-
Important: kernel security update
-
Important: git-lfs security update
-
Thrive makes another acquisition, Grip Security launches SaaS security posture management platform and more.
-
Severity: Medium Proof-of-concept released for authentication bypass vulnerability CVE-2025-0108 Proof-of-concept released for authentication bypass vulnerability CVE-2025-0108 Updated: 13 Feb 2025
-
Windows 10 may not have long left to live (officially, at least), but this does not seem to be stopping Microsoft from using the operating system to piss people off. There are still a few months of updates for Windows 10, and the most recent is the cumulative KB5051974 update. In addition to one of…
-
Fortinet has rolled out critical security updates to address multiple high-risk flaws across its product portfolio, including FortiOS, FortiProxy, FortiManager, and FortiAnalyzer. Fortinet warns of an already patched zero-day flaw (CVE-2024-55591 & new CVE-2025-24472), which allows attackers to bypass authentication and gain “super-admin” privileges on affected devices. Critical Zero-Day Exploited Since November 2024 The most…
-
Ivanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve arbitrary code execution. The list of vulnerabilities is below – CVE-2024-38657 (CVSS score: 9.1) – External control of a file name in Ivanti Connect Secure before version…
-
A high-severity vulnerability has been discovered in OpenSSL, a widely-used cryptography library that secures countless websites and online The post CVE-2024-12797 – High-Severity OpenSSL Flaw: Update Now to Prevent MITM Attacks appeared first on Cybersecurity News.