Threat Summary Category: Federal Infrastructure Software VulnerabilityFeatures: Active exploitation, patch bypass lineage, mandatory remedia

seen from Germany
seen from United States
seen from United States
seen from United States

seen from Russia
seen from China
seen from United States
seen from United States
seen from United States
seen from Taiwan

seen from Türkiye
seen from Singapore
seen from United States
seen from China

seen from Türkiye
seen from United Kingdom

seen from Türkiye

seen from United States
seen from China

seen from Poland
Threat Summary Category: Federal Infrastructure Software VulnerabilityFeatures: Active exploitation, patch bypass lineage, mandatory remedia
Progress Software Warns of Critical Vulnerability in WS_FTP Server
Multiple vulnerabilities have been discovered in Progress’s WS_FTP, which include .NET deserialization, directory traversal, reflected cross-site scripting (XSS), SQL injection, stored cross-site scripting, cross-site request forgery, and unauthenticated user enumeration vulnerability. These vulnerabilities’ severities range from 5.3 (Medium) to 10.0 (Critical). However, Progress has released…
View On WordPress
Anxiously Awaited OpenSSL Vulnerability's Severity Downgraded From Critical to High
Anxiously Awaited OpenSSL Vulnerability’s Severity Downgraded From Critical to High
Home › Vulnerabilities Anxiously Awaited OpenSSL Vulnerability’s Severity Downgraded From Critical to High By Eduard Kovacs on November 01, 2022 Tweet The OpenSSL Project on Tuesday announced the release of OpenSSL 3.0.7. Everyone was anxiously awaiting to learn the details of the first critical vulnerability discovered since 2016, but the project’s developers decided to downgrade the flaw’s…
View On WordPress
Critical ConnectWise Vulnerability Affects Thousands of Internet-Exposed Servers
Home › Virus & Threats Critical ConnectWise Vulnerability Affects Thousands of Internet-Exposed Servers By Eduard Kovacs on October 31, 2022 Tweet IT management software provider ConnectWise on Friday announced updates that patch a critical vulnerability which, according to cybersecurity professionals, exposes thousands of servers to attacks. The flaw, described as “improper neutralization of…
View On WordPress
Water Tank Management System Used Worldwide Has Unpatched Security Hole
Water Tank Management System Used Worldwide Has Unpatched Security Hole
Home › ICS/OT Water Tank Management System Used Worldwide Has Unpatched Security Hole By Eduard Kovacs on September 16, 2022 Tweet A water tank management system used by organizations worldwide is affected by a critical vulnerability that can be exploited remotely and the vendor does not appear to want to patch it. The affected product is made by the water and energy unit of Irish building…
View On WordPress
SonicWall Warns of Critical GMS SQL Injection Vulnerability
SonicWall Warns of Critical GMS SQL Injection Vulnerability
Home › Endpoint Security SonicWall Warns of Critical GMS SQL Injection Vulnerability By Ryan Naraine on July 22, 2022 Tweet Network security appliance vendor SonicWall late Thursday shipped urgent patches for a critical flaw in its Global Management System (GMS) software, warning that the issue exposes businesses to remote hacker attacks. The vulnerability, which carries a critical-severity…
View On WordPress
Netwrix Auditor Vulnerability Can Facilitate Attacks on Enterprises
Netwrix Auditor Vulnerability Can Facilitate Attacks on Enterprises
Home › Vulnerabilities Netwrix Auditor Vulnerability Can Facilitate Attacks on Enterprises By Eduard Kovacs on July 20, 2022 Tweet Data security company Netwrix recently patched a vulnerability in its Auditor product that could allow attackers to execute arbitrary code and possibly compromise an organization’s Active Directory domain. The flaw in the IT auditing software was discovered by…
View On WordPress