Kibana, a popular data visualization and exploration tool used with Elasticsearch, has identified two critical vulnerabilities affecting it.The vulnerabilities, CVE-2024-37288 and CVE-2024-37285, allow attackers to execute arbitrary code by nullifying YAML serialization.The flaws have been rated as High severity, highlighting…

Veeam Software, a leading provider of backup, recovery, and data management solutions, has announced the discovery and remediation of several critical and critical vulnerabilities in multiple products.These vulnerabilities pose potential risks to users of Veeam Backup & Replication, Veeam ONE,…

Cybersecurity researchers have discovered another critical security flaw in the LiteSpeed ​​Cache plugin for WordPress that could allow unauthenticated users to take control of arbitrary accounts.Tracked as CVE-2024-44000 (CVSS score: 7.5), the vulnerability affects versions of the LiteSpeed ​​Cache plugin…

💻 Vulnerability discovered in WordPress’ GiveWP fundraising plugin that exposes over 100,000 websites to remote code execution attacks.This vulnerability, tracked as CVE-2024-5932 () (CVSS score: 10.0), affects all versions of the GiveWP plugin prior to version 3.14.2.🧑‍💻 This information is…

“Cyber ​​Security Summit – Central Eurasia, CSS 2024” is scheduled to be held on October 9-10, 2024. Within the framework of the program, the republic competition “Cyberkent 2.0” will be held. In this regard, the “Cybersecurity Center” announces the selection…

Cisco’s Smart Software Manager On-Prem (SSM On-Prem ( c78-734539.html)) has a critical vulnerability that allows unauthenticated, remote attackers to change user passwords, including those of administrative users.💻 This CVE-2024-20419 () high-level vulnerability allows attackers to exploit a system by sending…

A critical security flaw has been discovered in Zimbra Collaboration Suite (ZCS) that could allow hackers to execute malicious JavaScript code.This high-level vulnerability was found in the Zimbra webmail management interface, identified as CVE-2024-33533 ().The impact of this vulnerability is…

Cisco recently disclosed a significant flaw in the bootloader module of its RV340 and RV345 Dual WAN Gigabit VPN routers. This flaw could allow a remote, authenticated attacker to execute arbitrary code on an affected device.This high-level vulnerability identified as…

GitLab () is a announced the release of Community Edition (CE) and Enterprise Edition (EE) versions 17.2.1, 17.1.3 and 17.0.5 to address several vulnerabilities. These updates contain important bug and security fixes.🔴 Identified CVE-2024-5067 () medium vulnerability;🔴 Identified CVE-2024-7057 ()…

Remote Authentication Dial-in Service (RADIUS ()) protocol affecting multiple Cisco products A critical vulnerability has been disclosed.💻 This CVE-2024-3596 () vulnerability allows an attacker to spoof RADIUS responses, leading to unauthorized access to network resources. This vulnerability may affect many…