A security vulnerability (CVE-2024-53247) has been discovered in the Splunk Secure Gateway app and the Splunk Enterprise platform. This vulnerability enables attackers with low-level user privileges to execute arbitrary code remotely, posing a significant threat to system security. Details of…
Apache Struts 2, an open-source platform widely used in web applications, has been found to contain a new security vulnerability (CVE-2023-50164). This vulnerability allows attackers to upload and execute malicious files on the server, posing a serious threat to the…
Google has released a security update for the Chrome browser, addressing three high-severity vulnerabilities that could expose users to serious risks. The update, version 131.0.6778.139/.140 (for Windows and Mac) and 131.0.6778.139 (for Linux), is being rolled out gradually, and it…
A newly identified critical vulnerability in the Windows Common Log File System (CLFS) driver — CVE-2024-49138 — poses a serious threat, having already been exploited in cyberattacks. This issue represents a significant risk to Windows systems. Overview of the Vulnerability…
SAP has released security updates to address critical vulnerabilities discovered in the SAP NetWeaver Application Server for Java. These vulnerabilities, particularly within the Adobe Document Services component, enable attackers to upload malicious PDF files, posing significant threats to corporate data…
A new security vulnerability has been discovered in the Gutentor plugin for WordPress. This issue allows attackers to inject malicious scripts into the site. The script automatically executes whenever a compromised page is opened, posing a significant risk to website…
Veeam, a leading technology company in data backup and system recovery, has recently identified two significant vulnerabilities in its Service Provider Console (VSPC) software. Among these, a critical Remote Code Execution (RCE) vulnerability poses a severe threat to system security.…
Cisco has confirmed that a cross-site scripting (XSS) vulnerability in its Adaptive Security Appliance (ASA) software is actively being exploited in the wild. This vulnerability, registered as CVE-2014-2120, was first discovered in 2014 but remains a significant threat. Exploiting this…
The “Man-in-the-Middle” (MITM) attack is one of the most dangerous types of cyberattacks. In this attack, the perpetrator acts as an intermediary between two parties to intercept or steal sensitive information, such as passwords, banking details, credit card numbers, and…
IBM (International Business Machines Corporation) is one of the world’s largest technology companies, founded in 1911 in the United States. The company provides advanced solutions in various fields, including IT infrastructure, artificial intelligence, cybersecurity, data analytics, and cloud technologies. IBM…