NVIDIA UFM (Unified Fabric Manager) is a network management system developed by NVIDIA, designed for high-performance computing and data centers. UFM is used for managing, monitoring, and configuring network infrastructure. The UFM system provides various features to improve performance and…
On October 30, 2024, a critical vulnerability was discovered in the Anti-Spam by CleanTalk WordPress plugin, potentially affecting more than 200,000 active installations. This vulnerability allows attackers to install, activate, or delete plugins without authorization, which can lead to remote…
Veritas Enterprise Vault (EV) is a software platform designed for enterprises that enables centralized archiving and management of corporate data, including emails, files, social media content, voicemails, and other information. EV is widely used in industries such as legal, finance,…
Several decade-old Local Privilege Escalation (LPE) vulnerabilities found in the needrestart component, installed by default in Ubuntu Server, allow local attackers to gain root access on the system. Needrestart is a utility that checks whether the system needs to be…
Among content management systems (CMS) widely used around the world, a dangerous vulnerability has been identified in Drupal Core. Exploiting this vulnerability allows attackers to execute malicious code through users’ browsers. This vulnerability is mainly related to the Overlay module…
Oracle has issued an urgent security alert regarding a critical vulnerability in its Agile Product Lifecycle Management (PLM) framework, which is currently being actively exploited in real-world attacks. The vulnerability, identified as CVE-2024-21287, allows unauthenticated attackers to gain access to…
Apache Tomcat is an open-source software developed to support Java applications. It operates as a web server and servlet container, complying with Java EE (Enterprise Edition) specifications. Due to its efficiency, flexibility, and extensive configuration options, Tomcat is widely used…
A critical vulnerability has been discovered in the Samba Active Directory (AD) system. This vulnerability could allow attackers to escalate privileges within the system and potentially take control of the entire domain. The vulnerability, tracked as CVE-2023-3961, affects Samba versions…
Broadcom has issued a warning about two critical vulnerabilities identified in VMware vCenter Server. One of these vulnerabilities, enabling remote code execution (RCE), is tracked as CVE-2024-38812 and is currently being actively exploited in cyberattacks. Details of the Vulnerabilities Affected…
On November 13, 2024, the PostgreSQL Global Development Group released a critical security update for all supported versions of PostgreSQL. The update applies to PostgreSQL versions 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21. It addresses four security vulnerabilities and fixes…