A critical vulnerability has been identified in the Admin Server component of Apache ZooKeeper, potentially allowing attackers to gain unauthorized access to vulnerable systems. This vulnerability, registered as CVE-2024-51504 with a risk score of 9.1, arises in the IPAuthenticationProvider component…
A critical vulnerability has been identified in Drupal’s Basic HTTP Authentication module. This vulnerability allows attackers to bypass the access restrictions set by the module, potentially exposing sensitive content or resources to risk. This vulnerability, designated as SA-CONTRIB-2024-057, pertains to…
A new and critical vulnerability has been identified in the Veeam Backup Enterprise Manager (VBEM) system. This vulnerability could allow attackers to gain unauthorized access to the system, posing a risk to the confidentiality and integrity of backup data. Vulnerability…
Multiple critical vulnerabilities have been discovered in the Cisco AnyConnect VPN server, affecting Cisco Meraki MX and Z Series Teleworker Gateway devices. These vulnerabilities could allow unauthenticated, remote attackers to cause a Denial of Service (DoS) condition on the affected…
QNAP Systems, Inc. has released an important security update for its QuRouter devices, addressing a recently discovered zero-day vulnerability. This vulnerability, found during the Pwn2Own 2024 competition, could potentially allow unauthorized access to the system. However, the issue has been…
A critical vulnerability, CVE-2024-20481, was recently discovered in the Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) systems that are exploited via VPN. This vulnerability is actively exploited by hackers in real cyber attacks. This poses a major…
FortiManager is Fortinet’s network security infrastructure management product, which is used by many organizations to manage and monitor security policies. With it, enterprises can monitor and update their security policies from one place. Therefore, a vulnerability in the FortiManager system…
In recent years, cyber attacks have become more sophisticated and new tactics are being used to steal login credentials. Callback phishing attacks are one such modern tactic. These attacks are different from traditional forms of phishing because they use more…
Zimbra is an open source email and collaboration platform used by many companies and organizations around the world. But open source systems need to be constantly monitored for security, as they are open to new vulnerabilities and hacker attacks. CVE-2024-45519,…
Several critical vulnerabilities have recently been discovered in the Common UNIX Printing System (CUPS), which is widely used in Linux and other UNIX-like operating systems. These vulnerabilities increase the system’s potential security threats, including vulnerabilities that could allow remote code…