Apache Tomcat is an open-source software developed to support Java applications. It operates as a web server and servlet container, complying with Java EE (Enterprise Edition) specifications. Due to its efficiency, flexibility, and extensive configuration options, Tomcat is widely used…
A critical vulnerability has been discovered in the Samba Active Directory (AD) system. This vulnerability could allow attackers to escalate privileges within the system and potentially take control of the entire domain. The vulnerability, tracked as CVE-2023-3961, affects Samba versions…
Broadcom has issued a warning about two critical vulnerabilities identified in VMware vCenter Server. One of these vulnerabilities, enabling remote code execution (RCE), is tracked as CVE-2024-38812 and is currently being actively exploited in cyberattacks. Details of the Vulnerabilities Affected…
On November 13, 2024, the PostgreSQL Global Development Group released a critical security update for all supported versions of PostgreSQL. The update applies to PostgreSQL versions 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21. It addresses four security vulnerabilities and fixes…
This vulnerability, identified as CVE-2024-45791, affects all versions of Apache HertzBeat released before version 1.6.1. The issue arises from the exposure of sensitive tokens through HTTP GET requests containing query strings. This flaw could allow attackers to gain unauthorized access…
A new security vulnerability has been identified in GitHub’s Command Line Interface (CLI) that could allow attackers to execute malicious commands on a user’s system via remote code execution (RCE). This vulnerability, identified as CVE-2024-32002, affects versions of GitHub CLI…
A newly discovered critical vulnerability in the Laravel framework, identified as CVE-2024-52301, has raised significant concerns among web developers. This vulnerability potentially allows attackers to gain unauthorized access to applications built on Laravel, threatening the security of data and system…
A recently discovered critical security vulnerability in one of WordPress’s most popular plugins, Really Simple Security, has put more than 4 million websites at risk of potential hacking attacks. This major vulnerability has raised significant concerns among plugin users. The…
GoIssue is a new, sophisticated phishing tool targeting GitHub users, allowing hackers to collect email addresses from GitHub profiles and launch large-scale phishing attacks. This tool poses a serious threat to GitHub users, especially developers and organizations. Uncovered by cybersecurity…
Fortinet has released security updates for several of its products—FortiOS, FortiAnalyzer, FortiManager, and FortiClient for Windows. If these vulnerabilities are not patched, attackers could gain full control of the compromised systems. One of the most severe vulnerabilities, identified as CVE-2024-47575,…