961 Results for:CVE

  • Sort by: 

Atlassian Confluence vulnerability under widespread attack

By Arielle Waldman 08 Nov 2023

Atlassian's Confluence Data Center and Server products are under attack again as reports of widespread exploitation roll in just days after CVE-2023-22518 was publicly disclosed. Read More

VMware discloses critical, unpatched Cloud Director bug

By Alexander Culafi 15 Nov 2023

A manual workaround is currently available for a critical VMware Cloud Director Appliance flaw, tracked as CVE-2023-34060, but no patch is available at press time. Read More

North Korean hackers exploit critical TeamCity vulnerability

By Arielle Waldman 19 Oct 2023

While a patch is available, Microsoft and JetBrains confirmed TeamCity users have been compromised in attacks that leverage CVE-2023-42793 as an initial attack vector. Read More

Cisco working on fix for critical IOS XE zero-day

By Alexander Culafi 16 Oct 2023

Cisco designated the bug, CVE-2023-20198, with a CVSS score of 10 and said it was working on a patch, but advised customers to apply mitigations in the meantime. Read More

Fancy Bear hackers still exploiting Microsoft Exchange flaw

By Arielle Waldman 04 Dec 2023

Microsoft and Polish Cyber Command warned enterprises that Russian nation-state hackers are exploiting CVE-2023-23397 to gain privileged access to Exchange email accounts. Read More

Cisco IOS XE zero-day facing mass exploitation

By Alexander Culafi 17 Oct 2023

VulnCheck said its public scanning for CVE-2023-20198 revealed that 'thousands' of internet-facing Cisco IOS XE systems have been compromised with malicious implants. Read More

Ivanti issues fix for third zero-day flaw exploited in the wild

By Arielle Waldman 22 Aug 2023

CVE-2023-38035 is the latest Ivanti zero-day vulnerability to be exploited in the wild. The vendor has released a series of remediation recommendations. Read More

Mandiant: Citrix zero-day actively exploited since August

By Arielle Waldman 18 Oct 2023

Exploitation against CVE-2023-4966 is ongoing, and Mandiant CTO Charles Carmakal warned patching alone is insufficient against potential attacks that leverage MFA bypass techniques. Read More

Critical Atlassian Confluence zero-day flaw under attack

By Alexander Culafi 04 Oct 2023

Collaboration software vendor Atlassian urged customers with affected versions of Confluence Data Center and Server to apply patches for CVE-2023-22515 immediately. Read More

Spyware vendor exploiting kernel flaw in Arm Mali GPU drivers

By Alexander Culafi 03 Oct 2023

Arm Mali GPUs affected by CVE-2023-4211, which was discovered by Google researchers, include a wide range of Android phones as well as ChromeOS devices such as Chromebooks. Read More