Flaws in a popular dev library could let hackers run malicious code in your MongoDB databaseTwo critical vulnerabilities in Mongoose could expose MongoDB databases to remote code execution attacks by hackers.
Thousands of PAN-OS devices compromised by critical exploitsPalo Alto Networks firewalls were compromised due to two security bugs, allowing attackers to deploy backdoors and malware.
NachoVPN Tool Exploits Flaws in Popular VPN Clients for System CompromiseFlaws in Palo Alto Networks and SonicWall VPNs could allow remote code execution on Windows and macOS, exposing users to significant security risks.
700K+ DrayTek routers are sitting ducks on the internetA critical vulnerability in DrayTek routers could allow remote-code execution, risking sensitive data and system integrity.
Previously Undisclosed Flaw Let Hackers Hijack Millions of Systems Through Innocent-Looking Files | HackerNoonZip Slip vulnerability enables attackers to exploit archive extraction processes for remote code execution.
Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking OnlineThousands of Prometheus servers lack proper authentication, risking data leakage, DoS, and remote code execution attacks due to their exposure on the internet.
Flaws in a popular dev library could let hackers run malicious code in your MongoDB databaseTwo critical vulnerabilities in Mongoose could expose MongoDB databases to remote code execution attacks by hackers.
Thousands of PAN-OS devices compromised by critical exploitsPalo Alto Networks firewalls were compromised due to two security bugs, allowing attackers to deploy backdoors and malware.
NachoVPN Tool Exploits Flaws in Popular VPN Clients for System CompromiseFlaws in Palo Alto Networks and SonicWall VPNs could allow remote code execution on Windows and macOS, exposing users to significant security risks.
700K+ DrayTek routers are sitting ducks on the internetA critical vulnerability in DrayTek routers could allow remote-code execution, risking sensitive data and system integrity.
Previously Undisclosed Flaw Let Hackers Hijack Millions of Systems Through Innocent-Looking Files | HackerNoonZip Slip vulnerability enables attackers to exploit archive extraction processes for remote code execution.
Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking OnlineThousands of Prometheus servers lack proper authentication, risking data leakage, DoS, and remote code execution attacks due to their exposure on the internet.
Printing vulnerability affecting Linux distros raises alarm | Computer WeeklyThe newly discovered vulnerabilities in Cups pose a significant security risk to numerous devices, potentially exposing them to remote code execution.
Critical Flaws in Traccar GPS System Expose Users to Remote AttacksTraccar GPS system has critical vulnerabilities allowing remote code execution via path traversal if guest registration is enabled, posing serious security risks.
Your Netgear Wi-Fi router could be wide open to hackers - install the fix nowNetgear has patched critical security vulnerabilities in several Wi-Fi routers and access points, urging timely updates for user safety.
MediaTek says 'Happy New Year' with critical RCE, other bugsMediaTek disclosed a critical vulnerability affecting 51 chipsets, posing severe security risks to multiple device categories.
Printing vulnerability affecting Linux distros raises alarm | Computer WeeklyThe newly discovered vulnerabilities in Cups pose a significant security risk to numerous devices, potentially exposing them to remote code execution.
Critical Flaws in Traccar GPS System Expose Users to Remote AttacksTraccar GPS system has critical vulnerabilities allowing remote code execution via path traversal if guest registration is enabled, posing serious security risks.
Your Netgear Wi-Fi router could be wide open to hackers - install the fix nowNetgear has patched critical security vulnerabilities in several Wi-Fi routers and access points, urging timely updates for user safety.
MediaTek says 'Happy New Year' with critical RCE, other bugsMediaTek disclosed a critical vulnerability affecting 51 chipsets, posing severe security risks to multiple device categories.
Critical Apache Struts bug under active exploitCritical security flaw in Apache Struts 2 allows file upload manipulation, posing severe risks of remote code execution; immediate updates are essential.
Doomsday 9.9 unauthenticated RCE bug affects all LinuxA critical 9.9-rated unauthenticated RCE flaw is affecting GNU/Linux systems, with no fix yet despite disclosure to developers three weeks ago.
Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF InjectionGFI KerioControl firewalls have a vulnerability (CVE-2024-52875) allowing remote code execution due to improper input sanitization, posing significant security risks.
Meta's Llama Framework Flaw Exposes AI Systems to Remote Code Execution RisksA high-severity vulnerability in Meta's Llama framework could allow remote code execution via deserialization of untrusted data.
Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe SerializationApache MINA's CVE-2024-52046 vulnerability could lead to remote code execution, necessitating urgent updates and careful configuration to mitigate risks.
D-Link says replace vulnerable routers or risk pwnageUsers of older D-Link VPN routers should replace their devices to avoid critical security vulnerabilities.The vulnerability allows for remote code execution without authentication, raising significant security concerns.
Critical Apache Struts bug under active exploitCritical security flaw in Apache Struts 2 allows file upload manipulation, posing severe risks of remote code execution; immediate updates are essential.
Doomsday 9.9 unauthenticated RCE bug affects all LinuxA critical 9.9-rated unauthenticated RCE flaw is affecting GNU/Linux systems, with no fix yet despite disclosure to developers three weeks ago.
Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF InjectionGFI KerioControl firewalls have a vulnerability (CVE-2024-52875) allowing remote code execution due to improper input sanitization, posing significant security risks.
Meta's Llama Framework Flaw Exposes AI Systems to Remote Code Execution RisksA high-severity vulnerability in Meta's Llama framework could allow remote code execution via deserialization of untrusted data.
Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe SerializationApache MINA's CVE-2024-52046 vulnerability could lead to remote code execution, necessitating urgent updates and careful configuration to mitigate risks.
D-Link says replace vulnerable routers or risk pwnageUsers of older D-Link VPN routers should replace their devices to avoid critical security vulnerabilities.The vulnerability allows for remote code execution without authentication, raising significant security concerns.
Apache issues patches for critical Struts 2 RCE bugThe Apache Struts 2 vulnerability (CVE-2024-53677) has a severity rating of 9.5 and poses a serious security risk, necessitating immediate action for users.
Zero Day Initiative - Exploiting Exchange PowerShell After ProxyNotShell: Part 3 - DLL Loading Chain for RCEThe article explains a chain of vulnerabilities in Microsoft Exchange that lead to remote code execution.
September Patch Tuesday: Update before 1 October | Computer WeeklyMicrosoft has issued critical fixes for multiple remote code vulnerabilities in its September 2024 update, indicating urgency for users to patch their systems.
PoCcode released for zero-click Windows critical vulnWindows users must install the latest patches swiftly to protect against CVE-2024-38063, a critical vulnerability that allows remote code execution.
Researchers Uncover 10 Flaws in Google's File Transfer Tool Quick ShareAs many as 10 security flaws were discovered in Google's Quick Share utility, leading to a potential remote code execution threat on systems with the software.
Google patches Quick Share for Windows to shut malware holeGoogle's Quick Share for Windows had 10 now-fixed bugs, allowing remote code execution through a full RCE chain.
Researchers Uncover 10 Flaws in Google's File Transfer Tool Quick ShareAs many as 10 security flaws were discovered in Google's Quick Share utility, leading to a potential remote code execution threat on systems with the software.
Google patches Quick Share for Windows to shut malware holeGoogle's Quick Share for Windows had 10 now-fixed bugs, allowing remote code execution through a full RCE chain.
New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on UsersSonos smart speakers have vulnerabilities that could allow remote code execution and covert audio capture by hackers.
AWS 'Bucket Monopoly' attacks could allow account takeoverCritical flaws in AWS services allowed remote code execution and account takeover, fixed by AWS after Aqua Security's research.