OWASP Jakarta
  • Home
  • Meetup
    • Meetup.com
  • Sitemap
  • Contact

Critical

Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection
News

Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection

Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection Threat actors are attempting to take advantage of a recently disclosed security flaw impacting GFI KerioControl firewalls that, if successfully exploited, could allow malicious actors to achieve remote code execution (RCE). The vulnerability in question, CVE-2024-52875, refers Read more…

By adminowasp, 4 months ago
CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation
News

CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation

CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is as Read more…

By adminowasp, 4 months ago
Critical Deadline: Update Old .NET Domains Before January 7, 2025 to Avoid Service Disruption
News

Critical Deadline: Update Old .NET Domains Before January 7, 2025 to Avoid Service Disruption

Critical Deadline: Update Old .NET Domains Before January 7, 2025 to Avoid Service Disruption Microsoft has announced that it’s making an “unexpected change” to the way .NET installers and archives are distributed, requiring developers to update their production and DevOps infrastructure. “We expect that most users will not be directly Read more…

By adminowasp, 5 months ago
Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now
News

Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now

Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now The Apache Software Foundation (ASF) has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to execute arbitrary Structured Query Language (SQL) commands in the Read more…

By adminowasp, 5 months ago
Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation
News

Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation

Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions. Of the three, two are rated Critical in severity. Read more…

By adminowasp, 5 months ago
Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools
News

Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools

Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect.  The vulnerability in question is CVE-2023-48788 (CVSS score: Read more…

By adminowasp, 5 months ago
CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List
News

CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List

CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in Read more…

By adminowasp, 5 months ago
Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits
News

Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits

Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits Fortinet has issued an advisory for a now-patched critical security flaw impacting Wireless LAN Manager (FortiWLM) that could lead to disclosure of sensitive information. The vulnerability, tracked as CVE-2023-34990, carries a CVSS score of 9.6 out of Read more…

By adminowasp, 5 months ago
BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products
News

BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products

BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products BeyondTrust has disclosed details of a critical security flaw in Privileged Remote Access (PRA) and Remote Support (RS) products that could potentially lead to the execution of arbitrary commands. Privileged Remote Access controls, manages, and audits privileged accounts Read more…

By adminowasp, 5 months ago
Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected
News

Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected

Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution. The issue, tracked as CVE-2024-53677, carries a CVSS score of 9.5 out of 10.0, indicating critical severity. Read more…

By adminowasp, 5 months ago

Posts pagination

1 2 … 13 Next
  • Blog
  • Contact
  • GDPR
  • Meetup
  • SiteMap
Hestia | Developed by ThemeIsle