CI/CD Pipeline Vulnerability

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others Jun 28, 2024NewsroomSoftware Security / DevOps GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any user. The weaknesses, which Read more…

CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw

CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw

CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Linux kernel to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2024-1086 (CVSS score: 7.8), the high-severity issue Read more…

CISA Warns of Actively Exploited D-Link Router Vulnerabilities - Patch Now

CISA Warns of Actively Exploited D-Link Router Vulnerabilities – Patch Now

CISA Warns of Actively Exploited D-Link Router Vulnerabilities – Patch Now The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting D-Link routers to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2014-100005 – A cross-site Read more…

Alert: CISA Warns of Active 'Roundcube' Email Attacks - Patch Now

Alert: CISA Warns of Active 'Roundcube' Email Attacks – Patch Now

Alert: CISA Warns of Active 'Roundcube' Email Attacks – Patch Now The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The issue, tracked as CVE-2023-43770 (CVSS score: 6.1), relates to a Read more…

Patch Your GoAnywhere MFT Immediately

Patch Your GoAnywhere MFT Immediately

Patch Your GoAnywhere MFT Immediately Jan 24, 2024NewsroomVulnerability / Endpoint Security A critical security flaw has been disclosed in Fortra’s GoAnywhere Managed File Transfer (MFT) software that could be abused to create a new administrator user. Tracked as CVE-2024-0204, the issue carries a CVSS score of 9.8 out of 10. Read more…