Patch – Page 3 – OWASP Jakarta

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others Jun 28, 2024NewsroomSoftware Security / DevOps GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any user. The weaknesses, which Read more

By adminowasp, 1 year ago

News

CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw

CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Linux kernel to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2024-1086 (CVSS score: 7.8), the high-severity issue Read more

By adminowasp, 1 year ago

News

CISA Warns of Actively Exploited D-Link Router Vulnerabilities – Patch Now

CISA Warns of Actively Exploited D-Link Router Vulnerabilities – Patch Now The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting D-Link routers to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2014-100005 – A cross-site Read more

By adminowasp, 1 year ago

News

Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability

Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild. Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free in the Visuals component. It was Read more

By adminowasp, 1 year ago

News

Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client

Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user. The networking equipment company described Read more

By adminowasp, 1 year ago

News

Critical Flaws Found in ConnectWise ScreenConnect Software – Patch Now

Critical Flaws Found in ConnectWise ScreenConnect Software – Patch Now ConnectWise has released software updates to address two security flaws in its ScreenConnect remote desktop and access software, including a critical bug that could enable remote code execution on affected systems. The vulnerabilities are listed below – CVE-2024-1708 (CVSS score: Read more

By adminowasp, 1 year ago

News

Alert: CISA Warns of Active 'Roundcube' Email Attacks – Patch Now

Alert: CISA Warns of Active 'Roundcube' Email Attacks – Patch Now The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The issue, tracked as CVE-2023-43770 (CVSS score: 6.1), relates to a Read more

By adminowasp, 1 year ago

News

Patch Your GoAnywhere MFT Immediately

Patch Your GoAnywhere MFT Immediately Jan 24, 2024NewsroomVulnerability / Endpoint Security A critical security flaw has been disclosed in Fortra’s GoAnywhere Managed File Transfer (MFT) software that could be abused to create a new administrator user. Tracked as CVE-2024-0204, the issue carries a CVSS score of 9.8 out of 10. Read more

By adminowasp, 2 years ago

News

Apple Issues Patch for Critical Zero-Day in iPhones, Macs

Apple Issues Patch for Critical Zero-Day in iPhones, Macs Jan 23, 2024NewsroomVulnerability / Device Security Apple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser to address a zero-day flaw that has come under active exploitation in the wild. The issue, tracked as CVE-2024-23222, is Read more

By adminowasp, 2 years ago

News

Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!

Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP! Jan 17, 2024NewsroomVulnerability / Cyber Threat Citrix is warning of two zero-day security vulnerabilities in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that are being actively exploited in the wild. The flaws are listed below Read more

By adminowasp, 2 years ago