Vulnerabilities – Page 2

Researchers Uncover Vulnerabilities in Open-Source AI and ML Models

Researchers Uncover Vulnerabilities in Open-Source AI and ML Models Oct 29, 2024Ravie LakshmananAI Security / Vulnerability A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) models, some of which could lead to remote code execution and information theft. The Read more…

By adminowasp, 8 months ago

News

Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries

Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries Oct 09, 2024Ravie LakshmananIndustrial Security / Critical Infrastructure Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification (MMS) protocol that, if successfully exploited, could have severe impacts in industrial environments. “The vulnerabilities could allow Read more…

By adminowasp, 9 months ago

News

Three Critical Ivanti CSA Vulnerabilities Actively Exploited

Three Critical Ivanti CSA Vulnerabilities Actively Exploited Oct 08, 2024Ravie LakshmananZero-Day / Vulnerability Ivanti has warned that three new security vulnerabilities impacting its Cloud Service Appliance (CSA) have come under active exploitation in the wild. The zero-day flaws are being weaponized in conjunction with another flaw in CSA that the Read more…

By adminowasp, 9 months ago

News

14 DrayTek vulnerabilities patched, including max-severity RCE flaw

14 DrayTek vulnerabilities patched, including max-severity RCE flaw DrayTek patched 14 vulnerabilities affecting 24 of its router models, including a maximum severity buffer overflow flaw that could lead to remote code execution (RCE) or denial-of-service (DoS). The two critical-, nine high- and three medium-severity DrayTek bugs were discovered by Forescout Read more…

By adminowasp, 9 monthsOctober 3, 2024 ago

News

Systems used by courts and governments across the US riddled with vulnerabilities

Systems used by courts and governments across the US riddled with vulnerabilities Public records systems that courts and governments rely on to manage voter registrations and legal filings have been riddled with vulnerabilities that made it possible for attackers to falsify registration databases and add, delete, or modify official documents. Read more…

By adminowasp, 9 monthsOctober 2, 2024 ago

News

Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities

Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities Oct 02, 2024Ravie LakshmananVulnerability / Network Security A little over a dozen new security vulnerabilities have been discovered in residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices. “These vulnerabilities could enable Read more…

By adminowasp, 9 months ago

News

Google’s Shift to Rust Programming Cuts Android Memory Vulnerabilities by 68%

Google’s Shift to Rust Programming Cuts Android Memory Vulnerabilities by 68% Sep 25, 2024Ravie LakshmananSecure Coding / Mobile Security Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from Read more…

By adminowasp, 9 months ago

News

Zyxel Releases Patches for Firmware Vulnerabilities in EoL NAS Models

Zyxel Releases Patches for Firmware Vulnerabilities in EoL NAS Models Zyxel has released security updates to address critical flaws impacting two of its network-attached storage (NAS) devices that have currently reached end-of-life (EoL) status. Successful exploitation of three of the five vulnerabilities could permit an unauthenticated attacker to execute operating Read more…

By adminowasp, 1 year ago

News

Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities

Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities Cybersecurity researchers have warned that multiple high-severity security vulnerabilities in WordPress plugins are being actively exploited by threat actors to create rogue administrator accounts for follow-on exploitation. “These vulnerabilities are found in various WordPress plugins and are prone to unauthenticated stored cross-site Read more…

By adminowasp, 1 year ago

News

Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern

Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern Ransomware attacks targeting VMware ESXi infrastructure following an established pattern regardless of the file-encrypting malware deployed. “Virtualization platforms are a core component of organizational IT infrastructure, yet they often suffer from inherent misconfigurations and vulnerabilities, making them a lucrative and highly effective target Read more…

By adminowasp, 1 year ago