CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
InfoSec Write-ups
A Story About How I Found CVE-2024–24919 in Sony’s HackerOne Program (and Ended Up Getting Swag)
Discovering CVE-2024–24919 in Sony’s Check Point Quantum GatewayAs a security researcher, I’m always on the lookout for vulnerabilities in systems, and this time, my journey led me to the Sony HackerO ... Read more
-
My recon methodology for hunting CVE-2021–42063 led to discovering an RXSS vulnerability in the…
During one of my bug bounty hunting sessions, I came across an interesting vulnerability: CVE-2021–42063. Let me walk you through how I found this bug and explain the steps I followed.To begin, I alwa ... Read more
-
Help Net Security
Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342)
Users of Zyxel network-attached storage (NAS) devices are urged to implement hotfixes addressing a critical and easily exploited command injection vulnerability (CVE-2024-6342). About CVE-2024-6342 Zy ... Read more
-
Cybersecurity News
CISA Alerts on Active Exploitation of Flaws in ImageMagick, Linux Kernel, and SonicWall
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning, adding three actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The agency’ ... Read more
-
Cybersecurity News
CVE-2024-6342: Critical Command Injection Flaw in Zyxel NAS Devices, Hotfixes Released for End-of-Support Products
Zyxel has released critical hotfixes for two of its NAS products, NAS326 and NAS542, which have already reached their end-of-vulnerability-support lifecycle. These devices are susceptible to a command ... Read more
-
seclists.org
OXAS-ADV-2024-0005: OX App Suite Security Advisory
Full Disclosure mailing list archives OXAS-ADV-2024-0005: OX App Suite Security Advisory From: Martin Heiland via Fulldisclosure <fulldisclosure () seclists org> Date: Mon, 9 Sep 2024 08:59:37 +0200 ( ... Read more
-
Cybersecurity News
CVE-2024-30051: Windows Elevation of Privilege Flaw Exploited by QakBot Malware, PoC Published
Security researchers published the technical details and a proof-of-concept exploit (PoC) code for a zero-day vulnerability in Windows, tracked as CVE-2024-30051, which could allow attackers to escala ... Read more
-
Cybersecurity News
FreeBSD Issues Urgent Security Advisory for CVE-2024-43102 (CVSS 10)
The FreeBSD Project has issued a security advisory warning of a critical vulnerability (CVE-2024-43102) affecting multiple versions of its operating system. This flaw, rated with a maximum CVSS score ... Read more
-
TheCyberThrone
CISA KEV Update Part II – September 2024.
The US CISA added below vulnerabilities to the Known Exploited Vulnerability Catalog based on the evidence of active exploitationCVE-2024-40766 SonicWall SonicOS contains an improper access control vu ... Read more
-
BleepingComputer
Critical SonicWall SSLVPN bug exploited in ransomware attacks
Ransomware affiliates exploit a critical security vulnerability in SonicWall SonicOS firewall devices to breach victims' networks. Tracked as CVE-2024-40766, this improper access control flaw affects ... Read more