August 2024 – Page 2 – TheCyberThrone

WordPress WPML Plugin Critical Vulnerability CVE-2024-6386

Researchers have uncovered a critical vulnerability in WPML multilingual CMS Plugin for WordPress that leads to a Remote Code Execution, which potentially allows the compromise of impacted websites. The vulnerability…

PravinKarthik August 28, 2024

CISA adds Apache OFBiz Vulnerability CVE-2024-38856 to KEV Catalog

The U.S. CISA adds Apache OFBiz vulnerability to its KEV catalog following the mass exploitation CVE-2024-38856 : Apache OFBiz Incorrect Authorization Vulnerability: Apache OFBiz contains an incorrect authorization vulnerability that…

PravinKarthik August 28, 2024

TDECU Joins the MOVEit Data Breach victims list lately

The Texas Dow Employees Credit Union (TDECU) has filed a data breach notification, following a data breach in which the PII of 500,474 people has been accessed in an external…

PravinKarthik August 27, 2024

CISA adds CV-2024-7971 to its KEV Catalog

The US CISA has added Google Chrome vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-7971 Google Chromium V8 contains a type of confusion vulnerability…

PravinKarthik August 27, 2024

Google addressed 10th Zeroday in Chrome CVE-2024-7965

Google has released a patch to address a new Chrome zero-day vulnerability that is actively exploited. The vulnerability tracked as CVE-2024-7965 with a CVSS score of 8.8 is an inappropriate…

PravinKarthik August 27, 2024

CISA adds Versa Networks Flaw CVE-2024-39717 to its KEV Catalog

The U.S. CISA has added CVE-2024-39717 to its Know exploited vulnerability catalog following the massive exploitation evidence This vulnerability CVE-2024-39717 affects Versa Networks’ Director GUI, specifically in the customization feature…

PravinKarthik August 26, 2024

GitHub fixes several vulnerabilities including CVE-2024-6800

GitHub has addressed several vulnerabilities in GitHub Enterprise Server (GHES) that could have allowed attackers to gain unauthorized access and manipulate repositories. The most critical vulnerability is tracked as CVE-2024-6800…

PravinKarthik August 25, 2024