October 2024 – Page 7 – TheCyberThrone

Apache Roller Vulnerability CVE-2024-46911

The Apache Software Foundation has released a security update for Apache Roller The vulnerability, tracked as CVE-2024-46911, a critical Cross-site Request Forgery (CSRF) vulnerability that could allow attackers to escalate…

PravinKarthik October 14, 2024

Apache Avro vulnerability CVE-2024-47561

Apache project releases patch for a vulnerability tracked as CVE-2024-47561, that impacts all versions of the software prior to 1.11.4. Apache Avro is a data serialization framework developed as part of…

PravinKarthik October 14, 2024

CISA releases VDP platform Annual report for 2023

The U.S. CISA has released its 2023 Annual Report for the Vulnerability Disclosure Policy (VDP) Platform. Over the past year, the agency concentrated on promoting greater adoption of the VDP…

PravinKarthik October 13, 2024

Veeam Backup flaw CVE-2024-40711 used in ransomware campaigns

Security agencies were alerting about the mass exploitation of a critical Veeam backup and replication vulnerability by ransomware groups. The vulnerability tracked as CVE-2024-40711 with a CVSS score of 9.8,…

PravinKarthik October 12, 2024

Gitlab fixes several vulnerabilities including CVE-2024-9164

GitLab released security updates for Community Edition (CE) and Enterprise Edition (EE) to address multiple vulnerabilities, The critical vulnerability tracked as CVE-2024-9164, An issue was discovered in GitLab EE affecting…

PravinKarthik October 12, 2024

Progress fixes Critical Vulnerability CVE-2025-8015 in Telerik

Progress Software has released patches for fixing four newly discovered vulnerabilities in their Telerik Report Server, ranging from credential stuffing and brute force attacks to a critical code execution flaw,…

PravinKarthik October 11, 2024