PravinKarthik

PaloAlto fixes CVE-2024-8686 and CVE-2024-8687

Palo Alto released patches to address several vulnerabilities discovered in their products, if exploited, could allow unauthorized access, data breaches, and disruption of services. A range of vulnerabilities affecting various…

PravinKarthik September 12, 2024

GitLab fixes several vulnerabilities including CVE-2024-6678

GitLab has released critical security patches for its Community Edition (CE) and Enterprise Edition (EE) that could allow an attacker to execute arbitrary code. Vulnerability details CVE-2024-6678 with a CVSS score…

PravinKarthik September 12, 2024

Ivanti fixes critical vulnerability in EPM -CVE-2024-29847

Ivanti fixed a critical vulnerability in its Endpoint Management software (EPM) that can let attackers achieve remote code execution on the core server The vulnerability tracked as CVE-2024-29847 with a…

PravinKarthik September 12, 2024

Google patched several vulnerabilities in thrid minor upgrade to Chrome 128

Google has released a new Chrome 128 update that addresses five vulnerabilities, including four high-severity vulnerabilities reported by external researchers. The first vulnerability, tracked as CVE-2024-8636, is a heap buffer…

PravinKarthik September 11, 2024

CISA KEV Catalog Update Part III-September 2024

The US CISA has added below vulnerabilities to the Known exploited vulnerabilities catalog based on the evidence of active exploitation. These vulnerabilities are part of this month microsoft patch tuesday…

PravinKarthik September 11, 2024

Microsoft Patch Tuesday – September 2024

Microsoft patched 79 CVEs in its September 2024 Patch Tuesday release, with seven rated critical, 71 rated as important, and one rated as moderate. This includes patches for 4 Zeroday…

PravinKarthik September 11, 2024

Repellent Scorpius RaaS Dissection

Security researchers from Unit 42 details a new ransomware-as-a-service group with a multi-extortion operation that’s actively recruiting new affiliates. The RaaS group dubbed as Repellent Scorpius first emerged in May…

PravinKarthik September 10, 2024

CISA KEV Update Part II – September 2024.

The US CISA added below vulnerabilities to the Known Exploited Vulnerability Catalog based on the evidence of active exploitation CVE-2024-40766 SonicWall SonicOS contains an improper access control vulnerability that could…

PravinKarthik September 10, 2024