Security – Page 145 – TheCyberThrone

Progress WhatsUp fixes several vulnerabilities

The Progress WhatsUp Gold team has fixed multiple vulnerabilities affecting all versions of the software released before 2024.0.0 that possess risks to organizations using outdated versions of the network monitoring…

PravinKarthik May 26, 2024

Gitlab fixes XSS Bug -CVE-2024-4835

GitLab releases patches for several security vulnerabilities through the latest versions of its Community Edition and Enterprise Edition software. The most severe bug from the list is a cross-site scripting…

PravinKarthik May 25, 2024

Google Patched Eighth Zeroday in Chrome – CVE-2024-5274

Google has released a security patch to address a new Zeroday vulnerability in Chrome browser, marking the fixed Zeroday count to eight in this year alone. The vulnerability tracked as…

PravinKarthik May 24, 2024

CISA adds Flink Vulnerability to its KEV -CVE-2020-17519

The U.S. CISA added a security flaw impacting Apache Flink, an open-source, unified stream-processing and batch-processing framework, to the Known Exploited Vulnerabilities catalog, citing evidence of active exploitation. The vulnerability…

PravinKarthik May 24, 2024

Veeam patches Critical Vulnerability -CVE-2024-29849

Veeam has patched a critical vulnerability that could allow an unauthenticated attacker access to the Veeam Backup Enterprise Manager (VBEM) web console. The vulnerability tracked as CVE-2024-29849 with a CVSS…

PravinKarthik May 23, 2024

GitHub fixes Critical Vulnerability -CVE-2024-4985

GitHub has released a patch to address a critical authentication bypass issue in the GitHub Enterprise Server (GHES). The vulnerability tracked as CVE-2024-4985 with a CVSS score of 10 and…

PravinKarthik May 22, 2024

QNAP fixes Critical Vulnerability -CVE-2024-27130

QNAP released patches for multiple vulnerabilities in its NAS devices, including a vulnerability for which proof-of-concept code was published last week. The vulnerability tracked as CVE-2024-27130 is an unsafe “use…

PravinKarthik May 22, 2024

CISA Adds CVE-2023-43208 to its Catalog

The US CISA has added a flaw affecting NextGen Healthcare’s Mirth Connect product to its Known Exploited Vulnerabilities catalog. Mirth Connect is a widely used cross-platform interface engine that healthcare…

PravinKarthik May 21, 2024