CVE-2023-20214: Cisco SDWAN Api Vulnerability
Cisco is warning that the vManage software that ships with its SD-WAN has an authentication vulnerability in its REST API. The critical-rated vulnerability, tracked as CVE-2023-20214, has a CVSS score…
Arcserve Critical Authentication Bug
A group of red team researchers have identified a critical authentication bypass of an Arcserve backup system. The researchers detailed about vulnerability exploitation process and published tools and a PoC…
Zyxel Fixes Critical Vulnerability in NAS Devices
Zyxel has released patches addressing a security flaw tracked as CVE-2023-27992 pre-authentication command injection vulnerability in some NAS versions. The vulnerability with a CVSS score of 9.8 ,described as a…
OpenSSH PreAuth Double Free Vulnerability ! Patch it
OpenSSH 9.2 version has been released to address several security bugs, including a memory safety vulnerability in the OpenSSH server (sshd). The memory safety bug tracked as CVE-2023-25136, the shortcoming…
Atlassian fixes Auth related Critical Vulnerability in its Product
A critical vulnerability has been identified in Atlassian Jira Service management server and data center product and necessary fixes has been released to resolve it The vulnerability is tracked as…
Netgear Fixes Authentication Bug it its Router Products
Netgear has fixed a bug affecting multiple WiFi router models, including Wireless AC Nighthawk, Wireless AX Nighthawk (WiFi 6), and Wireless AC router models. The flaw is a pre-authentication buffer…
Cisco Discloses bugs affecting IP phones
Cisco has disclosed a high-severity vulnerability impacting its IP Phone 7800 and 8800 Series. Tracked as CVE-2022-20968, an unauthenticated attacker can trigger the flaw to cause a stack overflow on…
Azure Cosmos DB Auth Bypass Flaw
A newly disclosed vulnerability in Microsoft Azure Cosmos DB called CosMiss was found to open the door to an attacker without needing authentication under certain conditions. The vulnerability opens if…