Spotify Backstage RCE Vulnerability
A security flaw in Spotify’s open-source, Cloud Native Computing Foundation (CNCF)-incubated project Backstage has been discovered that could lead to threat actors performing RCE. The findings come after a team…
ConnectWise Patches a Critical RCE
ConnectWise has patched a critical RCE flaw impacting Recover and R1Soft Server Backup Manager. The vulnerability is an Improper Neutralization of Special Elements in Output Used by a Downstream Component.…
VMware patches critical vulnerabilities in Cloud Foundation
VMware has released patches to address a critical vulnerability resides in VMware Cloud Foundation. VMware Cloud Foundation is the hybrid cloud platform. It provides a complete set of software-defined services…
Veeam Remote Code Execution ! Patch it
Researchers discovered numerous vulnerabilities affecting the Veeam Backup & Replication application that could be exploited by advertising fully weaponized tools for RCE. Several threat actors were seen advertising the fully…
Sophos fixes RCE in its Firewall product
Sophos has patched an actively exploited RCE vulnerability tracked as CVE-2022-3236 in its Firewall products. Also it communicated to the organization directly about the vulnerability. CVE-2022-3236 is a code injection…
GitLab fixes Critical RCE
GitLab has fixed a RCE vulnerability tracked as CVE-2022-2884 affecting the Community and the Enterprise Edition of its DevOps platform, and has urged admins to upgrade their GitLab instances immediately…
Zimbra RCE Exploited in Wild
An authentication bypass affecting Zimbra Collaboration Suite, tracked as CVE-2022-27925, is actively exploited to hack ZCS email servers worldwide. CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities…
Vulnerabilities in Device42 platform
Researchers detailed numerous severe security issues on the Device42 platform that opens the door to attackers. Device42 provides device discovery, asset management, and dependency mapping for data centers and the…