VirusTotal Platform RCE Vulnerabilities
There is a vulnerability in the VirusTotal platform that has been discovered by researchers, and it has the potential to be exploited by an attacker to conduct RCE. VirusTotal is…
Apache Struts Critical Vulnerability
Apache has fixed a critical vulnerability in Struts that was previously believed to have been resolved but, wasn't fully remedied. Tracked as CVE-2021-31805, the critical vulnerability persistes in Struts 2…
Cisco Fixes Critical bug in Nexus Controller
An unauthenticated RCE flaw was discovered in Cisco Nexus Dashboard Fabric Controller by exploiting an obsolete Java library with known vulnerabilities. The researcher, Pedro Ribeiro, was able to put together…
SonicWall Patches a Critical RCE in Firewall Appliances
SonicWall has released security updates to address a critical vulnerability (CVE-2022-22274) is a stack based buffer overflow vulnerability in SonicOS that impacts multiple firewall appliances that could be exploited by…
Spring4shell Java RCE ZeroDay in Spring
A zero-day vulnerability was found in the popular Java Web App development framework Spring likely puts a wide variety of Web apps at risk of remote attack. The vulnerability dubbed…
Log4j Attempts to exploit VMware Horizon again
VMware Horizon servers are used to enable secure anywhere, anytime access to enterprise apps for remote workers continue to be a main target for attackers exploiting the Apache Log4j RCE…
Critical Vulnerabilities Patched in Microsoft Defender for IoT
Researchers at SentinelOne published details on a couple of critical RCE vulnerabilities discovered in Microsoft Defender for IoT, tracked as CVE-2021-42311 and CVE-2021-42313, with CVSS score of 10 related to…
Sophos Patches Critical Flaws in its firewall
Sophos has patched a crucial vulnerability in its Sophos Firewall product that enables distant code execution (RCE). Tracked as CVE-2022-1040 with CVSS score of 9.8, the authentication bypass vulnerability exists within the Consumer Portal…