On Wednesday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) classified a vulnerability affecting Ivanti Endpoint Manager (EPM) as a Known Exploited Vulnerability (KEV), following findings of active exploitation. This security flaw was addressed by Ivanti in a May update, underscoring its significance within the cybersecurity landscape. The vulnerability, designated…
A significant security vulnerability has been identified in the LiteSpeed Cache plugin for WordPress, posing a high risk of exploitation that could allow malicious individuals to execute arbitrary JavaScript code under specific conditions. The vulnerability is designated as CVE-2024-47374 with a CVSS score of 7.2, indicating its severity. It affects…
Apple Releases Critical Security Updates Addressing Password Vulnerabilities and Audio Privacy Issues Apple has recently issued important updates for iOS and iPadOS targeting two significant security vulnerabilities. One of these flaws has the potential to expose users’ saved passwords via the VoiceOver assistive technology, raising alarm among cybersecurity experts. The…
Qualcomm has issued security updates responding to nearly two dozen vulnerabilities affecting both proprietary and open-source components. Among these, a particularly severe flaw has been identified, which is reportedly under active exploitation in the field. This high-severity vulnerability, designated as CVE-2024-43047 with a CVSS score of 7.8, has been characterized…
Microsoft has announced the release of security updates addressing 118 vulnerabilities in its software suite, two of which have been identified as actively exploited vulnerabilities in the wild. Among these vulnerabilities, three have been classified as Critical, while 113 are rated Important, and two are deemed Moderate. Notably, this Patch…
Critical Vulnerability Discovered in Firefox Exposed to Exploitation Mozilla has announced the discovery of a significant security vulnerability affecting both Firefox and the Firefox Extended Support Release (ESR). This flaw, tracked as CVE-2024-9680, has been identified as a use-after-free bug within the Animation timeline component and carries a CVSS score…
On Wednesday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of a critical security vulnerability affecting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog. This action was taken in light of evidence indicating ongoing exploitation of this flaw. Identified as CVE-2024-23113, this vulnerability has a CVSS…
Critical Vulnerability Discovered in Linear eMerge E3 Systems Cybersecurity experts have sounded the alarm regarding a serious, unpatched vulnerability found in Nice’s Linear eMerge E3 access control systems. This flaw potentially allows unauthorized attackers to execute arbitrary operating system commands remotely, posing a significant threat to organizations relying on these…
GitLab Issues Significant Security Updates Addressing Vulnerabilities GitLab has issued critical security updates for its Community Edition (CE) and Enterprise Edition (EE), specifically targeting eight identified vulnerabilities. Notably, one severe flaw allows unauthorized execution of Continuous Integration and Continuous Delivery (CI/CD) pipelines across arbitrary branches. This vulnerability, cataloged as CVE-2024-9164,…
