Vulnerability
All the latest news on Vulnerability from the Cloud7 News. You can get the daily news for FREE by subscribing to our newsletter.
Latest News on Vulnerability
Proof-of-concept exploit code for VMware vulnerability released
VMware released security updates to patch a critical vulnerability, tracked as CVE-2022-22972, that affects Workspace ONE Access, VMware Identity Manager ...
Cisco warns users about a zero-day vulnerability
Cisco published a security advisory informing users that there is a software update available that addresses a vulnerability found in ...
Zyxel patches critical vulnerability
Zyxel released a patch for a vulnerability, tracked as CVE-2022-30525, found in the CGI program of some firewall versions. The ...
CISA warns organizations against F5 BIG-IP vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency announced that the organization has added the F5 BIG-IP vulnerability, tracked as CVE-2022-1388, ...
F5’s BIG-IP vulnerability is under attack
Last week, F5 published a security advisory and urged users to patch the vulnerability, tracked as CVE-2022-1388, with a 9.8 ...
Patch released for F5 BIG-IP vulnerability
F5 warns users about a recently disclosed remote code execution vulnerability. The vulnerability, tracked as CVE-2022-1388, has a CVSS score ...
Nimbuspwn vulnerability grants root access in Linux
The security researchers of Microsoft have discovered a series of flaws that allows local attackers to gain root access when ...
Critical VMware vulnerability is under attack
Hackers are exploiting a critical remote code execution vulnerability, tracked as CVE-2022-22954, affecting VMware Workspace ONE Access to install backdoors. ...
Cisco patches SSH authentication mechanism vulnerability
Cisco patched a vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance. The vulnerability could allow a ...
RCE vulnerability found in popular WordPress plugin
Researchers stated that they discovered a vulnerability in Elementor, a WordPress website builder plugin that is installed on more than ...
Windows has a critical remote code execution vulnerability
Microsoft has recently released a massive patch for its products on one of the latest Patch Tuesday updates. The patches ...
A critical vulnerability is found in VMware Cloud Director
VMware has published an advisory regarding a recently discovered vulnerability that allows remote code execution on its Cloud Director product. ...
F5 addresses NGINX LDAP zero-day vulnerability
The developer of NGINX, F5 Networks, has announced a zero-day vulnerability on NGINX LDAP reference implementation at end of the ...
Spring releases a patch for Spring4Shell vulnerability
A new vulnerability was found in the Spring Java framework this week, which allows attackers to execute remote code on ...
Spring Core Java framework Spring4Shell zero-day vulnerability has appeared
A new vulnerability was found in the Spring Core Java framework, which is a popular application framework for developing Java ...
Sophos fixed a critical Firewall vulnerability
Sophos announced that the company has fixed a critical vulnerability in the Sophos Firewall solution. The vulnerability tracked as CVE-2022-1040, ...
Spectre v2 CPU vulnerability emerges once more
The Spectre vulnerability on CPUs was first discovered in 2018 and affected almost all devices. Spectre is a bug that ...
A new Linux kernel vulnerability was found: Dirty Pipe
A new vulnerability was discovered in the Linux kernel by Max Kellermann in April 2021, which can be tracked as ...
UpdraftPlus vulnerability puts 3 million WordPress sites at risk
The Wordfence team announced that they have discovered a vulnerability in UpdraftPlus, a popular WordPress backup, restore and clone plugin ...
CISA is urging for update related to an abused Windows vulnerability
CISA has added a new vulnerability to its catalog that is currently being actively abused on Windows. The related vulnerability ...
Zero-day vulnerability appeared on Argo CD tool for Kubernetes
The cloud security company Apiiro has found a zero-day vulnerability in Argo's continuous development tools and reported it on January ...