critical vulnerability

Attackers can gain full control without authorization. A serious vulnerability has been identified in the SolarWinds Web Help Desk that allows attackers to remotely execute arbitrary code on vulnerable systems (RCEs). Registered as CVE-2024-28988, the issue was discovered by the Zero Day...

Do not hesitate, attackers are already on the threshold of your digital security. The developers of the anonymous operating system Tails have released an emergency update with the serial number 6.8.1, which fixes a serious security vulnerability in the Tor browser. The main change is the Tor...

A vulnerability in the Zangi messenger discovered by UserGate experts allows you to decrypt messages in group chats, as well as group and private calls. Zangi messenger positions itself as a secure alternative to Telegram. The number of app downloads exceeded 10 million on Google Play alone...

The identified flaw received the highest possible CVSS score. GitLab has released updates to address a critical vulnerability in its Community Edition (CE) and Enterprise Edition (EE) editions that could lead to authentication bypass. The issue is related to the ruby-saml library (...

Update as soon as possible if you don't want to share your data with hackers. On August 20, GitHub released updates to address three security vulnerabilities in its Enterprise Server product, including one critical issue that allowed attackers to gain site administrator privileges. The most...

The latest Patch Tuesday addresses 51 vulnerabilities in Microsoft branded products. Microsoft released a monthly security update as part of its June Patch Tuesday, fixing 51 vulnerabilities at once. One of them was classified as "Critical" (CVSS above 9 points), and the remaining 50 were...

Apply the fix as soon as possible to secure your data. Google released an update for the Chrome browser on Windows, Mac and Linux platforms. The new version 125.0.6422.112 / .113 has already started distribution among users, and a full list of its changes can be found in the update log on the...

Update the client version before it's too late. PuTTY warn about a critical vulnerability affecting versions from 0.68 to 0.80. The flaw may allow an attacker to fully recover NIST-P521 private keys. Vulnerability CVE-2024-31497 occurs due to failures in the generation of cryptographic ECDSA...

Unprotected servers have become a popular target for hackers who want to gain control of the system. The Shadowserver service detects attempts to exploit the critical vulnerability CVE-2023-22527, which allows remote code execution on outdated versions of Atlassian Confluence servers...

CISA removed the flaw from the catalog, as it turned out to be a dummy. Recently identified vulnerability CVE-2022-28958, added by the CISA agency to the Known Exploited Vulnerability (KEV) catalog, was officially recognized as erroneous and removed from the catalog. This decision came after...