Nuclei flaw allows signature bypass and code execution

A vulnerability in Nuclei, an open-source vulnerability scanner, could allow attackers to bypass signature checks and execute malicious code. A high-severity security flaw, tracked as CVE-2024-43405 (CVSS score of 7.4), in the open-source vulnerability scanner ProjectDiscovery’s Nuclei, could allow attackers to bypass signature checks and execute malicious code. The Wiz’s engineering team discovered the vulnerability. The vulnerability […]

LibreOffice Flaws Allow Attackers to Run Malicious Files on Windows

itsecuritynews.info - 27/Feb 06:04

A high-severity security vulnerability (CVE-2025-0514) in LibreOffice, the widely used open-source office suite, has been patched after researchers...

GitLab Vulnerabilities Allow Attackers to Bypass Security and Run Arbitrary Scripts

itsecuritynews.info - 27/Feb 06:31

GitLab has urgently released security updates to address multiple high-severity vulnerabilities in its platform that could allow attackers to bypass...

WordPress Plugin Vulnerability Exposes 10,000 Sites to Code Execution Attacks

itsecuritynews.info - 05/Mar 15:04

A critical security flaw in the GiveWP Donation Plugin tracked as CVE-2025-0912, has exposed over 100,000 WordPress websites to unauthenticated remote...

Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577

securityaffairs.co - 14:52

Threat actors exploit PHP flaw CVE-2024-4577 for remote code execution. Over 1,000 attacks detected globally. GreyNoise researchers warn of a...

CVE-2025-0337 impacts ServiceNow

thecyberthrone.in - 08/Mar 14:55

CVE-2025-0337 is classified as a high-severity authorization bypass vulnerability impacting the ServiceNow Now Platform, specifically targeting the...

Elastic patches critical Kibana flaw allowing code execution

securityaffairs.co - 06/Mar 21:35

Elastic fixed a critical flaw in the Kibana data visualization dashboard software for Elasticsearch that could lead to arbitrary code execution....

Cisco fixed command injection and DoS flaws in Nexus switches

securityaffairs.co - 28/Feb 11:59

Cisco addressed command injection and denial-of-service (DoS) vulnerabilities in some models of its Nexus switches. Cisco released security updates to...

Cisco Nexus Switch Vulnerability Allows Attackers to Cause DoS

itsecuritynews.info - 27/Feb 05:32

Cisco Systems has disclosed a high-severity vulnerability (CVE-2025-20111) in its Nexus 3000 and 9000 Series Switches operating in standalone NX-OS...

Windows KDC Proxy RCE Vulnerability Allows Remote Server Takeover

itsecuritynews.info - 05/Mar 06:03

A recently patched remote code execution (RCE) vulnerability in Microsoft Windows’ Key Distribution Center (KDC) Proxy implementation allows...

NITDA Warns of ‘Malicious Viper’ Striking Critical Security Flaw in Jupiter X Core WordpPress Plugin

technologymirror.com.ng - 06/Mar 18:08

National Information Technology Development Agency (NITDA), has uncovered a critical security flaw in the Jupiter X Core plugin for WordPress,...

Rubriques :