Critical OpenSSL Vulnerability Let Attackers Launch Man-in-the-Middle Attacks

A high-severity security vulnerability (CVE-2024-12797) has been identified in OpenSSL, one of the most widely used cryptographic libraries. The flaw allows attackers to exploit a loophole in TLS and DTLS handshakes, potentially enabling man-in-the-middle (MITM) attacks on vulnerable connections. OpenSSL…

Critical OpenSSL Vulnerability Allow Hackers to Launch Man-in-the-Middle Attacks

itsecuritynews.info - 11/Feb 21:32

The OpenSSL Project announced a high-severity vulnerability (CVE-2024-12797) affecting versions 3.2, 3.3, and 3.4 of the widely used cryptographic...

OpenSSL patched high-severity flaw CVE-2024-12797

securityaffairs.co - 11/Feb 21:33

OpenSSL patched the vulnerability CVE-2024-12797, a high-severity flaw found by Apple that enables man-in-the-middle attacks. The OpenSSL Project...

CVE-2024-12797 OpenSSL Vulnerability Patched

thecyberthrone.in - 04:38

CVE-2024-12797 is a critical security vulnerability discovered in OpenSSL, a widely used cryptographic library that provides secure communication over...

Weaponizing Windows Background Images to Gain Admin Access Using AnyDesk Vulnerability

itsecuritynews.info - 06/Feb 08:31

A recently disclosed vulnerability in AnyDesk, a widely used remote desktop software, has raised significant cybersecurity concerns. The...

Roundcube XSS Flaw Allows Attackers to Inject Malicious Files

itsecuritynews.info - 04/Feb 05:31

A critical Cross-Site Scripting (XSS) vulnerability has been discovered in the popular open-source webmail client, Roundcube, potentially exposing...

CVE-2024-53704 impacts SonicWall

thecyberthrone.in - 01:02

CVE-2024-53704 is a high-severity security vulnerability identified in SonicWall products, specifically within the SSLVPN authentication mechanism....

CVE-2024-24472 impacts Fortinet Producrs

thecyberthrone.in - 12:43

CVE-2024-24472 is a critical security vulnerability identified in Fortinet products, specifically FortiOS and FortiProxy. This vulnerability poses a...

CVE-2024-55591 Exploit Code Released for FortiOS Flaw

thecyberthrone.in - 30/Jan 14:44

Cybersecurity company watchTowr Labs has released the proof-of-concept (PoC) exploit code for a severe zero-day vulnerability, CVE-2024-55591,...

Critical Ivanti CSA Vulnerability Allows Attackers Remote Code Execution to Gain Restricted Access

itsecuritynews.info - 06:11

A critical vulnerability has been discovered in the Ivanti Cloud Services Application (CSA), potentially allowing attackers to execute remote code and...

Hackers Can Exploit GPU Flaws to Gain Full Control of Your Device

itsecuritynews.info - 05/Feb 10:03

Several critical vulnerabilities affecting Mali Graphics Processing Units (GPUs) have surfaced, allowing hackers to exploit flaws in GPU drivers to...

Rubriques :