X

Vous n'êtes pas connecté

Rubriques :

Maroc Maroc - THECYBERTHRONE.IN - A La Une - 18/01/2025 15:10

CVE-2024-7344 impacts UEFI based systems

CVE-2024-7344 is a critical vulnerability affecting UEFI-based systems. It was discovered by researchers at ESET and involves a bypass of the UEFI Secure Boot mechanism, allowing untrusted code to run during system boot, posing a significant security risk. Key Highlights: Technical Details: Resolution: Implications: Future Considerations: Conclusion: The discovery of CVE-2024-7344 highlights the need for […]

Articles similaires

Sorry! Image not available at this time

CVE-2026-20127: Cisco Catalyst SD-WAN Controller/Manager Zero-Day Authentication Bypass Vulnerability Exploited in the Wild

itsecuritynews.info - 25/Feb 20:34

Exploitation of a maximum severity authentication bypass zero-day vulnerability affecting Cisco Catalyst SD-WAN Controller and Manager has been...

Sorry! Image not available at this time

CVE-2026-20127: Cisco Catalyst SD-WAN Controller/Manager Zero-Day Authentication Bypass Vulnerability Exploited in the Wild

itsecuritynews.info - 25/Feb 20:34

Exploitation of a maximum severity authentication bypass zero-day vulnerability affecting Cisco Catalyst SD-WAN Controller and Manager has been...

Sorry! Image not available at this time

OneUptime Command Injection Vulnerability Poses Major Risk of Full System Takeover

itsecuritynews.info - 02/Mar 12:16

A critical command injection vulnerability, identified as CVE-2026-27728, has been discovered in OneUptime, a platform for monitoring and managing...

Sorry! Image not available at this time

OneUptime Command Injection Vulnerability Poses Major Risk of Full System Takeover

itsecuritynews.info - 02/Mar 12:16

A critical command injection vulnerability, identified as CVE-2026-27728, has been discovered in OneUptime, a platform for monitoring and managing...

Sorry! Image not available at this time

UXSS Vulnerability in DuckDuckGo Browser’s AutoConsent JS Bridge Allows Cross-Origin Attacks

itsecuritynews.info - 02/Mar 13:07

A critical vulnerability was recently discovered in the DuckDuckGo browser for Android, exposing users to Universal Cross-Site Scripting (UXSS)...

Sorry! Image not available at this time

UXSS Vulnerability in DuckDuckGo Browser’s AutoConsent JS Bridge Allows Cross-Origin Attacks

itsecuritynews.info - 02/Mar 13:07

A critical vulnerability was recently discovered in the DuckDuckGo browser for Android, exposing users to Universal Cross-Site Scripting (UXSS)...

Sorry! Image not available at this time

Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch

securityaffairs.co - 02/Mar 14:45

Russia-linked APT28 reportedly exploited MSHTML zero-day CVE-2026-21513 before Microsoft patched it, a high-severity bypass flaw. Akamai reports that...

Sorry! Image not available at this time

Android devices hit by exploited Qualcomm flaw CVE-2026-21385

securityaffairs.co - 03/Mar 10:03

Google confirms that the Qualcomm Android vulnerability CVE-2026-21385 was exploited in real-world attacks. Google has confirmed that CVE-2026-21385...

Sorry! Image not available at this time

Apache Tomcat Vulnerability Circumvents Access Rules

itsecuritynews.info - 20/Feb 20:36

Apache disclosed a Tomcat flaw (CVE-2026-24733) that can bypass access controls via legacy HTTP/0.9 requests under specific configurations. The post...

Sorry! Image not available at this time

Apache Tomcat Vulnerability Circumvents Access Rules

itsecuritynews.info - 20/Feb 20:36

Apache disclosed a Tomcat flaw (CVE-2026-24733) that can bypass access controls via legacy HTTP/0.9 requests under specific configurations. The post...

Les derniers communiqués