X

Vous n'êtes pas connecté

العناوين :

Maroc Maroc - THECYBERTHRONE.IN - A La Une - 06/01/2025 09:17

CVE-2024-10957: UpdraftPlus WordPress Plugin Vulnerability

CVE-2024-10957 is a high-severity vulnerability affecting the UpdraftPlus: WP Backup & Migration Plugin for WordPress. This vulnerability, present in versions up to and including 1.24.11, enables attackers to perform PHP Object Injection through the deserialization of untrusted input in the recursive_unserialized_replace function. Here’s a comprehensive analysis of this vulnerability, its potential impact, and mitigation strategies. […]

Articles similaires

Sorry! Image not available at this time

ACF Plugin Flaw Exposes 50,000 WordPress Sites to Admin Takeover

itsecuritynews.info - 07/Feb 15:34

  A critical vulnerability in the Advanced Custom Fields: Extended (ACF Extended) WordPress plugin has exposed around 50,000 sites to potential...

Sorry! Image not available at this time

Critical Vulnerability in Python PLY Library Enables Remote Code Execution – PoC Published

itsecuritynews.info - 27/Jan 10:05

A critical vulnerability has been identified in the PyPI-distributed version of PLY (Python Lex-Yacc) 3.11, allowing arbitrary code execution through...

Sorry! Image not available at this time

Critical Vulnerability in Python PLY Library Enables Remote Code Execution – PoC Published

itsecuritynews.info - 27/Jan 10:05

A critical vulnerability has been identified in the PyPI-distributed version of PLY (Python Lex-Yacc) 3.11, allowing arbitrary code execution through...

Sorry! Image not available at this time

Critical Johnson Controls Products Vulnerabilities Enables Remote SQL Injection Attacks

itsecuritynews.info - 01/Feb 16:36

A critical advisory addressing a severe SQL injection vulnerability affecting multiple Johnson Controls industrial control system products. The...

Sorry! Image not available at this time

Ingress-NGINX Flaw Enables Arbitrary Code Execution Attacks

itsecuritynews.info - 04/Feb 07:02

A high-severity vulnerability has been discovered in the Kubernetes ingress-nginx controller, allowing attackers to execute arbitrary code and...

Sorry! Image not available at this time

Gakido CRLF Injection Vulnerability Let Attackers Bypass Security Controls

itsecuritynews.info - 02/Feb 14:13

A critical vulnerability in Gakido, an HTTP client library by HappyHackingSpace, has been discovered that allows attackers to inject arbitrary HTTP...

Sorry! Image not available at this time

Apache Hadoop Vulnerability Exposes Systems Potential Crashes or Data Corruption

itsecuritynews.info - 26/Jan 10:09

A moderate-severity vulnerability in the Hadoop Distributed File System (HDFS) native client could allow attackers to trigger system crashes or...

Sorry! Image not available at this time

Apache Hadoop Vulnerability Exposes Systems Potential Crashes or Data Corruption

itsecuritynews.info - 26/Jan 10:09

A moderate-severity vulnerability in the Hadoop Distributed File System (HDFS) native client could allow attackers to trigger system crashes or...

Sorry! Image not available at this time

CVE-2026-24061 – GNU InetUtils telnetd Authentication Bypass Vulnerability

itsecuritynews.info - 30/Jan 16:34

CVE-2026-24061 enables unauthenticated attackers to exploit GNU telnetd and gain immediate root shells over the network. The post CVE-2026-24061 –...

Sorry! Image not available at this time

Cisco Meeting Management Vulnerability Let Remote Attacker Upload Arbitrary Files

itsecuritynews.info - 05/Feb 10:36

A high-severity security advisory has been issued for a critical vulnerability in Meeting Management software. This vulnerability allows authenticated...

أحدث الإصدارات