X

Vous n'êtes pas connecté

Rubriques :

Maroc Maroc - THECYBERTHRONE.IN - A La Une - 25/12/2024 15:00

CVE-2024-45387 Critical Bug in Apache Traffic Control

CVE-2024-45387 represents a significant security concern within the Traffic Ops component of Apache Traffic Control, specifically impacting versions The heart of this vulnerability is an SQL injection flaw. Essentially, it allows a privileged user—such as those with roles like admin, federation, operations, portal, or steering—to execute arbitrary SQL commands. This is achieved by sending a […]

Articles similaires

Sorry! Image not available at this time

Ingress-NGINX Flaw Enables Arbitrary Code Execution Attacks

itsecuritynews.info - 04/Feb 07:02

A high-severity vulnerability has been discovered in the Kubernetes ingress-nginx controller, allowing attackers to execute arbitrary code and...

Sorry! Image not available at this time

ACF Plugin Flaw Exposes 50,000 WordPress Sites to Admin Takeover

itsecuritynews.info - 15:34

  A critical vulnerability in the Advanced Custom Fields: Extended (ACF Extended) WordPress plugin has exposed around 50,000 sites to potential...

Sorry! Image not available at this time

Cisco Meeting Management Vulnerability Let Remote Attacker Upload Arbitrary Files

itsecuritynews.info - 05/Feb 10:36

A high-severity security advisory has been issued for a critical vulnerability in Meeting Management software. This vulnerability allows authenticated...

Sorry! Image not available at this time

Cisco Meeting Management Vulnerability Let Remote Attacker Upload Arbitrary Files

itsecuritynews.info - 05/Feb 10:36

A high-severity security advisory has been issued for a critical vulnerability in Meeting Management software. This vulnerability allows authenticated...

Sorry! Image not available at this time

SmarterTools patches critical SmarterMail flaw allowing code execution

securityaffairs.co - 30/Jan 11:53

SmarterTools fixed two SmarterMail flaws, including a critical bug (CVE-2026-24423) that could allow arbitrary code execution. SmarterTools fixed two...

Sorry! Image not available at this time

Imperva Customers Protected Against CVE-2026-21962 in Oracle HTTP and WebLogic

itsecuritynews.info - 26/Jan 20:31

What Is CVE-2026-21962? CVE-2026-21962 is a critical (CVSS 10.0) vulnerability in the Oracle HTTP Server and the WebLogic Server Proxy Plug-in for...

Sorry! Image not available at this time

Imperva Customers Protected Against CVE-2026-21962 in Oracle HTTP and WebLogic

itsecuritynews.info - 26/Jan 20:31

What Is CVE-2026-21962? CVE-2026-21962 is a critical (CVSS 10.0) vulnerability in the Oracle HTTP Server and the WebLogic Server Proxy Plug-in for...

Sorry! Image not available at this time

Critical Django Flaw Allows DoS and SQL Injection Attacks

itsecuritynews.info - 04/Feb 06:11

The Django Software Foundation has issued emergency security patches addressing six critical vulnerabilities affecting multiple versions of the...

Sorry! Image not available at this time

Hackers Actively Exploit React Native Metro Server to Target Software Developers

itsecuritynews.info - 04/Feb 05:38

Threat actors are exploiting a critical remote code execution vulnerability in React Native’s Metro development server to deploy sophisticated...

Sorry! Image not available at this time

Critical Johnson Controls Products Vulnerabilities Enables Remote SQL Injection Attacks

itsecuritynews.info - 01/Feb 16:36

A critical advisory addressing a severe SQL injection vulnerability affecting multiple Johnson Controls industrial control system products. The...

Les derniers communiqués