X

Vous n'êtes pas connecté

Rubriques :

Maroc Maroc - THECYBERTHRONE.IN - A La Une - 25/12/2024 15:00

CVE-2024-45387 Critical Bug in Apache Traffic Control

CVE-2024-45387 represents a significant security concern within the Traffic Ops component of Apache Traffic Control, specifically impacting versions The heart of this vulnerability is an SQL injection flaw. Essentially, it allows a privileged user—such as those with roles like admin, federation, operations, portal, or steering—to execute arbitrary SQL commands. This is achieved by sending a […]

Articles similaires

Sorry! Image not available at this time

Apache bRPC Vulnerability Enables Remote Command Injection

itsecuritynews.info - 20/Jan 05:32

A critical remote command-injection vulnerability has been discovered in Apache bRPC’s built-in heap profiler service, affecting all versions before...

Sorry! Image not available at this time

Apache bRPC Vulnerability Enables Remote Command Injection

itsecuritynews.info - 20/Jan 05:32

A critical remote command-injection vulnerability has been discovered in Apache bRPC’s built-in heap profiler service, affecting all versions before...

Sorry! Image not available at this time

SmarterTools patches critical SmarterMail flaw allowing code execution

securityaffairs.co - 11:53

SmarterTools fixed two SmarterMail flaws, including a critical bug (CVE-2026-24423) that could allow arbitrary code execution. SmarterTools fixed two...

Sorry! Image not available at this time

Cisco Unified Communications 0-day RCE Vulnerability Exploited in the Wild to Gain Root Access

itsecuritynews.info - 22/Jan 04:15

Cisco has disclosed a critical zero-day remote code execution (RCE) vulnerability, CVE-2026-20045, actively exploited in the wild. Affecting key...

Sorry! Image not available at this time

Cisco Unified Communications 0-day RCE Vulnerability Exploited in the Wild to Gain Root Access

itsecuritynews.info - 22/Jan 04:15

Cisco has disclosed a critical zero-day remote code execution (RCE) vulnerability, CVE-2026-20045, actively exploited in the wild. Affecting key...

Sorry! Image not available at this time

Imperva Customers Protected Against CVE-2026-21962 in Oracle HTTP and WebLogic

itsecuritynews.info - 26/Jan 20:31

What Is CVE-2026-21962? CVE-2026-21962 is a critical (CVSS 10.0) vulnerability in the Oracle HTTP Server and the WebLogic Server Proxy Plug-in for...

Sorry! Image not available at this time

Imperva Customers Protected Against CVE-2026-21962 in Oracle HTTP and WebLogic

itsecuritynews.info - 26/Jan 20:31

What Is CVE-2026-21962? CVE-2026-21962 is a critical (CVSS 10.0) vulnerability in the Oracle HTTP Server and the WebLogic Server Proxy Plug-in for...

Sorry! Image not available at this time

Cisco fixed actively exploited Unified Communications zero day

securityaffairs.co - 21/Jan 23:47

Cisco patched a critical zero-day RCE flaw (CVE-2026-20045) in Unified Communications and Webex Calling that is actively exploited in the wild. Cisco...

Sorry! Image not available at this time

Command injection in Apache bRPC heap profiler

australiancybersecuritymagazine.com.au - 29/Jan 02:52

The CyberArk Labs team have identified Apache bRPC users are exposed to a critical command injection flaw in the /pprof/heap endpoint...

Sorry! Image not available at this time

CVE-2026-20045: Cisco Unified Communications Zero-Day Under Active Attack

thecyberthrone.in - 22/Jan 01:07

Cisco recently patched a critical code injection vulnerability in its Unified Communications suite, tracked as CVE-2026-20045, which attackers are...

Les derniers communiqués