Security news that informs and inspires

Archive

94 results for tag Vulnerability:

JetBrains Fixes TeamCity Authentication Bypass Flaws

The flaws, which exist in all TeamCity on-premises versions through 2023.11.3, have been fixed in version 2023.11.4.

Vulnerability

Exploit Code Released For Fortra GoAnywhere MFT Flaw

The flaw (CVE-2024-0204) could enable remote, unauthenticated attackers to bypass authentication in order to create new users.

Vulnerability

Exploitation of Recently Patched VMware Bug Started in 2021

Threat actors exploited a critical-severity VMware flaw for almost two years before patches were released in October.

Exploit, Vulnerability

Lace Tempest Seen Exploiting SysAid Zero Day

A path traversal zero day (CVE-2023-47246) in the SysAid on-premises product is under active attack by the ace Tempest threat group.

Vulnerability, Ransomware

Atlassian CISO Warns of Critical Confluence Flaw

Further details for the vulnerability were not specified, but the bug is rated 9.1 out of 10 on the CVSS v3 scale, and Atlassian is underscoring its potential impact for customers.

Vulnerability