CISA warns that years-old vulnerabilities in SAP Commerce, Gpac framework, and D-Link DIR-820 routers are exploited in the wild.
The post Organizations Warned of Exploited SAP, Gpac and D-Link Vulnerabilities appeared first on SecurityWeek.
Third Recent Ivanti Vulnerability Exploited in the Wild
CVE-2024-7593 is the third Ivanti product vulnerability patched in recent months that has been exploited in the wild.
The post Third Recent Ivanti Vulnerability Exploited in the Wild appeared first on SecurityWeek.
Ivanti Warns of Second CSA Vulnerability Exploited in Attacks
In addition to the Ivanti CSA flaw CVE-2024-8190, another vulnerability affecting the same product, tracked as CVE-2024-8963, has been exploited.
The post Ivanti Warns of Second CSA Vulnerability Exploited in Attacks appeared first on SecurityWeek.
CISA: Oracle Vulnerabilities From ‘Miracle Exploit’ Targeted in Attacks
CISA is warning organizations that two Oracle vulnerabilities tracked as CVE-2022-21445 and CVE-2020-14644 are being exploited in the wild.
The post CISA: Oracle Vulnerabilities From ‘Miracle Exploit’ Targeted in Attacks appeared first on SecurityWeek.
Recent WhatsUp Gold Vulnerabilities Possibly Exploited in Ransomware Attacks
Two recently patched Progress Software WhatsUp Gold vulnerabilities may have been exploited in the wild, possibly in ransomware attacks.
The post Recent WhatsUp Gold Vulnerabilities Possibly Exploited in Ransomware Attacks appeared first on SecurityWeek.
Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day
Microsoft warns that a recently patched Windows vulnerability was exploited in the wild as a zero-day prior to July 2024.
The post Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day appeared first on SecurityWeek.
Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure
The Ivanti Cloud Service Appliance vulnerability CVE-2024-8190 has been exploited in the wild, with attacks starting just days after disclosure.
The post Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure appeared first on SecurityWeek.
Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks
A recently patched SonicWall vulnerability tracked as CVE-2024-40766 may have been exploited in ransomware attacks.
The post Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks appeared first on SecurityWeek.
Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild
SonicWall is warning customers that the recently patched critical vulnerability CVE-2024-40766 may be exploited in the wild.
The post Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild appeared first on SecurityWeek.
Apache Makes Another Attempt at Patching Exploited RCE in OFBiz
The latest Apache OFBiz update patches CVE-2024-45195, a bypass of a recently disclosed remote code execution bug exploited in attacks.
The post Apache Makes Another Attempt at Patching Exploited RCE in OFBiz appeared first on SecurityWeek.
