Affecting both RS and PRA, the bug can be exploited remotely via crafted requests without authentication.
The post BeyondTrust Patches Critical RCE Vulnerability appeared first on SecurityWeek.
High-Severity Remote Code Execution Vulnerability Patched in OpenSSL
A total of 12 vulnerabilities have been fixed in OpenSSL, all discovered by a single cybersecurity firm.
The post High-Severity Remote Code Execution Vulnerability Patched in OpenSSL appeared first on SecurityWeek.
Vulnerabilities in Xerox Print Orchestration Product Allow Remote Code Execution
Path traversal and XXE injection flaws allowing unauthenticated remote code execution have been patched in Xerox FreeFlow Core.
The post Vulnerabilities in Xerox Print Orchestration Product Allow Remote Code Execution appeared first on SecurityWeek.
Critical Vulnerabilities Patched in Trend Micro Apex Central, Endpoint Encryption
Trend Micro patches critical-severity Apex Central and Endpoint Encryption PolicyServer flaws leading to remote code execution.
The post Critical Vulnerabilities Patched in Trend Micro Apex Central, Endpoint Encryption appeared first on SecurityWeek.
Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum
Exploits swirling for remote code execution vulnerability (CVE-2025-24813) in open-source Apache Tomcat web server.
The post Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum appeared first on SecurityWeek.
Microsoft Flags Six Active Zero-Days, Patches 57 Flaws: Patch Tuesday
Redmond ships major security updates with warnings that a half-dozen Windows vulnerabilities have already been exploited in the wild.
The post Microsoft Flags Six Active Zero-Days, Patches 57 Flaws: Patch Tuesday appeared first on SecurityWeek.
Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains
The vulnerabilities, patched in OpenVPN 2.6.10, expose users on the Windows platform to remote code execution attacks.
The post Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains appeared first on SecurityWeek.
QNAP Rushes Patch for Code Execution Flaw in NAS Devices
QNAP rolls out patches for multiple vulnerabilities after proof-of-concept exploit published for a remote code execution vulnerability.
The post QNAP Rushes Patch for Code Execution Flaw in NAS Devices appeared first on SecurityWeek.
Critical Flaw in Popular ‘Ultimate Member’ WordPress Plugin
The vulnerability carries a CVSS severity score of 9.8/10 and affects web sites running the Ultimate Member WordPress membership plugin.
The post Critical Flaw in Popular ‘Ultimate Member’ WordPress Plugin appeared first on SecurityWeek.
ConnectWise Confirms ScreenConnect Flaw Under Active Exploitation
Security experts describe exploitation of the CVSS 10/10 flaw as “trivial and embarrassingly easy.”
The post ConnectWise Confirms ScreenConnect Flaw Under Active Exploitation appeared first on SecurityWeek.