Sign in Subscribe

Vulnerability

CISA Adds Jenkins CLI Path Traversal Vulnerability to Known Exploited Vulnerabilities Catalogue

CISA Adds Jenkins CLI Path Traversal Vulnerability to Known Exploited Vulnerabilities Catalogue

On August 19, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) added a new vulnerability, CVE-2024-23897, to its Known Exploited Vulnerabilities (KEV) Catalog.

Microsoft macOS Apps Vulnerable to Permission Exploitation Through Library Injection

Microsoft macOS Apps Vulnerable to Permission Exploitation Through Library Injection

On August 19, 2024, Cisco Talos reported eight critical vulnerabilities in Microsoft applications running on macOS. These vulnerabilities allow attackers to exploit application permissions and entitlements by injecting malicious libraries.

Critical SolarWinds CVE-2024-28986 Vulnerability Added to CISA’s Known Exploited Vulnerabilities Catalog

Critical SolarWinds CVE-2024-28986 Vulnerability Added to CISA’s Known Exploited Vulnerabilities Catalog

On August 13, 2024, SolarWinds released a security advisory regarding a critical vulnerability in their Web Help Desk (WHD) software. The vulnerability, CVE-2024-28986, poses a significant risk of remote code execution via Java deserialization.