-
High command injection vulnerabilities have been discovered in Tenda’s N300 Wi-Fi 4G LTE Router and the 4G03 Pro model, allowing authenticated attackers to execute arbitrary commands with root privileges on affected devices. With no patches curre…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Rapid7’s Metasploit team has released a new exploit module targeting critical zero-day vulnerabilities in Fortinet’s FortiWeb web application firewall, chaining two security flaws to achieve unauthenticated remote code execution with root p…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Twonky Server version 8.5.2 contains two critical authentication bypass vulnerabilities that allow unauthenticated attackers to steal administrator credentials and take complete control of the media server. Security researchers at Rapid7 discovered tha…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SolarWinds has released security patches addressing three critical remote code execution vulnerabilities in Serv-U that could allow attackers with administrative privileges to execute arbitrary code on affected systems. The vulnerabilities disclosed in Serv-U version 15.5.3 pose significant risks to organizations that rely on the file transfer software for secure data exchange. Multiple Pathways to Remote […] The post Critical SolarWinds Serv-U Vulnerabilities Let Attackers Execute Malicious Code Remotely as Admin appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SolarWinds has released an urgent security update for its Serv-U file transfer software, patching three critical vulnerabilities that could enable attackers with administrative access to execute remote code on affected systems. The flaws, all rated 9.1…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has disclosed critical security vulnerabilities affecting Cisco Unified Contact Center Express (Unified CCX) that could enable unauthenticated, remote attackers to execute arbitrary commands, escalate privileges to root, and bypass authentication…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitLab has released critical security patches addressing nine vulnerabilities across Community Edition (CE) and Enterprise Edition (EE), including a concerning prompt injection flaw in GitLab Duo that could expose sensitive information from confidentia…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Mozilla Foundation released three critical security advisories on November 11, 2025, addressing 16 unique vulnerabilities across multiple Firefox versions and platforms. The updates target Firefox 145, Firefox ESR 115.30, and Firefox ESR 140.5, wit…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has released its November 2025 Patch Tuesday update, addressing 63 security vulnerabilities across its software lineup. The update includes a critical fix for a zero-day vulnerability in the Windows Kernel that is confirmed to be actively exp…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ivanti has released critical security updates for Ivanti Endpoint Manager to address three high-severity vulnerabilities that could allow authenticated attackers to write arbitrary files to any location on affected systems. The company disclosed the se…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
