-
HPE Aruba Networking fixes four critical RCE flaws in ArubaOS
HPE Aruba Networking has issued its April 2024 security advisory detailing critical remote code execution (RCE) vulnerabilities impacting multiple versions of ArubaOS, its proprietary network operating system.
- May 01, 2024
- 06:31 PM
1
-
R language flaw allows code execution via RDS/RDX files
A new vulnerability has been discovered in the R programming language that allows arbitrary code execution upon deserializing specially crafted RDS and RDX files.
- April 30, 2024
- 02:46 PM
1
-
WP Automatic WordPress plugin hit by millions of SQL injection attacks
Hackers have started to target a critical severity vulnerability in the WP Automatic plugin for WordPress to create user accounts with administrative privileges and to plant backdoors for long-term access.
- April 25, 2024
- 10:27 AM
- 0
-
Maximum severity Flowmon bug has a public exploit, patch now
Proof-of-concept exploit code has been released for a top-severity security vulnerability in Progress Flowmon, a tool for monitoring network performance and visibility.
- April 24, 2024
- 04:08 PM
- 1
-
Critical Forminator plugin flaw impacts over 300k WordPress sites
The Forminator WordPress plugin used in over 500,000 sites is vulnerable to a flaw that allows malicious actors to perform unrestricted file uploads to the server.
- April 20, 2024
- 11:19 AM
- 1
-
22,500 Palo Alto firewalls "possibly vulnerable" to ongoing attacks
Approximately 22,500 exposed Palo Alto GlobalProtect firewall devices are likely vulnerable to the CVE-2024-3400 flaw, a critical command injection vulnerability that has been actively exploited in attacks since at least March 26, 2024.
- April 19, 2024
- 11:27 AM
- 1
-
PuTTY SSH client flaw allows recovery of cryptographic private keys
A vulnerability tracked as CVE-2024-31497 in PuTTY 0.68 through 0.80 could potentially allow attackers with access to 60 cryptographic signatures to recover the private key used for their generation.
- April 16, 2024
- 11:01 AM
- 0
-
Telegram fixes Windows app zero-day used to launch Python scripts
Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts.
- April 12, 2024
- 02:46 PM
- 0
-
Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks
Today, Palo Alto Networks warns that an unpatched critical command injection vulnerability in its PAN-OS firewall is being actively exploited in attacks.
- April 12, 2024
- 09:28 AM
- 0
-
Critical Rust flaw enables Windows command injection attacks
Threat actors can exploit a security vulnerability in the Rust standard library to target Windows systems in command injection attacks.
- April 09, 2024
- 04:20 PM
- 2
-
Windows 10 KB5036892 update released with 23 new fixes, changes
Microsoft has released the KB5036892 cumulative update for Windows 10 21H2 and Windows 10 22H2 with twenty-three changes and two new features.
- April 09, 2024
- 02:18 PM
- 1
-
Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs
Today is Microsoft's April 2024 Patch Tuesday, which includes security updates for 150 flaws and sixty-seven remote code execution bugs.
- April 09, 2024
- 01:34 PM
- 3
-
New SharePoint flaws help hackers evade detection when stealing files
Researchers have discovered two techniques that could enable attackers to bypass audit logs or generate less severe entries when downloading files from SharePoint.
- April 09, 2024
- 09:00 AM
- 2
-
Over 90,000 LG Smart TVs may be exposed to remote attacks
Security researchers at Bitdefender have discovered four vulnerabilities impacting multiple versions of WebOS, the operating system used in LG smart TVs.
- April 09, 2024
- 09:00 AM
- 3
-
Over 92,000 exposed D-Link NAS devices have a backdoor account
A threat researcher has disclosed a new arbitrary command injection and hardcoded backdoor flaw in multiple end-of-life D-Link Network Attached Storage (NAS) device models.
- April 06, 2024
- 10:16 AM
- 0
-
New Ivanti RCE flaw may impact 16,000 exposed VPN gateways
Approximately 16,500 Ivanti Connect Secure and Poly Secure gateways exposed on the internet are likely vulnerable to a remote code execution (RCE) flaw the vendor addressed earlier this week.
- April 05, 2024
- 01:40 PM
- 0
-
New HTTP/2 DoS attack can crash web servers with a single connection
Newly discovered HTTP/2 protocol vulnerabilities called "CONTINUATION Flood" can lead to denial of service (DoS) attacks, crashing web servers with a single TCP connection in some implementations.
- April 04, 2024
- 11:28 AM
- 0
-
Critical flaw in LayerSlider WordPress plugin impacts 1 million sites
A premium WordPress plugin named LayerSlider, used in over one million sites, is vulnerable to unauthenticated SQL injection, requiring admins to prioritize applying security updates for the plugin.
- April 03, 2024
- 02:21 PM
- 3
-
Google fixes two Pixel zero-day flaws exploited by forensics firms
Google has fixed two Google Pixel zero-days exploited by forensic firms to unlock phones without a PIN and gain access to the data stored within them.
- April 03, 2024
- 10:47 AM
- 6
-
CISA urges software devs to weed out SQL injection vulnerabilities
CISA and the FBI urged executives of technology manufacturing companies to prompt formal reviews of their organizations' software and implement mitigations to eliminate SQL injection (SQLi) security vulnerabilities before shipping.
- March 25, 2024
- 02:26 PM
- 1
1
-
Remove the Theonlinesearch.com Search Redirect
Filed Under: Adware -
Remove the Smartwebfinder.com Search Redirect
Filed Under: Adware -
How to remove the PBlock+ adware browser extension
Filed Under: Adware -
Remove the Toksearches.xyz Search Redirect
Filed Under: Adware -
Remove the Smashapps.net Search Redirect
Filed Under: Adware
-
Version: 5.1.5.1165M+ Downloads
-
Version: 1.33.07554,224 Downloads
-
Version: 0.8141,953 Downloads
-
Version: NA103,249 Downloads
-
Version: NA150,238 Downloads
