August 9, 2024

Microsoft unveiled four medium-severity security vulnerabilities in the open-source software OpenVPN, which could potentially be exploited to achieve remote code execution (RCE) and local privilege escalation (LPE).

August 9, 2024

AMD has issued a warning about a serious CPU vulnerability named SinkClose, affecting its EPYC, Ryzen, and Threadripper processors.

August 9, 2024

Microsoft has reported a high-risk vulnerability in Office 2016 that could potentially expose NTLM hashes to a remote attacker.

August 9, 2024

Microsoft has announced the existence of a high-severity zero-day vulnerability in Office 2016 and subsequent versions, for which a patch is still in development.

August 8, 2024

Cisco has issued an alert about several critical remote code execution vulnerabilities in the web-based management interface of its now-discontinued Small Business SPA 300 and SPA 500 series IP phones.

August 8, 2024

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has issued a warning about two vulnerabilities that are currently being exploited, one of which impacts Apache OFBiz.

August 8, 2024

Cisco updated its advisory to alert users about a critical vulnerability, CVE-2024-20419, which impacts Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers and its predecessor, Cisco Smart Software Manager Satellite (SSM Satellite).

August 7, 2024

At Black Hat 2024, SafeBreach security researcher Alon Leviev disclosed two zero-day vulnerabilities that could be exploited to 'unpatch' fully updated Windows 10, 11, and Windows Server systems.

August 6, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a specific vulnerability in Microsoft COM for Windows to its Known Exploited Vulnerabilities (KEV) catalog.

August 6, 2024

A serious security flaw has been detected in Rockwell Automation's ControlLogix 1756 programmable logic controllers (PLCs).