Articles tagged "CVE"

Found 341 articles

Mozilla has rolled out updates for Firefox to fix two serious vulnerabilities that could be exploited by attackers. The flaws, identified as CVE-2026-15718 and CVE-2026-15719, involve issues with JavaScript: WebAssembly and site isolation in the DOM: Navigation component. Mozilla has warned users that exploit code for these vulnerabilities is already available publicly, increasing the urgency for users to update. It’s crucial for Firefox users to install these updates promptly to protect against potential attacks that could compromise their security and privacy. Keeping software up to date is a key defense against such risks.

Read Original
Actively Exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation. The first, CVE-2023-4346, affects the KNX Protocol Connection Authorization Option 1, which has an overly restrictive account lockout mechanism, making it a target for attackers. The second, CVE-2026-46817, involves improper privilege management in Oracle E-Business Suite. These vulnerabilities pose significant risks, particularly to federal agencies, which are required by CISA's Binding Operational Directive 26-04 to prioritize rapid remediation of high-risk vulnerabilities. While this directive specifically applies to federal agencies, CISA encourages all organizations to adopt similar practices. Organizations that identify exploited vulnerabilities not listed in the KEV Catalog can submit them for potential inclusion.

Read Original

SonicWall has reported that two zero-day vulnerabilities affecting its Secure Mobile Access (SMA) 1000 series appliances are currently being exploited. One of these vulnerabilities, identified as CVE-2026-15409, has a critical CVSS score of 10.0 and allows remote attackers to execute arbitrary commands through a server-side request forgery (SSRF). This means that attackers can potentially gain unauthorized access to sensitive systems. The exploitation of these vulnerabilities poses a significant risk to organizations using these appliances, as it could lead to severe security breaches. SonicWall's warning emphasizes the urgency for users to address these issues to protect their networks.

Read Original

SonicWall has issued a warning about two vulnerabilities in its SMA1000 series, identified as CVE-2026-15409 and CVE-2026-15410. These flaws are being actively exploited by attackers in zero-day attacks, meaning they are being targeted before a fix has been widely implemented. As such, SonicWall is urging all users of the SMA1000 series to apply the newly released security updates to protect against these threats. Failure to patch could leave systems vulnerable to unauthorized access and potential data breaches. Users should prioritize this update to maintain the security of their networks.

Read Original

SAP has issued critical updates in July 2026 to fix several vulnerabilities, including a serious flaw in the SAP NetWeaver Application Server ABAP, identified as CVE-2026-44747. This vulnerability has a CVSS score of 9.9 and involves an out-of-bounds write issue that could allow an authenticated attacker to exploit memory management errors. If successfully executed, this could lead to memory corruption, potentially enabling attackers to expose or modify sensitive data. Organizations using the affected SAP NetWeaver Application Server should prioritize these updates to protect their systems from possible exploitation. Timely patching is crucial to maintaining the integrity and confidentiality of their data.

Read Original

SonicWall has identified two vulnerabilities in its Secure Mobile Access (SMA) 1000 Series appliances, known as CVE-2026-15409 and CVE-2026-15410, which are currently being exploited by attackers. The company is urging its customers to upgrade to a fixed firmware version immediately and to check for signs of compromise on their systems. If any indicators of compromise are found, SonicWall recommends that organizations re-image their hardware or redeploy their virtual appliances, change all user and administrator passwords, and reset any Time-based One-Time Password (TOTP) tokens. This situation raises concerns for organizations relying on these appliances for secure remote access, as attackers could exploit these vulnerabilities to gain unauthorized access to sensitive information. Swift action is essential to mitigate potential risks.

Read Original
Actively Exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, indicating they are being actively exploited in the wild. The vulnerabilities include two related to SonicWall SMA1000 Appliances, specifically a server-side request forgery and a code injection vulnerability. Additionally, there are two Microsoft vulnerabilities affecting Active Directory Federation Services and SharePoint Server, which involve insufficient access control and missing authentication for critical functions, respectively. These vulnerabilities pose significant risks, especially to federal agencies, as they can lead to total asset control by attackers post-exploitation. CISA's guidance encourages all organizations to prioritize remediation of these high-risk vulnerabilities to enhance their security posture.

Read Original

Rockwell Automation's 1715-AENTR EtherNet/IP Adapter has a serious vulnerability (CVE-2026-10577) affecting versions up to 3.003. This flaw exposes a debug port that lacks proper authentication controls, allowing attackers to gain unauthorized access to critical functions. If exploited, they could read or delete files, halt tasks, modify memory, and alter I/O states, threatening the device's confidentiality, integrity, and availability. This vulnerability is particularly concerning as it impacts sectors like energy and manufacturing, where security is crucial. Users are advised to upgrade to version 3.011 or later to mitigate the risks associated with this vulnerability.

Read Original
High
ABB Ability Edgenius

All CISA Advisories

ABB has identified a vulnerability, CVE-2026-31431, in its ABB Ability Edgenius platform, which affects versions 3.2.0.0 to 3.2.4.0. This vulnerability is linked to a flaw in the Linux kernel's cryptographic interface that could allow a locally authenticated user to gain elevated privileges, potentially leading to full control of the system. While there have been no reports of this vulnerability being exploited in the wild, ABB recommends that users update to version 3.2.4.1 to mitigate the risk. Users should also limit access to their systems to enhance security. This incident underscores the importance of timely software updates and access controls in protecting against potential exploits.

Read Original
Critical
ABB T-MAC Plus

All CISA Advisories

ABB has identified multiple vulnerabilities in its T-MAC Plus version 4.0-24 software, which could allow attackers to exploit the system in various ways. These vulnerabilities include issues like file disclosure, broken access controls, cross-site scripting (XSS), and an insecure network protocol that could lead to denial-of-service attacks. Affected users are urged to update to version 4.0-25, which contains fixes for these issues. The vulnerabilities are considered serious, with CVSS scores ranging from 7.4 to 9.9, indicating that they pose significant risks to security. Companies using this software should prioritize applying the update to protect their systems from potential exploitation.

Read Original
Critical
ABB Advant Master Online Builder

All CISA Advisories

ABB has identified a vulnerability in its Advant Master Online Builder products that could allow unauthorized code execution due to improper handling of search paths for loading dynamic link libraries (DLLs). Affected versions include Control Builder A versions up to 1.4/4 and multiple iterations of 800xA for Advant Master. To mitigate the risk, ABB has released updates that resolve the vulnerability, advising users to upgrade to specific patched versions. Importantly, the vulnerability requires physical access to the system, which limits its exploitability. However, users are still urged to manage access strictly and enforce strong security practices to prevent potential exploitation.

Read Original
Actively Exploited

CISA has issued a warning about active exploitation of several vulnerabilities in on-premises SharePoint Server instances, specifically CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164. These vulnerabilities allow attackers to execute remote code and potentially steal sensitive data from affected systems. All supported versions of SharePoint Server, including the Subscription Edition, 2019, and 2016, are at risk. Organizations are advised to monitor their SharePoint Servers for unusual activities and to apply the latest patches from Microsoft. Additional vulnerabilities have been identified but are not yet known to be exploited, emphasizing the need for prompt updates and hardening measures to prevent possible breaches.

Read Original
Actively Exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has added a new vulnerability, CVE-2008-4128, to its Known Exploited Vulnerabilities Catalog. This vulnerability affects Cisco IOS and is associated with cross-site request forgery, which allows attackers to exploit vulnerable systems. It poses significant risks, particularly for federal agencies, as it can lead to total control over affected assets after exploitation. CISA's Binding Operational Directive 26-04 emphasizes the need for federal agencies to prioritize rapid remediation of such high-risk vulnerabilities. While this directive primarily applies to federal agencies, CISA encourages all organizations to adopt similar practices for managing vulnerabilities effectively. Agencies are also urged to check for any compromises before applying patches to mitigate risks.

Read Original

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged two severe vulnerabilities affecting iCagenda and Balbooa extensions for Joomla, assigning them a maximum severity rating of 10.0 on the CVSS scale. These vulnerabilities have reportedly been exploited in the wild, making them a pressing concern for users of these Joomla extensions. CVE-2026-48939 is one of the identified flaws, but specific details about the second vulnerability have not been disclosed. Joomla users utilizing these extensions should take immediate action to secure their systems, as attackers are actively targeting these weaknesses. The situation emphasizes the need for timely updates and patches to prevent unauthorized access and potential data breaches.

Read Original

Zimbra has issued a warning regarding a serious vulnerability in its Classic Web Client that could allow attackers to execute malicious code through specially crafted emails. This vulnerability falls under the category of stored cross-site scripting (XSS) and poses a significant risk as it could enable unauthorized actions within a user's session. While the flaw has not yet been assigned a CVE identifier, Zimbra is urging all customers to implement the necessary updates to mitigate this risk. The potential for arbitrary code execution raises alarms about data security and user safety, making it crucial for affected users to take prompt action. Companies that rely on Zimbra for email services should prioritize applying the updates to protect their systems from potential exploitation.

Read Original
Page 1 of 23Next