Palo Alto Networks Patches 13 Vulnerabilities
Buffer overflow, DoS, command injection, SSRF, authentication bypass, and other types of vulnerabilities have been found in PAN-OS software. The post Palo Al...
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
74 articles found
Buffer overflow, DoS, command injection, SSRF, authentication bypass, and other types of vulnerabilities have been found in PAN-OS software. The post Palo Al...
Ubiquiti patched seven UniFi OS flaws, including critical CVE-2026-50746, which allows command injection in UniFi Connect Application. Ubiquiti released secu...
Ubiquiti has released security updates to patch seven critical vulnerabilities in UniFi OS, including a maximum-severity flaw that can be exploited in comman...
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication and gain access to restricted resources, ...
Thousands of Model Context Protocol (MCP) servers, widely used to connect large language models (LLMs) to external systems, have been found vulnerable to cri...
Threat actors are currently exploiting sophisticated ClickFix social engineering campaigns that mimic Google and Cloudflare verification systems to distribut...
Opera has announced a new native security feature called “Paste Protect,” which aims to combat clipboard hijacking and command injection attacks directly wit...
The operating system command injection flaw, with a CVSS score of 9.6, enables unauthenticated attackers to execute arbitrary commands on the LoadMaster appl...
A recently disclosed critical security flaw impacting Progress Kemp LoadMaster is seeing active exploitation attempts, according to an advisory from eSentire...
Polymarket says it will fully reimburse customers who lost an estimated $3 million after hackers injected a malicious script into the platform's frontend fol...
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code and upload malicious files to the affect...
At least one malware developer is adding text about nuclear and biological weapons to their spyware, in an effort to stop automatic AI analysis. Details: The...
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerab...
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerab...
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault Backup. Although authentication is required ...
A pervasive CI/CD vulnerability pattern dubbed “Cordyceps” reveals a supply chain vulnerability that lets unauthenticated attackers seize control of Git-base...
View CSAF Summary SINEC INS before V1.0 SP2 Update 6 is affected by multiple vulnerabilities.
At least one malware developer is adding text about nuclear and biological weapons to their spyware, in an effort to stop automatic AI analysis. Details: The...
Splunk patched an OS command injection in AI Toolkit, while Atlassian fixed dozens of flaws in third-party dependencies. The post Atlassian, Splunk Patch Cri...
Sapphire Sleet’s latest macOS campaign uses crafted .scpt AppleScript lures that pipe curl output directly to osascript, enabling a compact, multi-stage payl...