#remote-code-execution

[ follow ]
Information security
fromTheregister
1 week ago

Cisco ISE flaw gave root access before fix landed

Cisco's Identity Services Engine vulnerability has been actively exploited since early July, rated critical on the CVSS scale for remote code execution.
#cybersecurity
Privacy professionals
fromIT Pro
1 week ago

Microsoft's new SharePoint vulnerability - everything you need to know

A new vulnerability in on-premises SharePoint servers allows hackers to access content and execute code remotely.
fromIT Pro
1 week ago
Privacy professionals

Microsoft's new SharePoint vulnerability - everything you need to know

more#cybersecurity
#sharepoint
fromZDNET
1 week ago
Privacy professionals

Microsoft fixes two SharePoint zero-days under attack, but it's not over - how to patch

fromZDNET
1 week ago
Privacy professionals

Microsoft fixes two SharePoint zero-days under attack, but it's not over - how to patch

more#sharepoint
#microsoft
more#microsoft
fromTechCrunch
3 weeks ago

Activision took down Call of Duty game after PC players hacked, says source | TechCrunch

The game is not safe to play on PC right now, there's an RCE exploit, which allows hackers the ability to plant malware capable of essentially taking control of a victim's device.
Video games
Video games
fromGadgets 360
3 weeks ago

Call of Duty: WWII Players on Xbox PC App Are Getting Hacked

Activision has removed Call of Duty: WWII from the Xbox PC app due to a serious security exploit.
fromIT Pro
4 weeks ago

Using WinRAR? Update now to avoid falling victim to this file path flaw

A crafted file path can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of the current user.
Information security
#veeam
more#veeam
fromThe Hacker News
1 month ago

HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass

These vulnerabilities could be remotely exploited to allow remote code execution, disclosure of information, server-side request forgery, authentication bypass, arbitrary file deletion, and directory traversal information disclosure vulnerabilities.
Information security
Information security
fromTechzine Global
2 months ago

Active exploitation of vulnerabilities in Ivanti EPMM

Ivanti's Endpoint Manager Mobile has critical vulnerabilities exploited in both on-premises and cloud environments, allowing remote code execution without authentication.
fromSecuritymagazine
2 months ago

Hackers Can Take Control via SAP NetWeaver Flaw: SAP Security Analyst Discusses the Risks

A zero-day vulnerability in SAP NetWeaver allows remote code execution, posing significant risks to organizations globally.
#commvault
more#commvault
fromTechzine Global
3 months ago

SAP patches zero-day vulnerability in NetWeaver, denies exploitation

ReliaQuest reported that multiple customers have been compromised via unauthorized file uploads to SAP NetWeaver, allowing remote code execution.
Information security
Information security
fromSecuritymagazine
3 months ago

Devices exposed to remote hacking via Erlang/OTP SSH vulnerability

Erlang/OTP's SSH implementation has a critical vulnerability allowing remote code execution without authentication, requiring urgent attention and action from security teams.
fromCSO Online
3 months ago

Big hole in big data: Critical deserialization bug in Apache Parquet allows RCE

The Parquet-avro module in a popular library allows deserialization of untrusted data, posing a significant threat to Java applications by enabling remote code execution.
Java
fromThe Hacker News
3 months ago

Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code

Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code, said the project maintainers.
Java
fromThe Hacker News
4 months ago

Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication

Exploitation of these vulnerabilities leads to unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster by attackers, which can result in cluster takeover.
Information security
#apache-tomcat
Web frameworks
fromTechRepublic
4 months ago

Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters

Apache Tomcat is vulnerable to remote code execution attacks due to a recently disclosed vulnerability, CVE-2025-24813.
Web frameworks
fromThe Hacker News
4 months ago

Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure

A critical vulnerability in Apache Tomcat enables remote code execution and information disclosure, with active exploitation noted shortly after its disclosure.
more#apache-tomcat
Node JS
fromITPro
5 months ago

Flaws in a popular dev library could let hackers run malicious code in your MongoDB database

Two critical vulnerabilities in Mongoose could expose MongoDB databases to remote code execution attacks by hackers.
fromTheregister
6 months ago

MediaTek says 'Happy New Year' with critical RCE, other bugs

MediaTek disclosed a critical vulnerability affecting 51 chipsets, posing severe security risks to multiple device categories.
[ Load more ]