Exploited

Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure – Go Health Pro

by
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure – Go Health Pro

Mar 17, 2025Ravie LakshmananVulnerability / Web Security A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a public proof-of-concept (PoC) a mere 30 hours after public disclosure. The vulnerability, tracked as CVE-2025-24813, affects the below versions – Apache Tomcat 11.0.0-M1 to 11.0.2 Apache Tomcat … Read more

Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers – Go Health Pro

by
Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers – Go Health Pro

Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers.  Threat intelligence startup GreyNoise warned late last month that a critical-rated zero-day vulnerability impacting Zyxel routers was being actively exploited. GreyNoise said the flaws allow attackers to execute arbitrary commands on affected … Read more

CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25 – Go Health Pro

by
CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25 – Go Health Pro

Feb 05, 2025Ravie LakshmananVulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows – CVE-2024-45195 (CVSS score: 7.5/9.8) – A forced browsing vulnerability in Apache … Read more

Ivanti Zero-Day Vulnerability Exploited: The Details – Go Health Pro

by
Ivanti Zero-Day Vulnerability Exploited: The Details – Go Health Pro

The UK’s National Cyber Security Centre (NCSC) and its US counterpart have issued an urgent advisory to Ivanti customers after discovering two critical vulnerabilities, one of which is actively exploited. Read on to see how the Ivanti Zero-Day Vulnerability was exploited. Details of how the Ivanti Zero-Day Vulnerability was exploited Ivanti released a security advisory … Read more

CISA adds Mitel and Oracle bugs to exploited vulnerabilities list – Go Health Pro

by
CISA adds Mitel and Oracle bugs to exploited vulnerabilities list – Go Health Pro

The Cybersecurity and Infrastructure Security Agency (CISA) on Jan. 7 added three bugs to its Known Exploited Vulnerabilities (KEV) catalog, two that affected the Mitel MiCollab communications and collaboration platform, and an Oracle WebLogic Server bug from 2020. Of the two Mitel MiCollab bugs, the most serious of the two — CVE-2024-41713 — was assigned … Read more

x