14 DrayTek vulnerabilities patched, including max-severity RCE flaw – Go Health Pro

14 DrayTek vulnerabilities patched, including max-severity RCE flaw – Go Health Pro

DrayTek patched 14 vulnerabilities affecting 24 of its router models, including a maximum severity buffer overflow flaw that could lead to remote code execution (RCE) or denial-of-service (DoS). The two critical-, nine high- and three medium-severity DrayTek bugs were discovered by Forescout Research’s Vedere Labs and described in a report titled “DRAY:BREAK” published Thursday. Shodan … Read more

Veeam patches 5 vital vulnerabilities, together with unauthenticated RCE flaw – Go Well being Professional

Veeam patches 5 vital vulnerabilities, together with unauthenticated RCE flaw – Go Well being Professional

Veeam launched patches for 13 high-severity and 5 vital vulnerabilities, together with one flaw in Veeam Backup & Replication that would result in unauthenticated distant code execution (RCE). The September 2024 Veeam safety bulletin, final up to date Thursday, consists of bugs found in six Veeam merchandise, with CVSS scores starting from 7.3 to 9.9. … Read more

Crucial Safety Flaw Present in LiteSpeed Cache Plugin for WordPress – Go Well being Professional

Crucial Safety Flaw Present in LiteSpeed Cache Plugin for WordPress – Go Well being Professional

Sep 06, 2024Ravie LakshmananWordPress / Webinar Safety Cybersecurity researchers have found one more crucial safety flaw within the LiteSpeed Cache plugin for WordPress that would permit unauthenticated customers to take management of arbitrary accounts. The vulnerability, tracked as CVE-2024-44000 (CVSS rating: 7.5), impacts variations earlier than and together with 6.4.1. It has been addressed in … Read more

Essential WPML Plugin Flaw Exposes WordPress Websites to Distant Code Execution – Go Well being Professional

Essential WPML Plugin Flaw Exposes WordPress Websites to Distant Code Execution – Go Well being Professional

Aug 28, 2024Ravie LakshmananWordPress Safety / Web site Safety A important safety flaw has been disclosed within the WPML WordPress multilingual plugin that might enable authenticated customers to execute arbitrary code remotely beneath sure circumstances. The vulnerability, tracked as CVE-2024-6386 (CVSS rating: 9.9), impacts all variations of the plugin earlier than 4.6.13, which was launched … Read more

20-year-old {hardware} flaw present in AMD chips – Go Well being Professional

20-year-old {hardware} flaw present in AMD chips – Go Well being Professional

Researchers from IOActive have introduced a decades-old vulnerability in AMD processors on the Def Con safety convention. The workforce of researchers Enrique Nissim and Kryzsztof Okupski stated that the vulnerability might probably enable an attacker to disable essential reminiscence protections within the Ryzen and Epyc CPU strains, probably permitting an admin account to raise into … Read more