The WordPress plugin “Crawlomatic Multipage Scraper Post Generator” was updated on Friday to patch a critical vulnerability that could lead to remote code execution (RCE).The flaw, tracked as CVE-2025-4369, has a CVSS score of 9.8 and affects all versions of Crawlomatic prior to version 2.6.8.2.Crawlomatic is a plugin by CodeRevolution that automatically scrapes websites for … Read more
Jan 09, 2025Ravie LakshmananVulnerability / Endpoint Security Palo Alto Networks has released software patches to address several security flaws in its Expedition migration tool, including a high-severity bug that an authenticated attacker could exploit to access sensitive data. “Multiple vulnerabilities in the Palo Alto Networks Expedition migration tool enable an attacker to read Expedition database … Read more
DrayTek patched 14 vulnerabilities affecting 24 of its router models, including a maximum severity buffer overflow flaw that could lead to remote code execution (RCE) or denial-of-service (DoS). The two critical-, nine high- and three medium-severity DrayTek bugs were discovered by Forescout Research’s Vedere Labs and described in a report titled “DRAY:BREAK” published Thursday. Shodan … Read more
Sep 14, 2024Ravie LakshmananEnterprise Safety / Risk Intelligence Ivanti has revealed {that a} newly patched safety flaw in its Cloud Service Equipment (CSA) has come underneath lively exploitation within the wild. The high-severity vulnerability in query is CVE-2024-8190 (CVSS rating: 7.2), which permits distant code execution underneath sure circumstances. “An OS command injection vulnerability in … Read more