SAP patches zero day rated 10.0 in NetWeaver – Go Health Pro

SAP patches zero day rated 10.0 in NetWeaver – Go Health Pro

SAP released a patch for a critical 10.0 vulnerability in its NetWeaver Visual Composer product that it observed attackers exploiting, uploading malicious webshells.Security experts expressed concern because many Fortune 500 companies and large government agencies use SAP.In a blog post that originally ran April 22 and was updated April 25, ReliaQuest researchers said the bug … Read more

Firefox patches flaw similar to exploited Chrome zero-day – Go Health Pro

Firefox patches flaw similar to exploited Chrome zero-day – Go Health Pro

Mozilla patched a Firefox browser vulnerability that was discovered after a similar Google Chrome flaw was found to be actively exploited in potential espionage campaigns.The critical flaw, tracked as CVE-2025-2857, could enable an attacker to escape the Firefox browser’s sandbox protection on Windows machines due to an error in the browser’s inter-process communication (IPC) code, … Read more

Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now – Go Health Pro

Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now – Go Health Pro

Feb 12, 2025Ravie LakshmananNetwork Security / Vulnerability Ivanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve arbitrary code execution. The list of vulnerabilities is below – CVE-2024-38657 (CVSS score: 9.1) – External control of a file … Read more

QNAP patches six Rsync bugs that could lead to RCEs on NAS devices – Go Health Pro

QNAP patches six Rsync bugs that could lead to RCEs on NAS devices – Go Health Pro

QNAP on Jan. 23 issued patches for six bugs in the open-source Rsync software that helps manage its popular network-attached storage (NAS) devices that are primarily used for backup and disaster recovery. In its advisory, QNAP said the bugs affect HBS 3 Hybrid Backup Sync 25.1.x NAS devices, and recommended that customers update those systems … Read more

Moxa patches two flaws in its OT devices, one a critical RCE   – Go Health Pro

Moxa patches two flaws in its OT devices, one a critical RCE   – Go Health Pro

Industrial networking device maker Moxa on Jan. 3 released patches for two bugs in its cellular routers, secure routers, and network security appliances, many of which operate in the critical infrastructure sector. One of the bugs — CVE-2024-9140 — was a critical 9.3 flaw that could potentially allow a remote code execution (RCE), posing significant risk … Read more