vulnerabilities

Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers – Go Health Pro

by
Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers – Go Health Pro

Jan 09, 2025Ravie LakshmananVulnerability / Endpoint Security Palo Alto Networks has released software patches to address several security flaws in its Expedition migration tool, including a high-severity bug that an authenticated attacker could exploit to access sensitive data. “Multiple vulnerabilities in the Palo Alto Networks Expedition migration tool enable an attacker to read Expedition database … Read more

CISA adds Mitel and Oracle bugs to exploited vulnerabilities list – Go Health Pro

by
CISA adds Mitel and Oracle bugs to exploited vulnerabilities list – Go Health Pro

The Cybersecurity and Infrastructure Security Agency (CISA) on Jan. 7 added three bugs to its Known Exploited Vulnerabilities (KEV) catalog, two that affected the Mitel MiCollab communications and collaboration platform, and an Oracle WebLogic Server bug from 2020. Of the two Mitel MiCollab bugs, the most serious of the two — CVE-2024-41713 — was assigned … Read more

Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities – Go Health Pro

by
Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities – Go Health Pro

Dec 11, 2024Ravie LakshmananVulnerability / Network Security Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution. The list of vulnerabilities is as follows – CVE-2024-11639 (CVSS score: 10.0) – An authentication bypass vulnerability in the … Read more

ML clients, ‘safe’ model formats exploitable through open-source AI vulnerabilities – Go Health Pro

by
ML clients, ‘safe’ model formats exploitable through open-source AI vulnerabilities – Go Health Pro

Several open-source machine learning (ML) tools contain vulnerabilities that can lead to client-side malicious code execution or path traversal even when loading “safe” model formats, JFrog researchers revealed Wednesday. The four flaws are among 22 total vulnerabilities the JFrog Security Research team have discovered among 15 different ML projects over the past few months. In … Read more

Google’s AI-powered fuzzing tool discovers 26 new vulnerabilities – Go Health Pro

by
Google’s AI-powered fuzzing tool discovers 26 new vulnerabilities – Go Health Pro

Google’s OSS-Fuzz tool, now enhanced with AI capabilities, has discovered 26 new vulnerabilities in open-source projects, including a long-overlooked flaw in the vital OpenSSL library. OSS-Fuzz is a Google-developed fuzzing system that the company has been using to continuously test hundreds of open-source projects since 2016. In August 2023, Google first announced it was working … Read more

x