Vulnerability

Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure – Go Health Pro

by
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure – Go Health Pro

Mar 17, 2025Ravie LakshmananVulnerability / Web Security A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a public proof-of-concept (PoC) a mere 30 hours after public disclosure. The vulnerability, tracked as CVE-2025-24813, affects the below versions – Apache Tomcat 11.0.0-M1 to 11.0.2 Apache Tomcat … Read more

Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution – Go Health Pro

by
Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution – Go Health Pro

Mar 06, 2025Ravie LakshmananData Security / Software Security Elastic has rolled out security updates to address a critical security flaw impacting the Kibana data visualization dashboard software for Elasticsearch that could result in arbitrary code execution. The vulnerability, tracked as CVE-2025-25012, carries a CVSS score of 9.9 out of a maximum of 10.0. It has … Read more

Palo Alto Networks warns of another firewall vulnerability under attack by hackers – Go Health Pro

by
Palo Alto Networks warns of another firewall vulnerability under attack by hackers – Go Health Pro

U.S. cybersecurity giant Palo Alto Networks has warned that hackers are exploiting another vulnerability in its firewall software to break into unpatched customer networks. Attackers are exploiting a recently disclosed vulnerability in PAN-OS, the operating system that runs Palo Alto Networks firewalls, the California-based company confirmed on Tuesday. Cybersecurity firm Assetnote discovered the vulnerability, tracked … Read more

Researchers detail unauthenticated bypass via Apple USB vulnerability – Go Health Pro

by
Researchers detail unauthenticated bypass via Apple USB vulnerability – Go Health Pro

Security researchers provided a deep-dive into a high-profile vulnerability in Apple’s iOS.Designated CVE-2025-24200, the vulnerability is classified as an authentication bypass flaw related to the way iOS devices interact with USB connections. The flaw was made public with the release of iOS 18.3.1, which resolves the issue.Credit for discovery of the vulnerability was given to … Read more

Microsoft fixes CVSS 9.9 vulnerability in Azure AI Face service – Go Health Pro

by
Microsoft fixes CVSS 9.9 vulnerability in Azure AI Face service – Go Health Pro

Microsoft has fixed a critical vulnerability in its Azure AI Face service deemed worthy of a CVSS score of 9.9 potentially leading to elevation of privileges over a network. Azure AI Face is a cloud-based facial recognition service that is capable of detecting, analyzing and recognizing human faces. The service can be used by developers … Read more