Content Paint
Search
Sign in

vulnerabilities

vulnerabilities  | Jul 11, 2024
Trio of unauthenticated ServiceNow vulnerabilities exposed 42,000
Trio of unauthenticated ServiceNow vulnerabilities exposed 42,000

CVE-2024-4879 (CVSS 9.8) lets “an unauthenticated user remotely execute code” -- ServiceNow swiftly pushed fix to hosted instances but those self-hosting must...

vulnerabilities  | Jul 08, 2024
Fake OpenSSH "exploit" is a real exploit. Just not the one you thought.
Fake OpenSSH "exploit" is a real exploit. Just not the one you thought.

Cisco says 42 products confirmed exposed to CVE-2024-6387 -- but OpenSSH exploit is malicious: Beware bogus POCs says Kaspersky

OpenSSH  | Jul 01, 2024
Pre-auth RCE to root in OpenSSH server: 700,000 instances exposed
OpenSSH vulnerability CVE-2024-6387

RHEL 9 affected, Debian, Ubuntu, SUSE push fixes

Cybersecurity  | Jun 26, 2024
Feds to CIOs: Actively ask your vendors if they’ve done a SQLi audit...
Feds to CIOs: Actively ask your vendors if they’ve done a SQLi audit...

Fix up, look sharp: Uncle Sam is running out of patience with tech firms shipping insecure software. Vendors? Get familiar with the phrase "query parameterization"...

vulnerabilities  | Jun 18, 2024
How the NVD backlog highlights the need for context in vulnerability management
How the NVD backlog highlights the need for context in vulnerability management

"A Vulnerability Operations Centre (VOC) approach can work wonders here..."

vulnerabilities  | Jun 17, 2024
Microsoft updates mitigation for critical “wormable” bug
Microsoft updates mitigation for critical “wormable” bug

256,000 devices believed publicly exposed. But are MSMQ bugs really attacked in the wild?

Fortinet  | Jun 11, 2024
20,000 Fortinet devices breached by Chinese hackers – reboots, firmware updates no defence
20,000 Fortinet devices breached by Chinese hackers – reboots, firmware updates no defence

"It is important that organizations practice the ‘assume breach’ principle..." YARA rules, hashes etc. available for defenders.

SolarWinds  | Jun 11, 2024
“Trivially exploitable” bug in SolarWinds file server needs prompt fixing
“Trivially exploitable” bug in SolarWinds file server needs prompt fixing

“CVE-2024-28995 is not known to be exploited in the wild as of 9 AM ET on June 11. We expect this to change."

vulnerabilities  | May 30, 2024
Check Point vulnerability far worse than thought – exploited in wild since April
Check Point vulnerability CVE-2024-24919

106,000 customers publicly exposed, initial searches suggest.

Interviews, Insight, Intelligence for Hungry Folks

© 2025 The Snack
©  2025 The Snack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.