The bugs rate 10 out of 10 on the vulnerability-severity scale, thanks to the ease of exploitation.
A new set of vulnerabilities has been discovered affecting millions of routers and IoT and OT devices from more than 150 vendors, new research warns.
The high-severity cross-site scripting flaws could allow remote-code injection on QNAP NAS systems.
VMware has issued a full patch and revised the severity level of the NSA-reported vulnerability to “important.”
The vulnerable version of the app, which has 100 million users, uses easily predictable URLs to link to private content.
A critical path-traversal flaw (CVE-2020-27130) exists in Cisco Security Manager that lays bare sensitive information to remote, unauthenticated attackers.
Browser users are once again being asked to patch severe vulnerabilities that can lead to remote code execution.
The flaw stems from an issue with the ingress packet processing function of Cisco IOS XR software.
Three critical security bugs allow for easy privilege escalation to an administrator role.
The shopping cart application contains a PHP object-injection bug.