Adobe patches seven max severity ColdFusion, Campaign flaws
Adobe has released security patches for seven maximum-severity vulnerabilities in the ColdFusion web app development platform and the Campaign Classic marketing automation platform. [...]
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Adobe has released security patches for seven maximum-severity vulnerabilities in the ColdFusion web app development platform and the Campaign Classic marketing automation platform. [...]
A five-step flaw chain in the popular automation service, now patched, could have let a single attacker act as any signed-in user across thousands of connected apps. The post Zapier fixes bug chain that researchers say risked widespread account takeover appeared first on CyberScoop.
Progress Software has released updates to address two security flaws in MOVEit Automation, including a critical bug that could result in an authentication bypass
Progress Software warned customers to patch a critical authentication bypass vulnerability in its MOVEit Automation enterprise-grade managed file transfer (MFT) application. [...]
Cybersecurity researchers have disclosed details of two now-patched security flaws in the n8n workflow automation platform, including two critical bugs that could result in arbitrary command execution
Patch meant to close a severe expression bug fails to stop attackers with workflow access Multiple newly disclosed bugs in the popular workflow automation tool n8n could allow attackers to hijack servers, steal credentials, and quietly disrupt AI-driven business processes.…
Cisco Fixes ISE Bug; HPE OneView Under Fire; Exploit Code Drops for n8n FlawThe new year is off to a fresh start on the vulnerability and exploit alert front: Cisco has patched a critical Identity Services Engine; cybersecurity officials warn that an HPE OneView vulnerability is being actively exploited; and proof-of-concept exploits drop for n8n automation software.
Grafana has released security updates to address a maximum severity security flaw that could allow privilege escalation or user impersonation under certain configurations
The maintainers of the open-source continuous integration/continuous delivery and deployment (CI/CD) automation software Jenkins have resolved nine security flaws, including a critical bug that, if successfully exploited, could result in remote code execution (RCE)
CODESYS has released patches to address as many as 11 security flaws that, if successfully exploited, could result in information disclosure and a denial-of-service (DoS) condition, among others. "These vulnerabilities are simple to exploit, and they can be successfully exploited to cause consequences such as sensitive information leakage, PLCs entering a severe fault state, and arbitrary code
VMware has issued patches to contain two security flaws impacting Workspace ONE Access, Identity Manager, and vRealize Automation that could be exploited to backdoor enterprise networks