Tag: apache
-
New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution
A new zero-day pre-authentication remote code execution vulnerability has been disclosed in the Apache OFBiz open-source enterprise resource planning … First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/new-zero-day-flaw-in-apache-ofbiz-erp.html
-
Kritische Sicherheitslücke bedroht Unternehmenssoftware Apache OFBiz
First seen on heise.de Jump to article: www.heise.de/news/Kritische-Sicherheitsluecke-bedroht-Unternehmenssoftware-Apache-OFBiz-9824150.html
-
CVE-2024-38856: Pre-Auth RCE Vulnerability in Apache OFBiz
IntroductionOn August 5, 2024, researchers at SonicWall discovered a zero-day security flaw in Apache OFBiz tracked as CVE-2024-38856. The vulnerabili… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/cve-2024-38856-pre-auth-rce-vulnerability-in-apache-ofbiz/
-
Critical Apache OfBiz Vulnerability Allows Preauth RCE
The enterprise resource planning platform bug CVE-2024-38856 has a vulnerability-severity score of 9.8 out of 10 on the CVSS scale and offers a wide a… First seen on darkreading.com Jump to article: www.darkreading.com/application-security/critical-apache-ofbiz-vulnerability-allows-preauth-rce
-
Addressing Tomcat Vulnerabilities in EndLife Ubuntu Systems
Apache Tomcat is a widely used open-source web server and servlet container, but like any software, it is not immune to vulnerabilities. Canonical has… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/addressing-tomcat-vulnerabilities-in-end-of-life-ubuntu-systems/
-
Confusion Attacks Vulnerability In Apache HTTP Server Allow Attackers To Gain Root Access Remotely
The Apache HTTP Server relies on hundreds of independently developed modules to handle client requests, sharing a complex data structure for communica… First seen on gbhackers.com Jump to article: gbhackers.com/confusion-attacks-vulnerability-in-apache-http-server/
-
CISA adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog…. First seen on securityaffairs.com Jump to article: securityaffairs.com/166782/uncategorized/cisa-adds-apache-ofbiz-and-android-kernel-bugs-known-exploited-vulnerabilities-catalog.html
-
CISA warns about actively exploited Apache OFBiz RCE flaw
Tags: apache, attack, cisa, cybersecurity, exploit, flaw, infrastructure, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting A… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-about-actively-exploited-apache-ofbiz-rce-flaw/
-
RCE possible with critical Apache OFBiz zero-day
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/rce-possible-with-critical-apache-ofbiz-zero-day
-
Critical Vulnerability in Apache OFBiz Requires Immediate Patching
First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fla-apache-ofbiz-requires-patching/
-
Researchers warn of a new critical Apache OFBiz flaw
Researchers urge organizations using Apache OFBiz to address a critical bug, following reports of active exploitation of another flaw. Experts urge or… First seen on securityaffairs.com Jump to article: securityaffairs.com/166612/hacking/critical-apache-ofbiz-flaw.html
-
Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856)
CVE-2024-38856, an incorrect authorization vulnerability affecting all but the latest version of Apache OFBiz, may be exploited by remote, unauthentic… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/05/cve-2024-38856/
-
Mirai Botnet Attacking Apache OFBiz Directory Traversal Vulnerability
The notorious Mirai botnet has been observed exploiting a recently disclosed directory traversal vulnerability in Apache OFBiz. This Java-based framew… First seen on gbhackers.com Jump to article: gbhackers.com/apache-ofbiz-directory-traversal-vulnerability/
-
Apache OFBiz Users Warned of New and Exploited Vulnerabilities
Organizations are being warned of a newly discovered Apache OFBiz vulnerability as exploitation of another recent flaw is observed. The post Apache OF… First seen on securityweek.com Jump to article: www.securityweek.com/apache-ofbiz-users-warned-of-new-and-exploited-vulnerabilities/
-
Critical Apache HugeGraph Flaw Under Attack
First seen on duo.com Jump to article: duo.com/decipher/threat-actors-exploiting-critical-apache-hugegraph-flaw
-
Ubuntu Patches Several Apache HTTP Server Vulnerabilities
Several security vulnerabilities were discovered in Apache HTTP server, which could lead to denial of service or exposure of sensitive information. Fo… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/ubuntu-patches-several-apache-http-server-vulnerabilities/
-
Critical Apache HugeGraph Vulnerability Under Attack – Patch ASAP
Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code exe… First seen on thehackernews.com Jump to article: thehackernews.com/2024/07/critical-apache-hugegraph-vulnerability.html
-
Attacks leveraging critical Apache HugeGraph bug underway
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/attacks-leveraging-critical-apache-hugegraph-bug-underway
-
Apache HugeGraph Vulnerability Exploited in Wild
A recently patched Apache HugeGraph-Server vulnerability tracked as CVE-2024-27348 is being targeted in attacks. The post Apache HugeGraph Vulnerabili… First seen on securityweek.com Jump to article: www.securityweek.com/apache-hugegraph-vulnerability-exploited-in-wild/
-
Act Now: Critical Apache HugeGraph Vulnerability Under Attack
A critical security vulnerability, CVE-2024-27348, has been identified in Apache HugeGraph-Server, posing a severe risk to organizations relying on th… First seen on thecyberexpress.com Jump to article: thecyberexpress.com/hugegraph-vulnerability-cve-2024-27348/
-
Apache fixed a source code disclosure flaw in Apache HTTP Server
The Apache Foundation addressed a critical source code disclosure vulnerability, tracked as CVE-2024-39884, in the HTTP Server. The Apache Software Fo… First seen on securityaffairs.com Jump to article: securityaffairs.com/165422/security/apache-source-code-disclosure-flaw-apache-http-server.html
-
POC exploit code published for 9.8-rated Apache HugeGraph RCE flaw
First seen on theregister.com Jump to article: www.theregister.com/2024/06/07/poc_apache_hugegraph/
-
Angriffe laufen Admins sollten HugeGraph aktualisieren – Aktiver Exploit für Apache HugeGraph entdeckt!
First seen on security-insider.de Jump to article: www.security-insider.de/aktiver-exploit-fuer-apache-hugegraph-entdeckt-a-19c1c7ba217fc0ce8cb06ac38960710d/
-
Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks
The distributed denial-of-service (DDoS) botnet known as Muhstik has been observed leveraging a now-patched security flaw impacting Apache RocketMQ to… First seen on thehackernews.com Jump to article: thehackernews.com/2024/06/muhstik-botnet-exploiting-apache.html
-
Jetzt patchen! Exploitcode für kritische Lücke in Apache HugeGraph in Umlauf
Tags: apacheFirst seen on heise.de Jump to article: www.heise.de/news/Jetzt-patchen-Exploitcode-fuer-kritische-Luecke-in-Apache-HugeGraph-in-Umlauf-9751687.html
-
Muhstik Malware Attacking Apache RocketMQ To Execute Remote Code
Apache RocketMQ platform is a widely used messaging system that handles high volumes of data and critical operations, often attracting hackers. Explo… First seen on gbhackers.com Jump to article: gbhackers.com/muhstik-malware-rocketmq-remote-code-execution/
-
Apache RocketMQ targeted for more extensive Muhstik botnet attacks
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/apache-rocketmq-targeted-for-more-extensive-muhstik-botnet-attacks
-
Apache Log4j threat persists in global finance sector
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/apache-log4j-threat-persists-in-global-finance-sector
-
CISA Alert: Urgent Update Needed for Apache Flink Vulnerability
Attention Apache Flink users! The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added an Apache Flink vulnerability to its Kno… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/06/cisa-alert-urgent-update-needed-for-apache-flink-vulnerability/
-
CISA Warns of Actively Exploited Apache Flink Security Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting Apache Flink, the open-source, unified st… First seen on thehackernews.com Jump to article: thehackernews.com/2024/05/cisa-warns-of-actively-exploited-apache.html