Aggregator

CVE-2024-6107 | Canonical MAAS up to 3.1.3/3.2.10/3.3.7/3.4.3/3.5.0 RPC Command improper authentication (EUVD-2024-54803)

VulDB Recent Entries
6 months 4 weeks ago
A vulnerability was found in Canonical MAAS up to 3.1.3/3.2.10/3.3.7/3.4.3/3.5.0 and classified as critical. This issue affects some unknown processing of the component RPC Command Handler. The manipulation leads to improper authentication. The identification of this vulnerability is CVE-2024-6107. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-4049 | Signum FARA up to 5.0.80.34 SQLite Database hard-coded credentials (EUVD-2025-22066)

VulDB Recent Entries
6 months 4 weeks ago
A vulnerability, which was classified as critical, has been found in Signum FARA up to 5.0.80.34. Affected by this issue is some unknown functionality of the component SQLite Database. The manipulation leads to hard-coded credentials. This vulnerability is handled as CVE-2025-4049. The attack needs to be approached locally. There is no exploit available.
vuldb.com

HPE Warns of Aruba Hardcoded Credentials Allowing Attackers to Bypass Device Authentication

Cyber Security News
6 months 4 weeks ago

A critical vulnerability in Hewlett Packard Enterprise (HPE) Aruba Networking Instant On Access Points could allow attackers to bypass device authentication mechanisms completely.  The vulnerability, tracked as CVE-2025-37103, stems from hardcoded login credentials embedded within the devices’ software, presenting a severe security risk with a maximum CVSS score of 9.8.  Key Takeaways1. HPE Aruba Access […]

The post HPE Warns of Aruba Hardcoded Credentials Allowing Attackers to Bypass Device Authentication appeared first on Cyber Security News.

Guru Baran

Microsoft AppLocker Flaw Lets Malicious Apps Bypass Security Restrictions

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
6 months 4 weeks ago

Security researchers at Varonis Threat Labs have identified a subtle but significant vulnerability in Microsoft’s AppLocker security feature that could allow malicious applications to bypass established security restrictions. While not classified as a critical vulnerability, the discovery highlights important gaps in enterprise security configurations that organizations should address. AppLocker serves as Microsoft’s enterprise-grade application control […]

The post Microsoft AppLocker Flaw Lets Malicious Apps Bypass Security Restrictions appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Livewire Flaw Puts Millions of Laravel Apps at Risk of RCE Attacks

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
6 months 4 weeks ago

A critical vulnerability discovered in Livewire, a popular full-stack framework for Laravel applications, exposes millions of web properties to unauthenticated remote command execution attacks. Tracked as CVE-2025-54068, the flaw resides in Livewire versions from 3.0.0-beta.1 up to 3.6.3 and stems from the way certain component property updates are hydrated, allowing an attacker to inject and […]

The post Livewire Flaw Puts Millions of Laravel Apps at Risk of RCE Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Managed ad