ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Cisco Fixes Actively Exploited Zero-Day CVE-2026-20045 in Unified CM and Webex
Cisco has released fresh patches to address what it described as a "critical" security vulnerability impacting multiple Unified Communications (CM) products and Webex Calling Dedicated Instance that it has been actively
Hackers Targeting Cisco Unified CM Zero-Day
Cisco has released patches for CVE-2026-20045, a critical vulnerability that can be exploited for unauthenticated remote code execution. The post Hackers Targeting Cisco Unified CM Zero-Day appeared first on SecurityWee
Cisco Unified Communications 0-day RCE Vulnerability Exploited in the Wild to Gain Root Access
Cisco has disclosed a critical zero-day remote code execution (RCE) vulnerability, CVE-2026-20045, actively exploited in the wild. Affecting key Unified Communications products, this flaw allows unauthenticated attackers
CVE-2026-24010 - Horilla has HTML Injection Issue that, with Phishing, Leads to Account Takeover
CVE ID : CVE-2026-24010 Published : Jan. 22, 2026, 3:15 a.m. | 20 minutes ago Description : Horilla is a free and open source Human Resource Management System (HRMS). A critical File Upload vulnerability in versions p
Fortinet SSO Vulnerability Actively Exploited to Hack Firewalls and Gain Admin Access
A critical vulnerability in Fortinet’s Single Sign-On (SSO) feature for FortiGate firewalls, tracked as CVE-2025-59718, is under active exploitation. Attackers are leveraging it to create unauthorized local admin account
Cisco fixed actively exploited Unified Communications zero day
Cisco patched a critical zero-day RCE flaw (CVE-2026-20045) in Unified Communications and Webex Calling that is actively exploited in the wild. Cisco patched a critical zero-day remote code execution flaw, tracked as CVE
Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws
Zoom and GitLab have released security updates to resolve a number of security vulnerabilities that could result in denial-of-service (DoS) and remote code execution. The most severe of the lot is a critical security fla
Zoom fixed critical Node Multimedia Routers flaw
Zoom addressed a critical security vulnerability, tracked as CVE-2026-22844, that could result in remote code execution. Cloud-based video conferencing and online collaboration platform Zoom released security updates to
CVE-2021-47846 - Digital Crime Report Management System 1.0 - SQL Injection
CVE ID : CVE-2021-47846 Published : Jan. 21, 2026, 6:16 p.m. | 1 hour, 19 minutes ago Description : Digital Crime Report Management System 1.0 contains a critical SQL injection vulnerability affecting multiple login p
Cisco fixes Unified Communications RCE zero day exploited in attacks
Cisco has fixed a critical Unified Communications and Webex Calling remote code execution vulnerability, tracked as CVE-2026-20045, that has been actively exploited as a zero-day in attacks. [...]
Alleged Ransomware Attack on Apple’s Second-Largest Manufacturer Luxshare – Confidential Data Exposed
A ransomware attack has reportedly exposed confidential internal documents at a major electronics manufacturer. The breach compromises the company’s critical role in Apple’s global supply chain, including AirPods manufac
Multiple GitLab Vulnerabilities Enables 2FA Bypass and DoS Attacks
Critical security patches addressing five vulnerabilities across versions 18.8.2, 18.7.2, and 18.6.4 for both Community Edition (CE) and Enterprise Edition (EE). The patches resolve issues ranging from high-severity auth
LastPass Warns of Fake Maintenance Message Tracking Users to Steal Master Passwords
A critical security alert regarding an active phishing campaign that commenced on January 19, 2026. The malicious actors are impersonating LastPass support staff and sending fraudulent emails claiming urgent vault backup
NVIDIA NSIGHT Graphics for Linux Vulnerability Allows Code Execution Attacks
An urgent security update addressing a critical vulnerability in NSIGHT Graphics for Linux that could allow attackers to execute arbitrary code on affected systems. The flaw, tracked as CVE-2025-33206, has been rated as
Critical Zoom Command Injection Vulnerability Enables Remote Code Execution
A critical command injection vulnerability in Node Multimedia Routers (MMRs) could allow meeting participants to execute arbitrary code on affected systems. The vulnerability, tracked as CVE-2026-22844, carries a CVSS se
Fortinet admins report patched FortiGate firewalls getting hacked
Fortinet customers are seeing attackers exploiting a patch bypass for a previously fixed critical FortiGate authentication vulnerability (CVE-2025-59718) to hack patched firewalls. [...]
Critical GNU InetUtils Vulnerability Allows Unauthenticated Root Access Via “-f root”
A critical remote authentication bypass vulnerability has been disclosed in GNU InetUtils affecting the telnetd server component. The flaw, reported by a security researcher on January 19, 2026, allows unauthenticated at
CVE-2026-24061 - GNU Inetutils telnetd Remote Authentication Bypass Vulnerability
CVE ID : CVE-2026-24061 Published : Jan. 21, 2026, 7:16 a.m. | 18 minutes ago Description : telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment varia
Critical Oracle WebLogic Server Proxy Vulnerability Lets Attackers Compromise the Server
Oracle has disclosed a severe security vulnerability affecting its Fusion Middleware suite, specifically targeting the Oracle HTTP Server and the Oracle WebLogic Server Proxy Plug-in. Assigned CVE-2026-21962, this flaw c
Azure Private Endpoint Deployments Exposes Azure Resources to DoS Attack
A critical architectural flaw in Microsoft Azure’s Private Endpoint implementation that enables denial-of-service (DoS) attacks against production Azure resources. The vulnerability affects over 5% of Azure storage accou