Server-side request forgery (SSRF)

In its latest update, the Open Web Application Security Project (OWASP) announced the inclusion of three new categories to its list of top security risks that could put all kindsRead More →

VMware released a critical security alert to address various vulnerabilities found in Workspace ONE Access, VMware Identity Manager (vIDM), vRealize Lifecycle Manager, vRealize Automation, and VMware Cloud Foundation products. AccordingRead More →

A report by cloud security firm Orca Security points to the detection of a set of zero-day vulnerabilities in various Amazon AWS Cloud deployments. The successful exploitation of these errorsRead More →

HCL Digital Experience (DX), a platform for creating and managing web platforms, is affected by multiple vulnerabilities that could lead to remote code execution (RCE) scenarios, the researchers claim. AlthoughRead More →

In a security report, VMware notified its customers of the fix of some server-side request forgery (SSRF) and arbitrary file reading vulnerabilities in vCenter Server. According to the report, theRead More →

Specialists from the security firm Claroty reported the detection of multiple code execution vulnerabilities in various virtual private network (VPN) products dependent on OpenVPN. In total, 4 flaws were detectedRead More →

Cybersecurity specialists reported the finding of two critical vulnerabilities in PHP, a general-purpose programming language specially adapted for web development. According to the report, successful exploitation of these flaws wouldRead More →