Adobe patches Acrobat bug, neglects to mention whole zero-day, exploit thing

September 12, 2024 at 02:38PM Adobe’s patch for a remote code execution bug in Acrobat downplays the severity of a vulnerability, failing to mention it is considered a zero-day with a proof-of-concept exploit. Despite a CVSS base score of 7.8, a warning highlights its critical nature. Adobe has confirmed the need for a secondary fix. … Read more

Details of Atlassian Confluence RCE Vulnerability Disclosed

June 4, 2024 at 10:15AM A high-severity vulnerability, tracked as CVE-2024-21683, allows remote code execution in Atlassian Confluence Data Center and Server. Identified by SonicWall, the flaw requires user privileges to add and upload a malicious language file. Atlassian has released patches, yet threat actors could still target this and other known vulnerabilities. Key takeaways … Read more

F5 hurriedly squashes BIG-IP remote code execution bug

October 27, 2023 at 01:39PM F5 has released a fix for a critical remote code execution (RCE) vulnerability in its BIG-IP suite, marked with a severity score of 9.8 out of 10. The vulnerability, tracked as CVE-2023-46747, could allow attackers to compromise the system. F5 has advised users to upgrade affected versions to the latest … Read more