HAWKEYE
CISA Warning: CVE-2024-38856 Apache OFBiz RCE Vulnerability under active exploitation
Background A pre-authentication vulnerability in Apache OFBiz can result in remote code execution. With a CVSS score of 9.8, the […]
The post CISA Warning: CVE-2024-38856 Apache OFBiz RCE Vulnerability under active exploitation appeared first on HawkEye.
CISA Warning: CVE-2024-38856 Apache OFBiz RCE Vulnerability under active exploitation
CVE-2024-6800: A critical authentication bypass vulnerability affects the GitHub Enterprise Server
Background Concerns have been raised by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) over the potential exploitation of a […]
The post CVE-2024-6800: A critical authentication bypass vulnerability affects the GitHub Enterprise Server appeared first on HawkEye.
CVE-2024-6800: A critical authentication bypass vulnerability affects the GitHub Enterprise Server
CVE-2024-40766: Critical SonicWall Firewall Vulnerability
Background SonicWall has released a patch to address a severe vulnerability discovered in certain SonicOS-based firewall devices. The vulnerability, CVE-2024-40766 […]
The post CVE-2024-40766: Critical SonicWall Firewall Vulnerability appeared first on HawkEye.
CVE-2024-40766: Critical SonicWall Firewall Vulnerability
CISA Warning: SolarWinds’ RCE Vulnerability Being Exploited
Background Concerns have been raised by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) over the potential exploitation of a […]
The post CISA Warning: SolarWinds’ RCE Vulnerability Being Exploited appeared first on HawkEye.
CISA Warning: SolarWinds’ RCE Vulnerability Being Exploited
August 2024 – Microsoft Patch Tuesday Highlights
Background Microsoft’s August 2024 Patch Tuesday release includes security patches for 85 vulnerabilities. These are six actively exploited zero-day vulnerabilities […]
The post August 2024 – Microsoft Patch Tuesday Highlights appeared first on HawkEye.
August 2024 – Microsoft Patch Tuesday Highlights
CVE-2024-37085: VMware ESXi Hypervisor Vulnerability Exploited by Ransomware Groups
Background On Monday, July 29, Microsoft issued a comprehensive threat intelligence blog detailing the observed exploitation of CVE-2024-37085, an Active […]
The post CVE-2024-37085: VMware ESXi Hypervisor Vulnerability Exploited by Ransomware Groups appeared first on HawkEye.
CVE-2024-37085: VMware ESXi Hypervisor Vulnerability Exploited by Ransomware Groups
Active exploitation of the ServiceNow RCE
Background ServiceNow provides a platform for corporate transformation. ServiceNow can be used for various purposes, including HR and employee administration, […]
The post Active exploitation of the ServiceNow RCE appeared first on HawkEye.
Active exploitation of the ServiceNow RCE
CVE-2024-41110: Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins
Background Docker released an advisory on July 23, 2024, addressing a vulnerability in the authorization plugins (AuthZ) used to control […]
The post CVE-2024-41110: Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins appeared first on HawkEye.