GitLab released security updates for Community Edition (CE) and Enterprise Edition (EE), fixing nine vulnerabilities, among which two critical severity ruby-saml library authentication bypass flaws.

There’s proof-of-concept code out for the near-maximum critical – rated at 9.8 – authentication bypass bug, but Cisco hasn’t seen any malicious exploit yet. Cisco has patched a near-max critical bug ...

Arctic Wolf says last week’s revelation of authentication holes is leading to attacks on unpatched Fortinet devices.

Cisco has posted a package of 17 critical security warnings about authentication vulnerabilities in its Unified Computing System that could let attackers break into systems or cause denial of service ...

Since April 3, CISA has published warnings about seven known exploited vulnerabilities, adding them to the Known Exploited Vulnerabilities Catalog, ordering federal agencies to remediate the ...

Today, Ivanti warned customers about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. The security flaw (tracked as CVE-2024-11639 and ...

In the past week, CISA has published alerts on seven known exploited vulnerabilities, adding them to the Known Exploited Vulnerabilities Catalog and ordering federal agencies to remediate the ...

SonicWall is warning customers of a severe vulnerability in its SonicOS SSLVPN with high exploitability that remote attackers could use to bypass authentication. The bug is an improper authentication ...

Vulnerability—for which a proof-of-concept is forthcoming—is one of a string of flaws the company fixed that could lead to an attack chain. VMware and experts alike are urging users to patch multiple ...