Attackers are targeting SAP enterprise applications that have not been updated to address previously-fixed flaws, researchers warn.
From a vulnerability management perspective, it makes sense for defenders to be aware of which vulnerabilities have publicly available exploit code. Increasingly, much of that code is beginning to appear on GitHub.
Citrix has fixed 11 vulnerabilities in its ADC, Gateway, and SD-WAN appliances, some which could allow authenticated access to a target appliance.
A buffer overflow in the memcached tool has been patched after a public disclosure of the details and proof-of-concept exploit code.
A critical flaw in VMware Fusion and Workstation could allow an attacker to run arbitrary code on the host from the guest.