Archive

SAP Fixes Three High-Severity Flaws

The most severe flaw stems from password requirements not being checked in some features of SAP’s NetWeaver Java User Management Engine.

Ivanti Patches Critical RCE Standalone Sentry Flaw

At the time of disclosure, Ivanti said it is not currently aware of the flaw being exploited.

QNAP Fixes Critical Flaws Impacting NAS Devices

QNAP is warning of three new vulnerabilities in QTS, QuTS hero, QuTScloud and myQNAPcloud.

JetBrains Fixes TeamCity Authentication Bypass Flaws

The flaws, which exist in all TeamCity on-premises versions through 2023.11.3, have been fixed in version 2023.11.4.

Exploit Code Released For Fortra GoAnywhere MFT Flaw

The flaw (CVE-2024-0204) could enable remote, unauthenticated attackers to bypass authentication in order to create new users.