Vulnerabilities in virtual private networks (VPN) being exploited
Vulnerabilities affecting three virtual private network (VPN) products are being exploited.26 Sep 2019
Vulnerability and zero-day exploit targeting vBulletin forum software
An exploit has been released publicly for a pre-authentication remote code vulnerability in the popular forum software vBulletin Connect. vBulletin has released a patch to mitigate this issue.09 Aug 2019
'Urgent 11' vulnerabilities in VxWorks operating systems
CERT NZ is aware of critical vulnerabilities in VxWorks operating systems. Reports have stated that over 200 million devices could be affected. VxWorks operating systems are used by various manufacturers in a wide-range of devices including industrial, medical, personal, and enterprise devices.20 Jun 2019
Oracle WebLogic vulnerability being exploited
Researchers have discovered a critical vulnerability in the web services component of Oracle WebLogic Server which is being actively exploited by attackers.
Oracle has released a patch to mitigate this issue.
Exim Mail Transfer Agent (MTA) vulnerability being exploited
Unpatched mail servers using Exim Mail Transfer Agent (MTA) are being compromised by multiple groups to run their own code on the compromised system.15 May 2019
Critical vulnerability in Microsoft remote desktop services
Microsoft has published patches for a critical vulnerability in remote desktop services. The vulnerability affects older versions of Windows.