CSO Online

HPE OneView vulnerable to remote code execution attack

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.
The Hacker News

CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution

Singapore’s CSA warns of a CVSS 10.0 SmarterMail vulnerability allowing unauthenticated remote code execution via file upload ...
SecurityWeek

HPE Patches Critical Flaw in IT Infrastructure Management Software

HPE has released patches for a critical-severity OneView vulnerability that could lead to unauthenticated remote code ...
The Register on MSN

WatchGuard sounds alarm as critical Firebox flaw comes under active attack

Newly disclosed vulnerability already being abused, users urged to lock down exposed firewalls WatchGuard is in emergency ...

HPE warns of maximum severity RCE flaw in OneView software

Hewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE OneView software that enables ...
The Register on MSN

Half of exposed React servers remain unpatched amid active exploitation

Wiz says React2Shell attacks accelerating, ranging from cryptominers to state-linked crews Half of the internet-facing systems vulnerable to a fast-moving React remote code execution flaw remain ...

Cyata flags agentic AI supply-chain risk in Cursor remote code execution bug

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a critical remote code ...
CSOonline

Cisco fixes critical flaws in Unified Contact Center Express

Vulnerabilities in the contact center solution can result in authentication bypass and remote code execution. The networking company also warned of new attacks on previously patched firewall products.