We have a new site. We're building it in the open. Spotted a bug or a UX gremlin? We welcome all feedback: ed@thestack.technology

Content Paint
Search
Sign in
Membership

CVEs

28

Security  | Nov 13, 2024
Top exploited vulnerabilities revealed as CISA warns of growing enterprise zero day threat
Top exploited vulnerabilities revealed as CISA warns of growing enterprise zero day threat

"Routine initial exploitation of zero-day vulnerabilities represents the new normal which should concern end-user organisations and vendors alike."

Security  | Sep 19, 2024
Chinese hackers find critical CVSS 9.8 vCenter Server bug
Patch immediately because there is no workaround for the vulnerabilities (Photo by Markus Spiske on Unsplash)

There is no workaround for the critical CVE, which is one of a pair of bugs which let attackers carry out remote code execution or escalate privileges.

Security  | Sep 09, 2024
New pre-auth RCE in Veeam Backup & Replication at risk of ransomware "abuse"
Veeam vulnerability CVE-2024-40711 is pre-auth RCE and...

No full exploit chain yet but plenty of hints in new breakdown from WatchTowr

Security  | Aug 30, 2024
How to mitigate RansomHub: CISA releases IOCs, CVEs and TTPs of threat actor behind 210 CNI attacks
How to mitigate RansomHub: CISA releases IOCs, CVEs and TTPs of threat actor behind 210 CNI attacks

Ransomware-as-a-service variant formerly known as Cyclops and Knight has "established itself as an efficient and successful service model" and attracted "high-profile affiliates from other prominent variants".

Security  | Aug 16, 2024
Should organisations disable IPv6 to protect against "scary" wormable TCP/IP RCE?
Microsoft's confirmed the RCE bug on Patch Tuesday earlier this week (Image: ChatGPT)

CVE-2024-38063 lets unauthenticated attackers carry out remote code execution by "repeatedly sending IPv6 packets".

Security  | Aug 07, 2024
Ivanti is the Rihanna of CVEs, Qualys' top exploit chart shows
Ivanti is the Rihanna of CVEs, Qualys' top exploit chart shows

Still a hit with hackers after all these months

Security  | Jul 30, 2024
CISA warns of three critical exploited vulnerabilities
CISA warns of three critical exploited vulnerabilities

Vulnerabilities identified in workplace and cybersecurity products offered by ServiceNow and Acronis

Security  | Jul 25, 2024
CISA warns of high-severity vulnerability in once-popular Microsoft product
CISA warns of high-severity vulnerability in once-popular Microsoft product

Security agency adds CVE-2012-4792 to its catalogue of known vulns and warns it can "execute arbitrary code via a crafted web site"

Security  | Jul 16, 2024
Windows 'relics' zombified in Void Banshee zero-day attacks
Windows 'relics' zombified in Void Banshee zero-day attacks

Threat actors use CVE-2024-38112 to bring the remains of Internet Explorer back to life as a 'zombie' hellbent on stealing valuable data.

Interviews, insight, intelligence, and exclusive events for digital leaders.

© 2025 The Stack
©  2025 The Stack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.