Researchers warn of a new critical vulnerability in Apache OFBiz, an open-source enterprise resource planning (ERP) system and framework. The flaw potentially allows for remote code execution (RCE) without authentication and was patched shortly after news that another vulnerability fixed back in May is being exploited in the wild. The new vulnerability, tracked as CVE-2024-38856, […]
Category Archives: Open Source, Vulnerabilities
Auto Added by WPeMatico
Open source containerization platform Docker has urged users to patch a critical vulnerability affecting certain versions of the Docker Engine that allows privilege escalation using specially crafted API requests. Tagged as CVE-2024-41110, the vulnerability was first discovered in 2018 and was assigned a CVSS score of 10/10. Although the flaw was fixed by Docker shortly, […]