The Register on MSN13h
Ivanti endpoint manager can become endpoint ravager, thanks to quartet of critical flaws
According to Hanley, all four flaws can be exploited by an unauthenticated attacker and can be abused "to coerce the Ivanti [Endpoint Manager] machine account credential to be used in relay attacks, ...
SecurityWeek7h
Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers
OPSWAT details two critical vulnerabilities in the Mongoose ODM library for MongoDB leading to remote code execution on the Node.js server.