CSOonline

New critical Apache OFBiz vulnerability patched as older flaw is actively exploited

Researchers discovered a new RCE flaw while analyzing the patch for a different flaw currently targeted by attackers. As the fifth critical flaw this year for the ERP framework, users are urged to ...
Dark Reading

Exploited: CISA Highlights Apache OFBiz Flaw After PoC Emerges

CISA has added a critical security flaw in the Apache OFBiz open source enterprise resource planning (ERP) system to its Known Exploited Vulnerabilities (KEV) catalog. Apache OFBiz is a system that ...
Bleeping Computer

CISA warns about actively exploited Apache OFBiz RCE flaw

The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz. Apache OFBiz (Open For Business) is a ...
Dark Reading

Apache ERP Zero-Day Underscores Dangers of Incomplete Patches

Unknown groups have launched probes against a zero-day vulnerability identified in Apache's OfBiz enterprise resource planning (ERP) framework — an increasingly popular strategy of analyzing patches ...
heise online

CISA warns of attacks on Linux, Apache OFBiz, .NET and Paessler PRTG

The US IT security authority CISA warns of recently observed attacks in the wild on vulnerabilities in Linux, Apache OFBiz, Microsoft's .Net framework and Paessler PRTG. IT managers should therefore ...