A critical unauthenticated remote code execution (RCE) vulnerability in OpenSSH, identified as CVE-2024-6387 and dubbed "regreSSHion" has been discovered, which allows attackers to gain root privileges on glibc-based Linux systems.

Veeam has notified one of our units about the vulnerabilities in their Backup Enterprise Manager product listed below. The worst of them, CVE-2024-29849, allows an attacker to log in to the web interface as any user.

On March 8, QNAP published a security bulletin disclosing three security flaws in its NAS software products. Exploitation of these vulnerabilities can lead to an authentication bypass, command injection and SQL injection.