Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.

A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept (PoC) exploits.

Critical Apache OFBiz Vulnerability Allows Preauth RCE The enterprise resource planning platform bug CVE-2024-38856 has a vulnerability-severity score of 9.8 out of 10 on the CVSS scale and offers ...

Organizations utilizing Apache OFBiz have been warned to promptly address a critical vulnerability due to escalating exploitation attempts targeting a recently identified security flaw. Tracked as CVE ...

An updated version of the ERP software Apache OfBiz closes security leaks that allow the execution of malicious code.

Criminals are targeting and actively attacking vulnerabilities in the Android kernel, Apache OfBiz and Progress WhatsUp. IT managers should quickly apply updates where they are available.

Credit: Gorodenkoff / Shutterstock Researchers warn of a new critical vulnerability in Apache OFBiz, an open-source enterprise resource planning (ERP) system and framework.

Apache fixed a vulnerability in its OfBiz enterprise resource planning (ERP) framework last month, but attackers and researchers found a way around the patch.

The OFBiz project includes many functions well-known to fans of such open source companies as SugarCRM, Compiere, and Magento.