Red-Team

Critical Authentication Bypass in Apache Student Study Center Desk Management System (CVE-2023-44752)

CVE News

Critical Authentication Bypass in Apache Student Study Center Desk Management System (CVE-2023-44752)

A critical authentication bypass vulnerability (CVE-2023-44752) has been identified in the Apache Student Study Center Desk Management...

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

CVE News

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

A critical vulnerability (CVE-2025-2764) in CarlinKit CPC200-CCPA devices allows network-adjacent attackers to bypass cryptographic signature checks and...

Critical SQL Injection Vulnerability in MuM MapEdit 24.2.3 (CVE-2025-43949)

CVE News

Critical SQL Injection Vulnerability in MuM MapEdit 24.2.3 (CVE-2025-43949)

A critical SQL injection vulnerability (CVE-2025-43949) has been identified in MuM MapEdit version 24.2.3, posing significant risk...

Sonos Era 300 Vulnerability (CVE-2025-1049): Heap-Based Buffer Overflow Enables Remote Code Execution

CVE News

Sonos Era 300 Vulnerability (CVE-2025-1049): Heap-Based Buffer Overflow Enables Remote Code Execution

A critical vulnerability (CVE-2025-1049) affecting Sonos Era 300 speakers has been disclosed, allowing network-adjacent attackers to execute...

TP-Link VN020 F3v(T) Router Vulnerabilities: Remote DoS and RCE Risks

CVE News

TP-Link VN020 F3v(T) Router Vulnerabilities: Remote DoS and RCE Risks

Multiple critical vulnerabilities have been identified in the TP-Link VN020 F3v(T) router running firmware version TT_V6.2.1021, exposing...

Critical Authentication Bypass in Fortinet Products (CVE-2022-40684): Analysis and Mitigation

CVE News

Critical Authentication Bypass in Fortinet Products (CVE-2022-40684): Analysis and Mitigation

A critical authentication bypass vulnerability (CVE-2022-40684) affecting Fortinet’s FortiOS, FortiProxy, and FortiSwitchManager has been actively exploited since...

Garage Management System 1.0 Stored XSS Vulnerability (CVE-2022-41358): Analysis and Mitigation

CVE News

Garage Management System 1.0 Stored XSS Vulnerability (CVE-2022-41358): Analysis and Mitigation

A stored cross-site scripting (XSS) vulnerability has been identified in Garage Management System 1.0, specifically affecting the...

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

CVE News

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

A critical remote code execution vulnerability has been identified in Dell EMC’s Integrated Dell Remote Access Controller...

compop.ca 3.5.3 Arbitrary Code Execution Vulnerability (CVE-2024-48445)

CVE News

compop.ca 3.5.3 Arbitrary Code Execution Vulnerability (CVE-2024-48445)

A critical vulnerability in compop.ca version 3.5.3 has been disclosed, allowing arbitrary code execution due to an...

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

CVE News

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

A critical Remote Code Execution (RCE) vulnerability has been identified in ASUS ASMB8 iKVM firmware versions ≤1.14.51,...

WebMethods Integration Server 10.15.0 Vulnerability: Unauthenticated Access to Admin Panel (CVE-2024-23733)

CVE News

WebMethods Integration Server 10.15.0 Vulnerability: Unauthenticated Access to Admin Panel (CVE-2024-23733)

A critical vulnerability in Software AG’s webMethods Integration Server 10.15.0 allows unauthenticated attackers to bypass authentication and...

NagVis 1.9.33 Arbitrary File Read Vulnerability (CVE-2022-46945): Analysis and Mitigation

CVE News

NagVis 1.9.33 Arbitrary File Read Vulnerability (CVE-2022-46945): Analysis and Mitigation

A critical vulnerability in NagVis 1.9.33, tracked as CVE-2022-46945, allows unauthenticated attackers to read arbitrary files via...

Unauthenticated XSS Vulnerability in ABB Cylon Aspect 4.00.00

CVE News

Unauthenticated XSS Vulnerability in ABB Cylon Aspect 4.00.00

A critical unauthenticated Cross-Site Scripting (XSS) vulnerability has been identified in ABB Cylon Aspect firmware version 4.00.00,...

KiviCare Clinic & Patient Management System (EHR) 3.6.4 SQL Injection Vulnerability (CVE-2024-11728)

CVE News

KiviCare Clinic & Patient Management System (EHR) 3.6.4 SQL Injection Vulnerability (CVE-2024-11728)

A critical unauthenticated SQL injection vulnerability (CVE-2024-11728) has been identified in KiviCare Clinic & Patient Management System...

Ripple’s xrpl.js NPM Package Compromised in Supply Chain Attack Targeting XRP Wallets

CVE News

Ripple’s xrpl.js NPM Package Compromised in Supply Chain Attack Targeting XRP Wallets

A critical supply chain attack has compromised Ripple’s official xrpl.js NPM package, injecting malicious code designed to...

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

CVE News

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

A recently disclosed vulnerability in the code-projects Online Exam Mastering System 1.0 exposes users to reflected Cross-Site...

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

CVE News

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

A recent security audit has revealed critical vulnerabilities in Moodle, the widely adopted open-source learning management system...

Analysis of Google Cloud Composer Privilege Escalation Vulnerability (ConfusedComposer)

CVE News

Analysis of Google Cloud Composer Privilege Escalation Vulnerability (ConfusedComposer)

A recently patched high-severity vulnerability in Google Cloud Platform’s Cloud Composer service, dubbed ConfusedComposer, could have allowed...

2025 DBIR Analysis: Edge Device Vulnerabilities and Remediation Trends

CVE News

2025 DBIR Analysis: Edge Device Vulnerabilities and Remediation Trends

The 2025 Verizon Data Breach Investigations Report (DBIR) highlights a concerning 34% year-over-year increase in vulnerability exploitation,...

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

CVE News

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

A critical zero-day remote code execution (RCE) vulnerability in Active! Mail, a widely used Japanese webmail client,...

Posts pagination

1 2 3 4 … 9 Next

Red-Team

Critical Authentication Bypass in Apache Student Study Center Desk Management System (CVE-2023-44752)

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

Critical SQL Injection Vulnerability in MuM MapEdit 24.2.3 (CVE-2025-43949)

Sonos Era 300 Vulnerability (CVE-2025-1049): Heap-Based Buffer Overflow Enables Remote Code Execution

TP-Link VN020 F3v(T) Router Vulnerabilities: Remote DoS and RCE Risks

Critical Authentication Bypass in Fortinet Products (CVE-2022-40684): Analysis and Mitigation

Garage Management System 1.0 Stored XSS Vulnerability (CVE-2022-41358): Analysis and Mitigation

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

compop.ca 3.5.3 Arbitrary Code Execution Vulnerability (CVE-2024-48445)

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

WebMethods Integration Server 10.15.0 Vulnerability: Unauthenticated Access to Admin Panel (CVE-2024-23733)

NagVis 1.9.33 Arbitrary File Read Vulnerability (CVE-2022-46945): Analysis and Mitigation

Unauthenticated XSS Vulnerability in ABB Cylon Aspect 4.00.00

KiviCare Clinic & Patient Management System (EHR) 3.6.4 SQL Injection Vulnerability (CVE-2024-11728)

Ripple’s xrpl.js NPM Package Compromised in Supply Chain Attack Targeting XRP Wallets

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

2025 DBIR Analysis: Edge Device Vulnerabilities and Remediation Trends

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

You may have missed

Selecting the Right University for a Cybersecurity Career: A Practical Guide

CyberArk’s Identity Security Solution for AI Agents: Technical Analysis

Critical Authentication Bypass in Apache Student Study Center Desk Management System (CVE-2023-44752)

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution