CVE News

Soffid Console Java Deserialization Vulnerability (CVE-2025-32408): Technical Analysis and Mitigation

CVE News

Soffid Console Java Deserialization Vulnerability (CVE-2025-32408): Technical Analysis and Mitigation

A newly disclosed vulnerability in Soffid Console (CVE-2025-32408) exposes systems to remote code execution through insecure Java...

Think Router Tk-Rt-Wr135G Authentication Bypass Vulnerability (CVE-2024-55211) Analysis

CVE News

Think Router Tk-Rt-Wr135G Authentication Bypass Vulnerability (CVE-2024-55211) Analysis

A critical authentication bypass vulnerability (CVE-2024-55211) has been identified in Think Router’s Tk-Rt-Wr135G wireless router, posing significant...

Critical SQL Injection Vulnerability in Dietiqa App (CVE-2025-28009): Technical Analysis and Mitigation

CVE News

Critical SQL Injection Vulnerability in Dietiqa App (CVE-2025-28009): Technical Analysis and Mitigation

A critical SQL injection vulnerability (CVE-2025-28009) has been identified in Dietiqa App version 1.0.20, posing significant risks...

CVE-2025-42599: Critical Stack-Based Buffer Overflow in Active! Mail Threatens Remote Code Execution

CVE News

CVE-2025-42599: Critical Stack-Based Buffer Overflow in Active! Mail Threatens Remote Code Execution

A critical vulnerability (CVE-2025-42599) has been identified in Active! Mail 6, exposing systems to remote code execution...

Critical SQL Injection Vulnerability in Pantherius Modal Survey Plugin (CVE-2025-39471)

CVE News

Critical SQL Injection Vulnerability in Pantherius Modal Survey Plugin (CVE-2025-39471)

A critical SQL injection vulnerability (CVE-2025-39471) has been identified in the Pantherius Modal Survey plugin for WordPress,...

Tenda AC15 Router Vulnerability (CVE-2025-3786): Remote Buffer Overflow Exploit Analysis

CVE News

Tenda AC15 Router Vulnerability (CVE-2025-3786): Remote Buffer Overflow Exploit Analysis

A critical buffer overflow vulnerability (CVE-2025-3786) has been identified in Tenda AC15 routers, affecting firmware versions up...

Critical Authentication Bypass in Seclore v3.27.5.0 (CVE-2024-53591)

CVE News

Critical Authentication Bypass in Seclore v3.27.5.0 (CVE-2024-53591)

A critical vulnerability (CVE-2024-53591) has been identified in Seclore v3.27.5.0 that allows attackers to bypass authentication through...

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

CVE News

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

A critical vulnerability (CVE-2025-1093) has been identified in the AIHub WordPress theme, allowing unauthenticated attackers to upload...

GoBGP Zero-Value Software Version Len Panic Vulnerability (CVE-2025-43971): Analysis and Mitigation

CVE News

GoBGP Zero-Value Software Version Len Panic Vulnerability (CVE-2025-43971): Analysis and Mitigation

A critical vulnerability (CVE-2025-43971) affecting GoBGP versions prior to 3.35.0 was disclosed on April 21, 2025. The...

Critical Buffer Overflow Vulnerability in Tenda W12 and i24 Routers (CVE-2025-3820)

CVE News

Critical Buffer Overflow Vulnerability in Tenda W12 and i24 Routers (CVE-2025-3820)

A newly disclosed critical vulnerability (CVE-2025-3820) affecting Tenda W12 and i24 routers allows remote attackers to execute...

Funding Crisis Averted for CVE Program: What Security Professionals Need to Know

CVE News

Funding Crisis Averted for CVE Program: What Security Professionals Need to Know

A critical cybersecurity resource—the Common Vulnerabilities and Exposures (CVE) program—faced imminent shutdown due to expired U.S. government...

Cisco Webex Vulnerability (CVE-2025-20236) Enables Remote Code Execution via Malicious Links

CVE News

Cisco Webex Vulnerability (CVE-2025-20236) Enables Remote Code Execution via Malicious Links

Cisco has issued patches for a high-severity vulnerability (CVE-2025-20236) in its Webex software that allows unauthenticated attackers...

SonicWall SMA VPN Exploitation: Active Attacks Since January 2025

CVE News

SonicWall SMA VPN Exploitation: Active Attacks Since January 2025

Cybersecurity firm Arctic Wolf has confirmed that a remote code execution (RCE) vulnerability in SonicWall Secure Mobile...

Critical Erlang/OTP SSH Vulnerability (CVE-2025-32433): Exploits Publicly Available, Patch Urgently

CVE News

Critical Erlang/OTP SSH Vulnerability (CVE-2025-32433): Exploits Publicly Available, Patch Urgently

A critical remote code execution (RCE) vulnerability in Erlang/OTP’s SSH implementation (CVE-2025-32433) now has publicly available exploits,...

Verizon Call Filter App Vulnerability Exposes Millions of Call Logs

CVE News

Verizon Call Filter App Vulnerability Exposes Millions of Call Logs

A recently patched vulnerability in Verizon’s Call Filter iOS app allowed unauthorized access to call metadata for...

CVE-2025-31911: Critical SQL Injection Vulnerability in WordPress Social Share And Social Locker Plugin

CVE News

CVE-2025-31911: Critical SQL Injection Vulnerability in WordPress Social Share And Social Locker Plugin

A critical SQL injection vulnerability (CVE-2025-31911) has been identified in the WordPress plugin “Social Share And Social...

Tenda AC10 Router Vulnerability (CVE-2025-3161): Remote Stack-Based Buffer Overflow Exploit

CVE News

Tenda AC10 Router Vulnerability (CVE-2025-3161): Remote Stack-Based Buffer Overflow Exploit

A critical stack-based buffer overflow vulnerability (CVE-2025-3161) has been identified in Tenda AC10 routers running firmware version...

Dell PowerProtect Data Domain Vulnerability (CVE-2025-29987): Root Access Exploit Analysis

CVE News

Dell PowerProtect Data Domain Vulnerability (CVE-2025-29987): Root Access Exploit Analysis

A critical vulnerability (CVE-2025-29987) in Dell PowerProtect Data Domain systems running Data Domain Operating System (DD OS)...

Verizon Call Filter API Vulnerability Exposed Customer Call Logs via Unsecured Endpoint

CVE News

Verizon Call Filter API Vulnerability Exposed Customer Call Logs via Unsecured Endpoint

A security flaw in Verizon’s Call Filter API allowed unauthorized access to customers’ incoming call histories due...

Ivanti Connect Secure Zero-Day Exploited by China-Linked APT Since Mid-March 2025

CVE News

Ivanti Connect Secure Zero-Day Exploited by China-Linked APT Since Mid-March 2025

Ivanti has released critical patches for two zero-day vulnerabilities (CVE-2025-22457 and CVE-2025-0282) in its Connect Secure (ICS),...

Posts pagination

1 2 3 4 5 Next

CVE News

Soffid Console Java Deserialization Vulnerability (CVE-2025-32408): Technical Analysis and Mitigation

Think Router Tk-Rt-Wr135G Authentication Bypass Vulnerability (CVE-2024-55211) Analysis

Critical SQL Injection Vulnerability in Dietiqa App (CVE-2025-28009): Technical Analysis and Mitigation

CVE-2025-42599: Critical Stack-Based Buffer Overflow in Active! Mail Threatens Remote Code Execution

Critical SQL Injection Vulnerability in Pantherius Modal Survey Plugin (CVE-2025-39471)

Tenda AC15 Router Vulnerability (CVE-2025-3786): Remote Buffer Overflow Exploit Analysis

Critical Authentication Bypass in Seclore v3.27.5.0 (CVE-2024-53591)

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

GoBGP Zero-Value Software Version Len Panic Vulnerability (CVE-2025-43971): Analysis and Mitigation

Critical Buffer Overflow Vulnerability in Tenda W12 and i24 Routers (CVE-2025-3820)

Funding Crisis Averted for CVE Program: What Security Professionals Need to Know

Cisco Webex Vulnerability (CVE-2025-20236) Enables Remote Code Execution via Malicious Links

SonicWall SMA VPN Exploitation: Active Attacks Since January 2025

Critical Erlang/OTP SSH Vulnerability (CVE-2025-32433): Exploits Publicly Available, Patch Urgently

Verizon Call Filter App Vulnerability Exposes Millions of Call Logs

CVE-2025-31911: Critical SQL Injection Vulnerability in WordPress Social Share And Social Locker Plugin

Tenda AC10 Router Vulnerability (CVE-2025-3161): Remote Stack-Based Buffer Overflow Exploit

Dell PowerProtect Data Domain Vulnerability (CVE-2025-29987): Root Access Exploit Analysis

Verizon Call Filter API Vulnerability Exposed Customer Call Logs via Unsecured Endpoint

Ivanti Connect Secure Zero-Day Exploited by China-Linked APT Since Mid-March 2025

You may have missed

Soffid Console Java Deserialization Vulnerability (CVE-2025-32408): Technical Analysis and Mitigation

State-Sponsored Hackers Adopt ClickFix Social Engineering for Global Cyber Espionage

Google OAuth and DKIM Replay Attack: How Phishers Spoofed Google’s Email Systems

WordPress Ad Fraud Operation “Scallywag” Generated 1.4 Billion Fake Ad Requests Daily