CVE News

SonicWall Vulnerabilities Confirmed as Actively Exploited by CISA

CVE News

SonicWall Vulnerabilities Confirmed as Actively Exploited by CISA

The US Cybersecurity and Infrastructure Security Agency (CISA) has officially added two critical vulnerabilities affecting SonicWall Secure...

CISA Adds SAP NetWeaver Vulnerability to Known Exploited Catalog: Analysis and Mitigation

CVE News

CISA Adds SAP NetWeaver Vulnerability to Known Exploited Catalog: Analysis and Mitigation

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with CVE-2025-31324,...

Apple AirPlay Zero-Click RCE Vulnerabilities: Technical Analysis and Mitigation

CVE News

Apple AirPlay Zero-Click RCE Vulnerabilities: Technical Analysis and Mitigation

A set of critical vulnerabilities in Apple’s AirPlay Protocol and AirPlay SDK, collectively dubbed “AirBorne,” exposes devices...

Critical Vulnerabilities in Delta Electronics ISPSoft Expose Industrial Systems to Arbitrary Code Execution

CVE News

Critical Vulnerabilities in Delta Electronics ISPSoft Expose Industrial Systems to Arbitrary Code Execution

Delta Electronics’ ISPSoft programming software, widely used in industrial automation systems, contains multiple critical vulnerabilities that could...

Critical SQL Injection Vulnerability in PHPGurukul Rail Pass Management System (CVE-2025-4039)

CVE News

Critical SQL Injection Vulnerability in PHPGurukul Rail Pass Management System (CVE-2025-4039)

A critical SQL injection vulnerability (CVE-2025-4039) has been identified in PHPGurukul’s Rail Pass Management System version 1.0,...

Critical YesWiki Vulnerability (CVE-2025-46348) Allows Unauthenticated Backup Exfiltration

CVE News

Critical YesWiki Vulnerability (CVE-2025-46348) Allows Unauthenticated Backup Exfiltration

A critical vulnerability in YesWiki, tracked as CVE-2025-46348, allows unauthenticated attackers to create and download site backups...

CVE-2017-18362: Critical SQL Injection in ConnectWise ManagedITSync Integration

CVE News

CVE-2017-18362: Critical SQL Injection in ConnectWise ManagedITSync Integration

A critical SQL injection vulnerability (CVE-2017-18362) in ConnectWise’s ManagedITSync integration exposed Kaseya VSA servers to unauthenticated remote...

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

CVE News

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

A newly disclosed vulnerability in Apache Tomcat, tracked as CVE-2025-23181, allows unprivileged command execution with a CVSS...

CVE-2025-45947: Critical RCE Vulnerability in PhpGurukul Online Banquet Booking System

CVE News

CVE-2025-45947: Critical RCE Vulnerability in PhpGurukul Online Banquet Booking System

A critical remote code execution (RCE) vulnerability has been identified in PhpGurukul’s Online Banquet Booking System (OBBS)...

CISA Flags Actively Exploited Vulnerabilities in Broadcom, Commvault, and Qualitia Products

CVE News

CISA Flags Actively Exploited Vulnerabilities in Broadcom, Commvault, and Qualitia Products

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three critical vulnerabilities to its Known Exploited...

Critical SAP NetWeaver Vulnerability (CVE-2025-31324): Exploitation and Mitigation

CVE News

Critical SAP NetWeaver Vulnerability (CVE-2025-31324): Exploitation and Mitigation

Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload...

GFI MailEssentials .NET Deserialization Vulnerability (CVE-2025-34491) Allows Remote Code Execution

CVE News

GFI MailEssentials .NET Deserialization Vulnerability (CVE-2025-34491) Allows Remote Code Execution

A critical vulnerability (CVE-2025-34491) in GFI MailEssentials enables authenticated attackers to execute arbitrary code through .NET deserialization...

Critical Server-Side Template Injection Vulnerability in IPW Systems Metazo (CVE-2025-46661)

CVE News

Critical Server-Side Template Injection Vulnerability in IPW Systems Metazo (CVE-2025-46661)

A critical vulnerability (CVE-2025-46661) has been identified in IPW Systems Metazo versions up to 8.1.3, allowing unauthenticated...

Tenda W12 and i24 HTTPd Stack-Based Buffer Overflow Vulnerability (CVE-2025-4007): Technical Analysis and Mitigation

CVE News

Tenda W12 and i24 HTTPd Stack-Based Buffer Overflow Vulnerability (CVE-2025-4007): Technical Analysis and Mitigation

A critical stack-based buffer overflow vulnerability (CVE-2025-4007) has been identified in Tenda W12 and i24 routers, affecting...

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

CVE News

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

A critical vulnerability (CVE-2015-2079) in Usermin, a web-based administration tool, allows authenticated attackers to execute arbitrary code...

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

CVE News

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with three...

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

CVE News

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

A newly disclosed vulnerability in Apple’s iOS operating system (CVE-2025-24091) allows malicious applications to trigger an irreversible...

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

CVE News

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

Security researchers at Shelltrail have identified three critical vulnerabilities in the IXON VPN client that could allow...

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

CVE News

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

A critical path traversal vulnerability (CVE-2025-26692) affecting SIOS Technology’s Quick Agent (V2 and V3) has been disclosed,...

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

CVE News

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

A critical buffer overflow vulnerability (CVE-2025-3991) has been identified in TOTOLINK N150RT routers running firmware version 3.4.0-B20190525....

Posts pagination

Previous 1 2 3 4 5 … 10 Next

CVE News

SonicWall Vulnerabilities Confirmed as Actively Exploited by CISA

CISA Adds SAP NetWeaver Vulnerability to Known Exploited Catalog: Analysis and Mitigation

Apple AirPlay Zero-Click RCE Vulnerabilities: Technical Analysis and Mitigation

Critical Vulnerabilities in Delta Electronics ISPSoft Expose Industrial Systems to Arbitrary Code Execution

Critical SQL Injection Vulnerability in PHPGurukul Rail Pass Management System (CVE-2025-4039)

Critical YesWiki Vulnerability (CVE-2025-46348) Allows Unauthenticated Backup Exfiltration

CVE-2017-18362: Critical SQL Injection in ConnectWise ManagedITSync Integration

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

CVE-2025-45947: Critical RCE Vulnerability in PhpGurukul Online Banquet Booking System

CISA Flags Actively Exploited Vulnerabilities in Broadcom, Commvault, and Qualitia Products

Critical SAP NetWeaver Vulnerability (CVE-2025-31324): Exploitation and Mitigation

GFI MailEssentials .NET Deserialization Vulnerability (CVE-2025-34491) Allows Remote Code Execution

Critical Server-Side Template Injection Vulnerability in IPW Systems Metazo (CVE-2025-46661)

Tenda W12 and i24 HTTPd Stack-Based Buffer Overflow Vulnerability (CVE-2025-4007): Technical Analysis and Mitigation

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

You may have missed

OpenAI’s $3 Billion Windsurf Acquisition: Strategic Shift Toward AI-Driven Developer Tools

Apple’s AI Partnership with Alibaba Sparks U.S. National Security Concerns

Meta’s Antitrust Battle: Examining the FTC’s Monopoly Allegations

Procolored Printer Drivers Distributed Malware for Six Months: Technical Analysis and Mitigation