CVE News

Critical SQL Injection Vulnerability in GLPI ITSM Tool (CVE-2025-24799): Analysis and Mitigation

CVE News

Critical SQL Injection Vulnerability in GLPI ITSM Tool (CVE-2025-24799): Analysis and Mitigation

A newly discovered SQL injection vulnerability in the widely used GLPI IT Service Management (ITSM) tool poses...

Mozilla Patches Critical Windows Sandbox Escape Flaw Linked to Chrome Zero-Day

CVE News

Mozilla Patches Critical Windows Sandbox Escape Flaw Linked to Chrome Zero-Day

Mozilla has issued an emergency update for Firefox on Windows to address a critical sandbox escape vulnerability...

Critical NetApp SnapCenter Vulnerability Allows Privilege Escalation to Remote Admin Access

CVE News

Critical NetApp SnapCenter Vulnerability Allows Privilege Escalation to Remote Admin Access

A critical security flaw in NetApp SnapCenter, tracked as CVE-2025-26512, could allow authenticated users to escalate privileges...

Firefox and Chrome Zero-Days Highlight Systemic Sandbox Risks

CVE News

Firefox and Chrome Zero-Days Highlight Systemic Sandbox Risks

Mozilla has released emergency updates to patch a critical sandbox escape vulnerability (CVE-2025-2857) in Firefox for Windows,...

Mobile Security & Malware Threats: Critical Vulnerabilities and Emerging Risks in March 2025

CVE News

Mobile Security & Malware Threats: Critical Vulnerabilities and Emerging Risks in March 2025

The fourth week of March 2025 has brought significant developments in mobile security and malware, with critical...

High-Severity Missing Authorization Flaw in Shinetheme Traveler WordPress Theme (CVE-2025-26733)

CVE News

High-Severity Missing Authorization Flaw in Shinetheme Traveler WordPress Theme (CVE-2025-26733)

A high-severity vulnerability (CVE-2025-26733) has been identified in the Shinetheme Traveler WordPress theme, affecting versions up to...

Critical RCE Vulnerability in Shinetheme Traveler (CVE-2025-26873): Analysis and Mitigation

CVE News

Critical RCE Vulnerability in Shinetheme Traveler (CVE-2025-26873): Analysis and Mitigation

A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-26873, has been disclosed in the Shinetheme Traveler...

Critical SQL Injection Vulnerability Discovered in Shinetheme Traveler (CVE-2025-26898)

CVE News

Critical SQL Injection Vulnerability Discovered in Shinetheme Traveler (CVE-2025-26898)

A critical SQL injection vulnerability (CVE-2025-26898) has been identified in the Shinetheme Traveler WordPress theme, affecting versions...

Exim Use-After-Free Vulnerability (CVE-2025-30232) Poses Privilege Escalation Risk

CVE News

Exim Use-After-Free Vulnerability (CVE-2025-30232) Poses Privilege Escalation Risk

A high-severity vulnerability (CVE-2025-30232) has been identified in Exim mail servers, affecting versions 4.96 through 4.98.1. The...

Critical OS Command Injection Vulnerability in Dell Unity (CVE-2025-24383) Poses Severe Risk

CVE News

Critical OS Command Injection Vulnerability in Dell Unity (CVE-2025-24383) Poses Severe Risk

A critical vulnerability (CVE-2025-24383) has been identified in Dell Unity operating environments, allowing unauthenticated attackers to execute...

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

CVE News

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

A high-severity open redirect vulnerability (CVE-2025-24381) has been identified in Dell Unity storage systems running versions 5.4...

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

CVE News

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

A critical vulnerability (CVE-2025-2294) has been identified in the Kubio AI Page Builder plugin for WordPress, affecting...

Critical Unauthenticated RCE Vulnerability Discovered in Ingress NGINX Controller

CVE News

Critical Unauthenticated RCE Vulnerability Discovered in Ingress NGINX Controller

A severe remote code execution (RCE) vulnerability has been identified in the Ingress NGINX Controller, allowing attackers...

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

CVE News

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

A critical zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks’ PAN-OS firewalls has been actively exploited since at...

Detecting and Mitigating CVE-2024-3400: Critical Zero-Day in Palo Alto GlobalProtect

CVE News

Detecting and Mitigating CVE-2024-3400: Critical Zero-Day in Palo Alto GlobalProtect

A critical zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks’ PAN-OS GlobalProtect feature has been actively exploited since...

Understanding Trojan.Win32.CVE20188120.E: A Windows Privilege Escalation Threat

CVE News

Understanding Trojan.Win32.CVE20188120.E: A Windows Privilege Escalation Threat

The Trojan.Win32.CVE20188120.E malware represents a persistent threat leveraging CVE-2018-8120, a privilege escalation vulnerability in Windows systems. This...

Trojan.W97M.CVE202140444.A: Analyzing the Microsoft Office Exploit That Enables Remote Code Execution

CVE News

Trojan.W97M.CVE202140444.A: Analyzing the Microsoft Office Exploit That Enables Remote Code Execution

A newly identified threat, Trojan.W97M.CVE202140444.A, exploits a critical Microsoft Office vulnerability (CVE-2021-40444) to execute remote code through...

Critical OpenSSH Vulnerabilities CVE-2024-6387 and CVE-2024-6409: Analysis and Mitigation Strategies

CVE News

Critical OpenSSH Vulnerabilities CVE-2024-6387 and CVE-2024-6409: Analysis and Mitigation Strategies

Two critical vulnerabilities in OpenSSH—CVE-2024-6387 (dubbed “regreSSHion”) and CVE-2024-6409—pose significant risks to Linux systems running vulnerable versions....

Critical WhatsUp Gold Vulnerabilities Exploited for RCE: Patch Now to Prevent Attacks

CVE News

Critical WhatsUp Gold Vulnerabilities Exploited for RCE: Patch Now to Prevent Attacks

Progress Software’s WhatsUp Gold, a widely used network monitoring solution, is under active attack due to two...

Critical Authentication Flaws in Microsoft Azure Private 5G Core Expose Networks to Disruption

CVE News

Critical Authentication Flaws in Microsoft Azure Private 5G Core Expose Networks to Disruption

Two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC) have been identified and patched, according to...

Posts pagination

Previous 1 2 3 4 Next

CVE News

Critical SQL Injection Vulnerability in GLPI ITSM Tool (CVE-2025-24799): Analysis and Mitigation

Mozilla Patches Critical Windows Sandbox Escape Flaw Linked to Chrome Zero-Day

Critical NetApp SnapCenter Vulnerability Allows Privilege Escalation to Remote Admin Access

Firefox and Chrome Zero-Days Highlight Systemic Sandbox Risks

Mobile Security & Malware Threats: Critical Vulnerabilities and Emerging Risks in March 2025

High-Severity Missing Authorization Flaw in Shinetheme Traveler WordPress Theme (CVE-2025-26733)

Critical RCE Vulnerability in Shinetheme Traveler (CVE-2025-26873): Analysis and Mitigation

Critical SQL Injection Vulnerability Discovered in Shinetheme Traveler (CVE-2025-26898)

Exim Use-After-Free Vulnerability (CVE-2025-30232) Poses Privilege Escalation Risk

Critical OS Command Injection Vulnerability in Dell Unity (CVE-2025-24383) Poses Severe Risk

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

Critical Unauthenticated RCE Vulnerability Discovered in Ingress NGINX Controller

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

Detecting and Mitigating CVE-2024-3400: Critical Zero-Day in Palo Alto GlobalProtect

Understanding Trojan.Win32.CVE20188120.E: A Windows Privilege Escalation Threat

Trojan.W97M.CVE202140444.A: Analyzing the Microsoft Office Exploit That Enables Remote Code Execution

Critical OpenSSH Vulnerabilities CVE-2024-6387 and CVE-2024-6409: Analysis and Mitigation Strategies

Critical WhatsUp Gold Vulnerabilities Exploited for RCE: Patch Now to Prevent Attacks

Critical Authentication Flaws in Microsoft Azure Private 5G Core Expose Networks to Disruption

You may have missed

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

Critical SQL Injection Vulnerability in WooCommerce Order Splitter Plugin (CVE-2025-31089)