CVE News

compop.ca 3.5.3 Arbitrary Code Execution Vulnerability (CVE-2024-48445)

CVE News

compop.ca 3.5.3 Arbitrary Code Execution Vulnerability (CVE-2024-48445)

A critical vulnerability in compop.ca version 3.5.3 has been disclosed, allowing arbitrary code execution due to an...

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

CVE News

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

A critical Remote Code Execution (RCE) vulnerability has been identified in ASUS ASMB8 iKVM firmware versions ≤1.14.51,...

WebMethods Integration Server 10.15.0 Vulnerability: Unauthenticated Access to Admin Panel (CVE-2024-23733)

CVE News

WebMethods Integration Server 10.15.0 Vulnerability: Unauthenticated Access to Admin Panel (CVE-2024-23733)

A critical vulnerability in Software AG’s webMethods Integration Server 10.15.0 allows unauthenticated attackers to bypass authentication and...

NagVis 1.9.33 Arbitrary File Read Vulnerability (CVE-2022-46945): Analysis and Mitigation

CVE News

NagVis 1.9.33 Arbitrary File Read Vulnerability (CVE-2022-46945): Analysis and Mitigation

A critical vulnerability in NagVis 1.9.33, tracked as CVE-2022-46945, allows unauthenticated attackers to read arbitrary files via...

Unauthenticated XSS Vulnerability in ABB Cylon Aspect 4.00.00

CVE News

Unauthenticated XSS Vulnerability in ABB Cylon Aspect 4.00.00

A critical unauthenticated Cross-Site Scripting (XSS) vulnerability has been identified in ABB Cylon Aspect firmware version 4.00.00,...

KiviCare Clinic & Patient Management System (EHR) 3.6.4 SQL Injection Vulnerability (CVE-2024-11728)

CVE News

KiviCare Clinic & Patient Management System (EHR) 3.6.4 SQL Injection Vulnerability (CVE-2024-11728)

A critical unauthenticated SQL injection vulnerability (CVE-2024-11728) has been identified in KiviCare Clinic & Patient Management System...

Ripple’s xrpl.js NPM Package Compromised in Supply Chain Attack Targeting XRP Wallets

CVE News

Ripple’s xrpl.js NPM Package Compromised in Supply Chain Attack Targeting XRP Wallets

A critical supply chain attack has compromised Ripple’s official xrpl.js NPM package, injecting malicious code designed to...

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

CVE News

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

A recently disclosed vulnerability in the code-projects Online Exam Mastering System 1.0 exposes users to reflected Cross-Site...

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

CVE News

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

A recent security audit has revealed critical vulnerabilities in Moodle, the widely adopted open-source learning management system...

Analysis of Google Cloud Composer Privilege Escalation Vulnerability (ConfusedComposer)

CVE News

Analysis of Google Cloud Composer Privilege Escalation Vulnerability (ConfusedComposer)

A recently patched high-severity vulnerability in Google Cloud Platform’s Cloud Composer service, dubbed ConfusedComposer, could have allowed...

2025 DBIR Analysis: Edge Device Vulnerabilities and Remediation Trends

CVE News

2025 DBIR Analysis: Edge Device Vulnerabilities and Remediation Trends

The 2025 Verizon Data Breach Investigations Report (DBIR) highlights a concerning 34% year-over-year increase in vulnerability exploitation,...

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

CVE News

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

A critical zero-day remote code execution (RCE) vulnerability in Active! Mail, a widely used Japanese webmail client,...

Siemens TeleControl Server Basic SQL Injection Vulnerabilities: Critical Risks and Mitigations

CVE News

Siemens TeleControl Server Basic SQL Injection Vulnerabilities: Critical Risks and Mitigations

Siemens TeleControl Server Basic (TCSB) has been identified with multiple critical SQL injection vulnerabilities affecting versions prior...

Critical Vulnerabilities in ABB MV Drives: Technical Analysis and Mitigation Strategies

CVE News

Critical Vulnerabilities in ABB MV Drives: Technical Analysis and Mitigation Strategies

ABB’s medium voltage (MV) drives, widely used in industrial automation and critical infrastructure, have been found to...

Critical RCE Vulnerability in Commvault Command Center (CVE-2025-34028)

CVE News

Critical RCE Vulnerability in Commvault Command Center (CVE-2025-34028)

A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-34028, has been disclosed in Commvault Command Center...

CVE-2025-2594: Critical Authentication Bypass in WordPress User Registration & Membership Plugin

CVE News

CVE-2025-2594: Critical Authentication Bypass in WordPress User Registration & Membership Plugin

A high-severity vulnerability (CVE-2025-2594) has been identified in the WordPress User Registration & Membership plugin, allowing unauthenticated...

Apache Web Server SQL Injection Vulnerability (CVE-2025-23176): Technical Analysis and Mitigation

CVE News

Apache Web Server SQL Injection Vulnerability (CVE-2025-23176): Technical Analysis and Mitigation

A newly disclosed SQL injection vulnerability (CVE-2025-23176) in Apache Web Server has been rated with a CVSS...

Critical IBM Hardware Management Console Vulnerability Allows Local Command Execution (CVE-2025-1950)

CVE News

Critical IBM Hardware Management Console Vulnerability Allows Local Command Execution (CVE-2025-1950)

A newly disclosed critical vulnerability in IBM’s Hardware Management Console (HMC) for Power Systems could allow local...

CISA Issues Five Critical ICS Advisories Covering Siemens, Schneider Electric, and ABB Systems

CVE News

CISA Issues Five Critical ICS Advisories Covering Siemens, Schneider Electric, and ABB Systems

The Cybersecurity and Infrastructure Security Agency (CISA) published five Industrial Control Systems (ICS) advisories on April 22,...

Critical Symantec pcAnywhere Remote Code Execution Vulnerability (CVE-2011-3478)

CVE News

Critical Symantec pcAnywhere Remote Code Execution Vulnerability (CVE-2011-3478)

A critical buffer overflow vulnerability in Symantec pcAnywhere, identified as CVE-2011-3478, allows unauthenticated attackers to execute arbitrary...

Posts pagination

Previous 1 2 3 4 5 6 7 … 10 Next

CVE News

compop.ca 3.5.3 Arbitrary Code Execution Vulnerability (CVE-2024-48445)

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

WebMethods Integration Server 10.15.0 Vulnerability: Unauthenticated Access to Admin Panel (CVE-2024-23733)

NagVis 1.9.33 Arbitrary File Read Vulnerability (CVE-2022-46945): Analysis and Mitigation

Unauthenticated XSS Vulnerability in ABB Cylon Aspect 4.00.00

KiviCare Clinic & Patient Management System (EHR) 3.6.4 SQL Injection Vulnerability (CVE-2024-11728)

Ripple’s xrpl.js NPM Package Compromised in Supply Chain Attack Targeting XRP Wallets

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

2025 DBIR Analysis: Edge Device Vulnerabilities and Remediation Trends

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

Siemens TeleControl Server Basic SQL Injection Vulnerabilities: Critical Risks and Mitigations

Critical Vulnerabilities in ABB MV Drives: Technical Analysis and Mitigation Strategies

Critical RCE Vulnerability in Commvault Command Center (CVE-2025-34028)

CVE-2025-2594: Critical Authentication Bypass in WordPress User Registration & Membership Plugin

Apache Web Server SQL Injection Vulnerability (CVE-2025-23176): Technical Analysis and Mitigation

Critical IBM Hardware Management Console Vulnerability Allows Local Command Execution (CVE-2025-1950)

CISA Issues Five Critical ICS Advisories Covering Siemens, Schneider Electric, and ABB Systems

Critical Symantec pcAnywhere Remote Code Execution Vulnerability (CVE-2011-3478)

You may have missed

OpenAI’s $3 Billion Windsurf Acquisition: Strategic Shift Toward AI-Driven Developer Tools

Apple’s AI Partnership with Alibaba Sparks U.S. National Security Concerns

Meta’s Antitrust Battle: Examining the FTC’s Monopoly Allegations

Procolored Printer Drivers Distributed Malware for Six Months: Technical Analysis and Mitigation