A critical vulnerability in YesWiki, tracked as CVE-2025-46348, allows unauthenticated attackers to create and download site backups...
CVE News
A critical SQL injection vulnerability (CVE-2017-18362) in ConnectWise’s ManagedITSync integration exposed Kaseya VSA servers to unauthenticated remote...
A newly disclosed vulnerability in Apache Tomcat, tracked as CVE-2025-23181, allows unprivileged command execution with a CVSS...
A critical remote code execution (RCE) vulnerability has been identified in PhpGurukul’s Online Banquet Booking System (OBBS)...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three critical vulnerabilities to its Known Exploited...
Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload...
A critical vulnerability (CVE-2025-34491) in GFI MailEssentials enables authenticated attackers to execute arbitrary code through .NET deserialization...
A critical vulnerability (CVE-2025-46661) has been identified in IPW Systems Metazo versions up to 8.1.3, allowing unauthenticated...
A critical stack-based buffer overflow vulnerability (CVE-2025-4007) has been identified in Tenda W12 and i24 routers, affecting...
A critical vulnerability (CVE-2015-2079) in Usermin, a web-based administration tool, allows authenticated attackers to execute arbitrary code...
The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with three...
A newly disclosed vulnerability in Apple’s iOS operating system (CVE-2025-24091) allows malicious applications to trigger an irreversible...
Security researchers at Shelltrail have identified three critical vulnerabilities in the IXON VPN client that could allow...
A critical path traversal vulnerability (CVE-2025-26692) affecting SIOS Technology’s Quick Agent (V2 and V3) has been disclosed,...
A critical buffer overflow vulnerability (CVE-2025-3991) has been identified in TOTOLINK N150RT routers running firmware version 3.4.0-B20190525....
A recent Windows security update designed to mitigate a privilege escalation vulnerability has inadvertently introduced a new...
A high-severity remote code execution (RCE) vulnerability (CVE-2025-3642) has been identified in Moodle’s EQUELLA repository integration, posing...
A high-severity vulnerability (CVE-2025-3935) affecting ScreenConnect versions 25.2.3 and earlier has been disclosed, involving ASP.NET ViewState code...
Google Chrome recently faced two critical use-after-free (UAF) vulnerabilities that were actively exploited in the wild before...
A high-severity Cross-Site Request Forgery (CSRF) vulnerability has been identified in Moodle’s Brickfield tool, tracked as CVE-2025-3638....
