CVE News

CVE-2024-7344: Critical UEFI Secure Boot Bypass Vulnerability Exposed

CVE News

CVE-2024-7344: Critical UEFI Secure Boot Bypass Vulnerability Exposed

Summary for CISOs: A critical vulnerability (CVE-2024-7344) in UEFI Secure Boot allows attackers to bypass security checks...

Critical Authentication Bypass in Kentico Xperience CMS (CVE-2025-2747)

CVE News

Critical Authentication Bypass in Kentico Xperience CMS (CVE-2025-2747)

A critical authentication bypass vulnerability (CVE-2025-2747) has been identified in Kentico Xperience CMS, affecting versions through 13.0.178....

CVE-2025-2683: Critical SQL Injection in PHPGurukul Bank Locker Management System

CVE News

CVE-2025-2683: Critical SQL Injection in PHPGurukul Bank Locker Management System

Summary A critical SQL injection vulnerability (CVE-2025-2683) has been discovered in PHPGurukul’s Bank Locker Management System version...

Critical Unrestricted File Upload Vulnerability in PHPGurukul eLearning System (CVE-2025-2687)

CVE News

Critical Unrestricted File Upload Vulnerability in PHPGurukul eLearning System (CVE-2025-2687)

A critical vulnerability (CVE-2025-2687) has been discovered in PHPGurukul eLearning System 1.0, affecting its Image Handler component....

Critical Yii2 Framework Vulnerability (CVE-2025-2690): Remote Code Execution Risk

CVE News

Critical Yii2 Framework Vulnerability (CVE-2025-2690): Remote Code Execution Risk

A critical deserialization vulnerability (CVE-2025-2690) has been discovered in the Yii2 PHP framework, allowing remote code execution....

ManageEngine ADSelfService Plus Session Hijacking Vulnerability Patched (CVE-2025-1723)

Blue-Team
CVE News

ManageEngine ADSelfService Plus Session Hijacking Vulnerability Patched (CVE-2025-1723)

Zoho Corporation has addressed a medium-severity authentication vulnerability (CVE-2025-1723) in ManageEngine ADSelfService Plus versions 6510 and earlier....

Critical VMware Vulnerabilities Patched: NCSC-2025-0073 Advisory on ESXi, Workstation, and Fusion Risks

CVE News

Critical VMware Vulnerabilities Patched: NCSC-2025-0073 Advisory on ESXi, Workstation, and Fusion Risks

Broadcom has addressed multiple high-severity vulnerabilities in VMware ESXi, Workstation, and Fusion products, as detailed in NCSC...

IBM Storage Products Patched for Critical Authentication Bypass and RCE Vulnerabilities

CVE News

IBM Storage Products Patched for Critical Authentication Bypass and RCE Vulnerabilities

Summary: IBM has addressed critical security vulnerabilities in its enterprise storage products, including authentication bypass (CVE-2025-0159) and...

SAP Patches Critical Vulnerabilities in Commerce, NetWeaver, and BusinessObjects Components

CVE News

SAP Patches Critical Vulnerabilities in Commerce, NetWeaver, and BusinessObjects Components

SAP has released security updates addressing multiple vulnerabilities across its software portfolio, including SAP Commerce, SAP NetWeaver,...

Critical PipeCD Vulnerability (CVE-2024-53351): Authorization Bypass Exposes Deployment Pipelines

CVE News

Critical PipeCD Vulnerability (CVE-2024-53351): Authorization Bypass Exposes Deployment Pipelines

A critical authorization bypass vulnerability (CVE-2024-53351) has been discovered in PipeCD v0.49, allowing attackers to access service...

High-Severity SQL Injection Vulnerability in Flickr Set Slideshows (CVE-2025-30590)

CVE News

High-Severity SQL Injection Vulnerability in Flickr Set Slideshows (CVE-2025-30590)

A critical SQL injection vulnerability (CVE-2025-30590) has been discovered in the Dourou Flickr set slideshows plugin, affecting...

Critical FortiOS and FortiProxy RCE Vulnerability (CVE-2023-25610): Patch Now to Prevent Remote Exploitation

CVE News

Critical FortiOS and FortiProxy RCE Vulnerability (CVE-2023-25610): Patch Now to Prevent Remote Exploitation

Summary: Fortinet has disclosed a critical buffer underwrite vulnerability (CVE-2023-25610) affecting multiple versions of FortiOS and FortiProxy,...

Critical Next.js Vulnerability (CVE-2025-29927) Exposes Websites to Authorization Bypass Attacks

CVE News

Critical Next.js Vulnerability (CVE-2025-29927) Exposes Websites to Authorization Bypass Attacks

A severe security flaw in Next.js, tracked as CVE-2025-29927, allows attackers to bypass authentication and authorization checks...

Critical Microsoft Windows Vulnerabilities Patched: NCSC-2025-0078 Advisory

CVE News
Exploitation

Critical Microsoft Windows Vulnerabilities Patched: NCSC-2025-0078 Advisory

Microsoft has recently addressed a series of critical vulnerabilities in its Windows operating system, as highlighted in...

Microsoft Azure Vulnerabilities Patched: Key Details for Security Teams

Blue-Team
CVE News

Microsoft Azure Vulnerabilities Patched: Key Details for Security Teams

Microsoft has recently addressed several critical vulnerabilities in its Azure platform, as reported by the Dutch National...

Fortinet Patches Critical Vulnerabilities in FortiOS, FortiProxy, FortiPAM, FortiSRA, and FortiWeb: NCSC-2025-0082 Exploited in Ransomware Attacks

CVE News
Exploitation

Fortinet Patches Critical Vulnerabilities in FortiOS, FortiProxy, FortiPAM, FortiSRA, and FortiWeb: NCSC-2025-0082 Exploited in Ransomware Attacks

Fortinet has recently addressed a critical vulnerability affecting multiple products, including FortiOS, FortiProxy, FortiPAM, FortiSRA, and FortiWeb....

Ivanti Secure Access Client Vulnerability Patched: NCSC-2025-0085 Explained

Blue-Team
CVE News

Ivanti Secure Access Client Vulnerability Patched: NCSC-2025-0085 Explained

On March 12, 2025, Ivanti announced the resolution of a critical vulnerability in its Ivanti Secure Access...

Critical Vulnerability Patched in Apache Tomcat: CVE-2025-24813 Allows Remote Code Execution

CVE News
Exploitation

Critical Vulnerability Patched in Apache Tomcat: CVE-2025-24813 Allows Remote Code Execution

Apache Tomcat, a widely used open-source Java servlet container, has recently addressed a critical vulnerability that could...

Synology Patches Critical LDAP Vulnerability in DiskStation Manager (CVE-2024-10444)

CVE News
Exploitation

Synology Patches Critical LDAP Vulnerability in DiskStation Manager (CVE-2024-10444)

Synology has recently addressed a critical vulnerability in its DiskStation Manager (DSM) software, specifically within its LDAP...

IBM InfoSphere Information Server Vulnerability (CVE-2024-51459) Patched: Medium Risk, High Impact

CVE News
Exploitation

IBM InfoSphere Information Server Vulnerability (CVE-2024-51459) Patched: Medium Risk, High Impact

IBM has recently addressed a critical vulnerability in its IBM InfoSphere Information Server 11.7, as detailed in...

Posts pagination

Previous 1 … 6 7 8 9 10 Next

CVE News

CVE-2024-7344: Critical UEFI Secure Boot Bypass Vulnerability Exposed

Critical Authentication Bypass in Kentico Xperience CMS (CVE-2025-2747)

CVE-2025-2683: Critical SQL Injection in PHPGurukul Bank Locker Management System

Critical Unrestricted File Upload Vulnerability in PHPGurukul eLearning System (CVE-2025-2687)

Critical Yii2 Framework Vulnerability (CVE-2025-2690): Remote Code Execution Risk

ManageEngine ADSelfService Plus Session Hijacking Vulnerability Patched (CVE-2025-1723)

Critical VMware Vulnerabilities Patched: NCSC-2025-0073 Advisory on ESXi, Workstation, and Fusion Risks

IBM Storage Products Patched for Critical Authentication Bypass and RCE Vulnerabilities

SAP Patches Critical Vulnerabilities in Commerce, NetWeaver, and BusinessObjects Components

Critical PipeCD Vulnerability (CVE-2024-53351): Authorization Bypass Exposes Deployment Pipelines

High-Severity SQL Injection Vulnerability in Flickr Set Slideshows (CVE-2025-30590)

Critical FortiOS and FortiProxy RCE Vulnerability (CVE-2023-25610): Patch Now to Prevent Remote Exploitation

Critical Next.js Vulnerability (CVE-2025-29927) Exposes Websites to Authorization Bypass Attacks

Critical Microsoft Windows Vulnerabilities Patched: NCSC-2025-0078 Advisory

Fortinet Patches Critical Vulnerabilities in FortiOS, FortiProxy, FortiPAM, FortiSRA, and FortiWeb: NCSC-2025-0082 Exploited in Ransomware Attacks

Ivanti Secure Access Client Vulnerability Patched: NCSC-2025-0085 Explained

Critical Vulnerability Patched in Apache Tomcat: CVE-2025-24813 Allows Remote Code Execution

Synology Patches Critical LDAP Vulnerability in DiskStation Manager (CVE-2024-10444)

IBM InfoSphere Information Server Vulnerability (CVE-2024-51459) Patched: Medium Risk, High Impact

You may have missed

Procolored Printer Drivers Distributed Malware for Six Months: Technical Analysis and Mitigation

Tor Oniux: Kernel-Level Network Anonymization for Linux Applications

Google Chrome’s Security Update: Blocking Admin-Level Launches in Windows

Australian Human Rights Commission Data Breach: Technical Analysis and Impact