Red-Team

Tenda AC10 Router Vulnerability (CVE-2025-3161): Remote Stack-Based Buffer Overflow Exploit

CVE News

Tenda AC10 Router Vulnerability (CVE-2025-3161): Remote Stack-Based Buffer Overflow Exploit

A critical stack-based buffer overflow vulnerability (CVE-2025-3161) has been identified in Tenda AC10 routers running firmware version...

Dell PowerProtect Data Domain Vulnerability (CVE-2025-29987): Root Access Exploit Analysis

CVE News

Dell PowerProtect Data Domain Vulnerability (CVE-2025-29987): Root Access Exploit Analysis

A critical vulnerability (CVE-2025-29987) in Dell PowerProtect Data Domain systems running Data Domain Operating System (DD OS)...

Verizon Call Filter API Vulnerability Exposed Customer Call Logs via Unsecured Endpoint

CVE News

Verizon Call Filter API Vulnerability Exposed Customer Call Logs via Unsecured Endpoint

A security flaw in Verizon’s Call Filter API allowed unauthorized access to customers’ incoming call histories due...

Ivanti Connect Secure Zero-Day Exploited by China-Linked APT Since Mid-March 2025

CVE News

Ivanti Connect Secure Zero-Day Exploited by China-Linked APT Since Mid-March 2025

Ivanti has released critical patches for two zero-day vulnerabilities (CVE-2025-22457 and CVE-2025-0282) in its Connect Secure (ICS),...

AssetView Vulnerability Exposes Systems to Unauthenticated File Access and Deletion (CVE-2025-25060)

CVE News

AssetView Vulnerability Exposes Systems to Unauthenticated File Access and Deletion (CVE-2025-25060)

A critical vulnerability in AssetView and AssetView CLOUD (CVE-2025-25060) has been disclosed, allowing unauthenticated attackers to access...

Critical Path Traversal Vulnerability in FortiSIEM (CVE-2023-40714) Allows Privilege Escalation

CVE News

Critical Path Traversal Vulnerability in FortiSIEM (CVE-2023-40714) Allows Privilege Escalation

A critical vulnerability (CVE-2023-40714) affecting multiple versions of Fortinet’s FortiSIEM security information and event management solution has...

ROS dynparam YAML Deserialization Vulnerability (CVE-2024-39780) Analysis and Mitigation

CVE News

ROS dynparam YAML Deserialization Vulnerability (CVE-2024-39780) Analysis and Mitigation

A critical vulnerability (CVE-2024-39780) has been identified in the Robot Operating System (ROS) dynparam tool, allowing arbitrary...

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

CVE News

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

A critical path traversal vulnerability (CVE-2025-31131) has been identified in YesWiki, a PHP-based wiki system, with a...

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

CVE News

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

A critical SQL injection vulnerability (CVE-2025-30807) has been identified in the Next-Cart Store to WooCommerce Migration plugin,...

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

CVE News

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

A high-severity vulnerability (CVE-2025-30892) has been identified in the Magepeople WpTravelly WordPress plugin, exposing websites to potential...

Critical SQL Injection Vulnerability in WooCommerce Order Splitter Plugin (CVE-2025-31089)

CVE News

Critical SQL Injection Vulnerability in WooCommerce Order Splitter Plugin (CVE-2025-31089)

A high-severity SQL injection vulnerability (CVE-2025-31089) has been identified in Fahad Mahmood’s Order Splitter for WooCommerce plugin,...

CVE-2025-31534: Critical SQL Injection Vulnerability in Shopperdotcom Shopper

CVE News

CVE-2025-31534: Critical SQL Injection Vulnerability in Shopperdotcom Shopper

A critical SQL injection vulnerability (CVE-2025-31534) has been identified in the Shopperdotcom Shopper platform, affecting all versions...

Critical SQL Injection Vulnerability in Salesmate Add-On for Gravity Forms (CVE-2025-31551)

CVE News

Critical SQL Injection Vulnerability in Salesmate Add-On for Gravity Forms (CVE-2025-31551)

A critical SQL injection vulnerability (CVE-2025-31551) has been identified in the Salesmate.io Salesmate Add-On for Gravity Forms,...

Critical SQL Injection Vulnerability in RSVPMarker WordPress Plugin (CVE-2025-31552)

CVE News

Critical SQL Injection Vulnerability in RSVPMarker WordPress Plugin (CVE-2025-31552)

A critical SQL injection vulnerability (CVE-2025-31552) has been identified in the RSVPMarker WordPress plugin, affecting versions up...

Critical SQL Injection Vulnerability in Advanced WooCommerce Product Sales Reporting (CVE-2025-31553)

CVE News

Critical SQL Injection Vulnerability in Advanced WooCommerce Product Sales Reporting (CVE-2025-31553)

A critical SQL injection vulnerability (CVE-2025-31553) has been identified in the WPFactory Advanced WooCommerce Product Sales Reporting...

Critical Object Injection Vulnerability in Sabuj Kundu CBX Poll Plugin (CVE-2025-31612)

CVE News

Critical Object Injection Vulnerability in Sabuj Kundu CBX Poll Plugin (CVE-2025-31612)

A critical security vulnerability has been identified in the Sabuj Kundu CBX Poll WordPress plugin, tracked as...

High-Severity SQL Injection Vulnerability in WordPress Uptime Robot Plugin (CVE-2025-31547)

CVE News

High-Severity SQL Injection Vulnerability in WordPress Uptime Robot Plugin (CVE-2025-31547)

A high-severity SQL injection vulnerability (CVE-2025-31547) has been identified in the Aphotrax Uptime Robot Plugin for WordPress,...

Critical SQL Injection Vulnerability in PiExtract’s SOOP-CLM (CVE-2025-3011)

CVE News

Critical SQL Injection Vulnerability in PiExtract’s SOOP-CLM (CVE-2025-3011)

A critical SQL injection vulnerability (CVE-2025-3011) has been identified in PiExtract’s SOOP-CLM software, rated 9.8 (CRITICAL) on...

Critical Authentication Bypass in CHOCO TEI WATCHER mini Exposes Industrial Systems

CVE News

Critical Authentication Bypass in CHOCO TEI WATCHER mini Exposes Industrial Systems

A critical vulnerability (CVE-2025-25211) affecting all versions of the CHOCO TEI WATCHER mini (IB-MCT001) industrial monitoring device...

CISA Issues New ICS Advisory for Schneider Electric EcoStruxure Power Monitoring Expert

CVE News

CISA Issues New ICS Advisory for Schneider Electric EcoStruxure Power Monitoring Expert

The Cybersecurity and Infrastructure Security Agency (CISA) released an Industrial Control Systems (ICS) advisory on March 27,...

Posts pagination

Previous 1 … 5 6 7 8 9 10 11 … 13 Next

Red-Team

Tenda AC10 Router Vulnerability (CVE-2025-3161): Remote Stack-Based Buffer Overflow Exploit

Dell PowerProtect Data Domain Vulnerability (CVE-2025-29987): Root Access Exploit Analysis

Verizon Call Filter API Vulnerability Exposed Customer Call Logs via Unsecured Endpoint

Ivanti Connect Secure Zero-Day Exploited by China-Linked APT Since Mid-March 2025

AssetView Vulnerability Exposes Systems to Unauthenticated File Access and Deletion (CVE-2025-25060)

Critical Path Traversal Vulnerability in FortiSIEM (CVE-2023-40714) Allows Privilege Escalation

ROS dynparam YAML Deserialization Vulnerability (CVE-2024-39780) Analysis and Mitigation

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

Critical SQL Injection Vulnerability in WooCommerce Order Splitter Plugin (CVE-2025-31089)

CVE-2025-31534: Critical SQL Injection Vulnerability in Shopperdotcom Shopper

Critical SQL Injection Vulnerability in Salesmate Add-On for Gravity Forms (CVE-2025-31551)

Critical SQL Injection Vulnerability in RSVPMarker WordPress Plugin (CVE-2025-31552)

Critical SQL Injection Vulnerability in Advanced WooCommerce Product Sales Reporting (CVE-2025-31553)

Critical Object Injection Vulnerability in Sabuj Kundu CBX Poll Plugin (CVE-2025-31612)

High-Severity SQL Injection Vulnerability in WordPress Uptime Robot Plugin (CVE-2025-31547)

Critical SQL Injection Vulnerability in PiExtract’s SOOP-CLM (CVE-2025-3011)

Critical Authentication Bypass in CHOCO TEI WATCHER mini Exposes Industrial Systems

CISA Issues New ICS Advisory for Schneider Electric EcoStruxure Power Monitoring Expert

You may have missed

Google’s $1.4 Billion Texas Data Privacy Settlement: Legal and Technical Implications

Ascension Healthcare Data Breach: Third-Party Compromise Exposes 430,000 Patient Records

Google Chrome Deploys On-Device AI to Block Tech Support Scams

Chinese APT Exploits Critical SAP NetWeaver Vulnerability (CVE-2025-31324) with Custom Malware