Command Injection

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

CVE News

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

A critical remote code execution vulnerability has been identified in Dell EMC’s Integrated Dell Remote Access Controller...

Unauthenticated XSS Vulnerability in ABB Cylon Aspect 4.00.00

CVE News

Unauthenticated XSS Vulnerability in ABB Cylon Aspect 4.00.00

A critical unauthenticated Cross-Site Scripting (XSS) vulnerability has been identified in ABB Cylon Aspect firmware version 4.00.00,...

Critical IBM Hardware Management Console Vulnerability Allows Local Command Execution (CVE-2025-1950)

CVE News

Critical IBM Hardware Management Console Vulnerability Allows Local Command Execution (CVE-2025-1950)

A newly disclosed critical vulnerability in IBM’s Hardware Management Console (HMC) for Power Systems could allow local...

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29659): Technical Analysis and Mitigation

CVE News

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29659): Technical Analysis and Mitigation

A critical remote code execution (RCE) vulnerability, designated as CVE-2025-29659, has been identified in the Yi IoT...

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29660): Analysis and Mitigation

CVE News

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29660): Analysis and Mitigation

A critical remote code execution (RCE) vulnerability (CVE-2025-29660) has been identified in the Yi IoT XY-3820 firmware...

SonicWall SMA VPN Exploitation: Active Attacks Since January 2025

CVE News

SonicWall SMA VPN Exploitation: Active Attacks Since January 2025

Cybersecurity firm Arctic Wolf has confirmed that a remote code execution (RCE) vulnerability in SonicWall Secure Mobile...

Critical SQL Injection Vulnerability in SEMCMS (CVE-2025-25686): Analysis and Mitigation

CVE News

Critical SQL Injection Vulnerability in SEMCMS (CVE-2025-25686): Analysis and Mitigation

A critical SQL injection vulnerability (CVE-2025-25686) has been identified in SEMCMS versions 5.0 and earlier, posing significant...

Critical RCE Vulnerability in TOTOLINK A800R Routers (CVE-2025-28138)

CVE News

Critical RCE Vulnerability in TOTOLINK A800R Routers (CVE-2025-28138)

A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-28138, has been identified in TOTOLINK A800R routers...

Critical OS Command Injection Vulnerability in Dell Unity (CVE-2025-24383) Poses Severe Risk

CVE News

Critical OS Command Injection Vulnerability in Dell Unity (CVE-2025-24383) Poses Severe Risk

A critical vulnerability (CVE-2025-24383) has been identified in Dell Unity operating environments, allowing unauthenticated attackers to execute...

Memory Forensics Exposes Ivanti VPN Zero-Day Exploits: A Critical Security Breakdown

Threat Intelligence

Memory Forensics Exposes Ivanti VPN Zero-Day Exploits: A Critical Security Breakdown

Recent forensic investigations by Volexity have uncovered a sophisticated attack campaign exploiting two chained zero-day vulnerabilities in...

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

CVE News

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

A critical zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks’ PAN-OS firewalls has been actively exploited since at...

Detecting and Mitigating CVE-2024-3400: Critical Zero-Day in Palo Alto GlobalProtect

CVE News

Detecting and Mitigating CVE-2024-3400: Critical Zero-Day in Palo Alto GlobalProtect

A critical zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks’ PAN-OS GlobalProtect feature has been actively exploited since...

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2726) Puts Networks at Risk

CVE News

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2726) Puts Networks at Risk

A newly discovered critical vulnerability (CVE-2025-2726) affecting multiple H3C Magic series routers allows remote attackers to execute...

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2728) Puts Networks at Risk

CVE News

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2728) Puts Networks at Risk

A critical command injection vulnerability (CVE-2025-2728) affecting H3C Magic NX30 Pro and NX400 routers has been identified,...

Critical Command Injection Vulnerability in H3C Magic NX30 Pro Routers (CVE-2025-2727)

CVE News

Critical Command Injection Vulnerability in H3C Magic NX30 Pro Routers (CVE-2025-2727)

A critical security vulnerability (CVE-2025-2727) has been identified in H3C Magic NX30 Pro routers running firmware versions...

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2729): What Security Teams Need to Know

CVE News

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2729): What Security Teams Need to Know

A critical vulnerability (CVE-2025-2729) has been identified in multiple H3C Magic series routers, exposing them to remote...

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2732): What Security Teams Need to Know

CVE News

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2732): What Security Teams Need to Know

A critical security vulnerability affecting multiple H3C Magic series routers has been identified, allowing remote attackers to...

Active Exploitation of Critical Vulnerability in Palo Alto PAN-OS: CVE-2024-3400

CVE News
Exploitation

Active Exploitation of Critical Vulnerability in Palo Alto PAN-OS: CVE-2024-3400

The Dutch National Cyber Security Centre (NCSC) has recently observed active exploitation of a critical vulnerability in...

CVE-2024-9880 – Apache Pandas Command Injection Vulnerability

Exploitation

CVE-2024-9880 – Apache Pandas Command Injection Vulnerability

A high-severity vulnerability, CVE-2024-9880, has been identified in the Apache Pandas library, a cornerstone of data analysis...

Command Injection

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

Unauthenticated XSS Vulnerability in ABB Cylon Aspect 4.00.00

Critical IBM Hardware Management Console Vulnerability Allows Local Command Execution (CVE-2025-1950)

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29659): Technical Analysis and Mitigation

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29660): Analysis and Mitigation

SonicWall SMA VPN Exploitation: Active Attacks Since January 2025

Critical SQL Injection Vulnerability in SEMCMS (CVE-2025-25686): Analysis and Mitigation

Critical RCE Vulnerability in TOTOLINK A800R Routers (CVE-2025-28138)

Critical OS Command Injection Vulnerability in Dell Unity (CVE-2025-24383) Poses Severe Risk

Memory Forensics Exposes Ivanti VPN Zero-Day Exploits: A Critical Security Breakdown

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

Detecting and Mitigating CVE-2024-3400: Critical Zero-Day in Palo Alto GlobalProtect

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2726) Puts Networks at Risk

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2728) Puts Networks at Risk

Critical Command Injection Vulnerability in H3C Magic NX30 Pro Routers (CVE-2025-2727)

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2729): What Security Teams Need to Know

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2732): What Security Teams Need to Know

Active Exploitation of Critical Vulnerability in Palo Alto PAN-OS: CVE-2024-3400

CVE-2024-9880 – Apache Pandas Command Injection Vulnerability

You may have missed

CyberArk’s Identity Security Solution for AI Agents: Technical Analysis

Critical Authentication Bypass in Apache Student Study Center Desk Management System (CVE-2023-44752)

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

Critical SQL Injection Vulnerability in MuM MapEdit 24.2.3 (CVE-2025-43949)