Critical Vulnerabilities

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

CVE News

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

Multiple critical vulnerabilities in Versa Networks’ Concerto platform remain unpatched, exposing enterprise networks to authentication bypass and...

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

CVE News

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

A critical authentication bypass vulnerability (CVE-2025-47949) in the Node.js SAML library samlify allows attackers to forge admin-level...

Critical Privilege Escalation Vulnerability in WordPress Motors Theme (CVE-2025-4322)

CVE News

Critical Privilege Escalation Vulnerability in WordPress Motors Theme (CVE-2025-4322)

A critical privilege escalation vulnerability (CVE-2025-4322) has been identified in the premium WordPress Motors theme, allowing unauthenticated...

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

CVE News

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

Ivanti has issued an urgent patch advisory for two zero-day vulnerabilities (CVE-2025-4427 and CVE-2025-4428) affecting its Endpoint...

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

CVE News

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

Microsoft’s May 2025 Patch Tuesday has delivered critical security updates addressing 72 vulnerabilities, including five zero-days actively...

Windows 11 KB5058411 and KB5058405 Updates: Security Fixes and Known Issues

CVE News

Windows 11 KB5058411 and KB5058405 Updates: Security Fixes and Known Issues

Microsoft has released cumulative updates KB5058411 and KB5058405 for Windows 11 versions 24H2 and 23H2, addressing security...

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

CVE News

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

Fortinet has released urgent security updates to address a critical remote code execution (RCE) vulnerability actively exploited...

Ivanti Neurons for ITSM Critical Authentication Bypass: Patch Now to Mitigate Exploitable Flaws

CVE News

Ivanti Neurons for ITSM Critical Authentication Bypass: Patch Now to Mitigate Exploitable Flaws

Ivanti has issued urgent security updates for its Neurons for ITSM IT service management solution, addressing a...

Intel CPU Vulnerabilities: Analyzing the Latest Branch Privilege Injection Flaw

CVE News

Intel CPU Vulnerabilities: Analyzing the Latest Branch Privilege Injection Flaw

A newly discovered vulnerability in Intel CPUs, dubbed “Branch Privilege Injection,” allows attackers to extract sensitive data...

Critical Vulnerabilities Patched in Mozilla Firefox and Thunderbird: Technical Analysis and Mitigation

CVE News

Critical Vulnerabilities Patched in Mozilla Firefox and Thunderbird: Technical Analysis and Mitigation

Mozilla has addressed multiple high-severity vulnerabilities in Firefox and Thunderbird, specifically affecting versions below 138 and 128.10....

Microsoft Telnet Zero-Click Credential Theft Vulnerability: Technical Analysis and Mitigation

CVE News

Microsoft Telnet Zero-Click Credential Theft Vulnerability: Technical Analysis and Mitigation

A critical zero-click vulnerability in Microsoft’s Telnet Client (telnet.exe) has been identified, allowing attackers to steal Windows...

CISA Warns of Active Exploitation: Critical Langflow RCE Vulnerability (CVE-2025-3248)

CVE News

CISA Warns of Active Exploitation: Critical Langflow RCE Vulnerability (CVE-2025-3248)

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding an actively exploited remote...

Tenda AC1206 Buffer Overflow Vulnerability (CVE-2025-4298): Technical Analysis and Mitigation

CVE News

Tenda AC1206 Buffer Overflow Vulnerability (CVE-2025-4298): Technical Analysis and Mitigation

A critical buffer overflow vulnerability (CVE-2025-4298) has been identified in Tenda AC1206 routers, affecting firmware versions up...

Tenda AC9 Command Injection Vulnerability (CVE-2025-45042): Critical Remote Code Execution Risk

CVE News

Tenda AC9 Command Injection Vulnerability (CVE-2025-45042): Critical Remote Code Execution Risk

A critical command injection vulnerability (CVE-2025-45042) has been identified in Tenda AC9 routers running firmware version 15.03.05.14,...

Critical Commvault Path Traversal Vulnerability (CVE-2025-34028) Added to CISA KEV Catalog

CVE News

Critical Commvault Path Traversal Vulnerability (CVE-2025-34028) Added to CISA KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has escalated the urgency around a critical vulnerability in...

Critical OpenCTI Container Escalation Vulnerability (CVE-2025-24977) Exposes Infrastructure to Attacks

CVE News

Critical OpenCTI Container Escalation Vulnerability (CVE-2025-24977) Exposes Infrastructure to Attacks

A critical vulnerability in OpenCTI, tracked as CVE-2025-24977, allows authenticated users to execute arbitrary commands on the...

Critical AirPlay Vulnerabilities (AirBorne) Enable Wormable Zero-Click RCE on Apple Devices

CVE News

Critical AirPlay Vulnerabilities (AirBorne) Enable Wormable Zero-Click RCE on Apple Devices

Apple’s AirPlay protocol, a proprietary wireless technology used for streaming audio and video across devices, was found...

SonicWall Vulnerabilities Confirmed as Actively Exploited by CISA

CVE News

SonicWall Vulnerabilities Confirmed as Actively Exploited by CISA

The US Cybersecurity and Infrastructure Security Agency (CISA) has officially added two critical vulnerabilities affecting SonicWall Secure...

April 2025 Cybersecurity Landscape: Ransomware Surge and Critical Vulnerabilities

Threat Intelligence

April 2025 Cybersecurity Landscape: Ransomware Surge and Critical Vulnerabilities

April 2025 marked one of the most intense periods for cybersecurity professionals worldwide, with unprecedented levels of...

CISA Adds SAP NetWeaver Vulnerability to Known Exploited Catalog: Analysis and Mitigation

CVE News

CISA Adds SAP NetWeaver Vulnerability to Known Exploited Catalog: Analysis and Mitigation

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with CVE-2025-31324,...

Posts pagination

Previous 1 2 3 4 5 … 9 Next

Critical Vulnerabilities

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

Critical Privilege Escalation Vulnerability in WordPress Motors Theme (CVE-2025-4322)

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

Windows 11 KB5058411 and KB5058405 Updates: Security Fixes and Known Issues

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

Ivanti Neurons for ITSM Critical Authentication Bypass: Patch Now to Mitigate Exploitable Flaws

Intel CPU Vulnerabilities: Analyzing the Latest Branch Privilege Injection Flaw

Critical Vulnerabilities Patched in Mozilla Firefox and Thunderbird: Technical Analysis and Mitigation

Microsoft Telnet Zero-Click Credential Theft Vulnerability: Technical Analysis and Mitigation

CISA Warns of Active Exploitation: Critical Langflow RCE Vulnerability (CVE-2025-3248)

Tenda AC1206 Buffer Overflow Vulnerability (CVE-2025-4298): Technical Analysis and Mitigation

Tenda AC9 Command Injection Vulnerability (CVE-2025-45042): Critical Remote Code Execution Risk

Critical Commvault Path Traversal Vulnerability (CVE-2025-34028) Added to CISA KEV Catalog

Critical OpenCTI Container Escalation Vulnerability (CVE-2025-24977) Exposes Infrastructure to Attacks

Critical AirPlay Vulnerabilities (AirBorne) Enable Wormable Zero-Click RCE on Apple Devices

SonicWall Vulnerabilities Confirmed as Actively Exploited by CISA

April 2025 Cybersecurity Landscape: Ransomware Surge and Critical Vulnerabilities

CISA Adds SAP NetWeaver Vulnerability to Known Exploited Catalog: Analysis and Mitigation

You may have missed

Russia’s Throttling of Cloudflare: Technical Impact and Security Implications

Livestreamed Child Exploitation: Technical and Legal Implications of a Disturbing Case

UNFI Cyberattack: Supply Chain Disruption and Recovery Analysis

Hawaiian Airlines Cyberattack: IT Systems Compromised, Flight Operations Unaffected