Critical Vulnerabilities

CISA Flags Actively Exploited Vulnerabilities in Broadcom, Commvault, and Qualitia Products

CVE News

CISA Flags Actively Exploited Vulnerabilities in Broadcom, Commvault, and Qualitia Products

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three critical vulnerabilities to its Known Exploited...

Critical SAP NetWeaver Vulnerability (CVE-2025-31324): Exploitation and Mitigation

CVE News

Critical SAP NetWeaver Vulnerability (CVE-2025-31324): Exploitation and Mitigation

Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload...

ISC Stormcast: SAP NetWeaver Exploits and Steganographic Malware Trends

Threat Intelligence

ISC Stormcast: SAP NetWeaver Exploits and Steganographic Malware Trends

The SANS Internet Storm Center (ISC) Stormcast for April 29, 2025, highlights critical cybersecurity threats, including active...

GFI MailEssentials .NET Deserialization Vulnerability (CVE-2025-34491) Allows Remote Code Execution

CVE News

GFI MailEssentials .NET Deserialization Vulnerability (CVE-2025-34491) Allows Remote Code Execution

A critical vulnerability (CVE-2025-34491) in GFI MailEssentials enables authenticated attackers to execute arbitrary code through .NET deserialization...

Critical Server-Side Template Injection Vulnerability in IPW Systems Metazo (CVE-2025-46661)

CVE News

Critical Server-Side Template Injection Vulnerability in IPW Systems Metazo (CVE-2025-46661)

A critical vulnerability (CVE-2025-46661) has been identified in IPW Systems Metazo versions up to 8.1.3, allowing unauthenticated...

Tenda W12 and i24 HTTPd Stack-Based Buffer Overflow Vulnerability (CVE-2025-4007): Technical Analysis and Mitigation

CVE News

Tenda W12 and i24 HTTPd Stack-Based Buffer Overflow Vulnerability (CVE-2025-4007): Technical Analysis and Mitigation

A critical stack-based buffer overflow vulnerability (CVE-2025-4007) has been identified in Tenda W12 and i24 routers, affecting...

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

CVE News

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

A critical vulnerability (CVE-2015-2079) in Usermin, a web-based administration tool, allows authenticated attackers to execute arbitrary code...

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

CVE News

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with three...

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

CVE News

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

A newly disclosed vulnerability in Apple’s iOS operating system (CVE-2025-24091) allows malicious applications to trigger an irreversible...

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

CVE News

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

Security researchers at Shelltrail have identified three critical vulnerabilities in the IXON VPN client that could allow...

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

CVE News

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

A critical path traversal vulnerability (CVE-2025-26692) affecting SIOS Technology’s Quick Agent (V2 and V3) has been disclosed,...

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

CVE News

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

A critical buffer overflow vulnerability (CVE-2025-3991) has been identified in TOTOLINK N150RT routers running firmware version 3.4.0-B20190525....

Analysis of Actively Exploited Chrome UAF Vulnerabilities and Mitigation Strategies

CVE News

Analysis of Actively Exploited Chrome UAF Vulnerabilities and Mitigation Strategies

Google Chrome recently faced two critical use-after-free (UAF) vulnerabilities that were actively exploited in the wild before...

Sophisticated WooCommerce Phishing Campaign Exploits Fake Security Alerts

Blue-Team

Sophisticated WooCommerce Phishing Campaign Exploits Fake Security Alerts

A widespread phishing campaign targeting WooCommerce store owners has been identified, leveraging fabricated security vulnerability alerts to...

ISC Stormcast: SMS Gateway Scans, Commvault Exploit, and Emerging Threats (April 25, 2025)

Threat Intelligence

ISC Stormcast: SMS Gateway Scans, Commvault Exploit, and Emerging Threats (April 25, 2025)

The SANS Internet Storm Center (ISC) Stormcast for April 25, 2025, highlights critical cybersecurity developments, including SMS...

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

CVE News

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

A critical vulnerability (CVE-2025-46616) has been identified in Quantum StorNext Web GUI API versions prior to 7.2.4,...

Critical SQL Injection Vulnerability in Frontend Dashboard (CVE-2025-46248)

CVE News

Critical SQL Injection Vulnerability in Frontend Dashboard (CVE-2025-46248)

A critical SQL injection vulnerability (CVE-2025-46248) has been identified in M A Vinoth Kumar’s Frontend Dashboard, affecting...

ALBEDO Telecom Net.Time PTP/NTP Clock Vulnerability: Session Expiration Flaw Exposes Credentials

CVE News

ALBEDO Telecom Net.Time PTP/NTP Clock Vulnerability: Session Expiration Flaw Exposes Credentials

A critical vulnerability (CVE-2025-2185) in ALBEDO Telecom’s Net.Time PTP/NTP clock devices could allow attackers to intercept unencrypted...

Critical Zyxel USG FLEX-H Firewall Vulnerabilities Expose Networks to Pre-Auth RCE

CVE News

Critical Zyxel USG FLEX-H Firewall Vulnerabilities Expose Networks to Pre-Auth RCE

Security researcher Alessandro Sgreccia (aka “rainpwn”) has disclosed critical vulnerabilities in Zyxel’s USG FLEX-H firewall series, enabling...

SonicWall SSLVPN Vulnerability (CVE-2025-32818): Remote Firewall Crash Exploit

CVE News

SonicWall SSLVPN Vulnerability (CVE-2025-32818): Remote Firewall Crash Exploit

SonicWall has issued an urgent advisory (SNWLID-2025-0009) regarding a high-severity vulnerability in its SSLVPN Virtual Office interface....

Posts pagination

Previous 1 2 3 4 5 6 7 … 10 Next

Critical Vulnerabilities

CISA Flags Actively Exploited Vulnerabilities in Broadcom, Commvault, and Qualitia Products

Critical SAP NetWeaver Vulnerability (CVE-2025-31324): Exploitation and Mitigation

ISC Stormcast: SAP NetWeaver Exploits and Steganographic Malware Trends

GFI MailEssentials .NET Deserialization Vulnerability (CVE-2025-34491) Allows Remote Code Execution

Critical Server-Side Template Injection Vulnerability in IPW Systems Metazo (CVE-2025-46661)

Tenda W12 and i24 HTTPd Stack-Based Buffer Overflow Vulnerability (CVE-2025-4007): Technical Analysis and Mitigation

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

Analysis of Actively Exploited Chrome UAF Vulnerabilities and Mitigation Strategies

Sophisticated WooCommerce Phishing Campaign Exploits Fake Security Alerts

ISC Stormcast: SMS Gateway Scans, Commvault Exploit, and Emerging Threats (April 25, 2025)

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

Critical SQL Injection Vulnerability in Frontend Dashboard (CVE-2025-46248)

ALBEDO Telecom Net.Time PTP/NTP Clock Vulnerability: Session Expiration Flaw Exposes Credentials

Critical Zyxel USG FLEX-H Firewall Vulnerabilities Expose Networks to Pre-Auth RCE

SonicWall SSLVPN Vulnerability (CVE-2025-32818): Remote Firewall Crash Exploit

You may have missed

U.S. Sanctions Grinex Crypto-Exchange as Garantex Successor in Crackdown on Ransomware Money Laundering

Meta’s Erroneous Instagram Account Bans: Technical Implications for Security Teams

Supreme Court’s Decision on Mississippi Social Media Age Verification Law: Technical and Legal Implications

Microsoft Resolves Critical Windows Server Cluster and VM Stability Issues