A critical command injection vulnerability (CVE-2025-45042) has been identified in Tenda AC9 routers running firmware version 15.03.05.14,...
Critical Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has escalated the urgency around a critical vulnerability in...
A critical vulnerability in OpenCTI, tracked as CVE-2025-24977, allows authenticated users to execute arbitrary commands on the...
Apple’s AirPlay protocol, a proprietary wireless technology used for streaming audio and video across devices, was found...
The US Cybersecurity and Infrastructure Security Agency (CISA) has officially added two critical vulnerabilities affecting SonicWall Secure...
April 2025 marked one of the most intense periods for cybersecurity professionals worldwide, with unprecedented levels of...
The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with CVE-2025-31324,...
A set of critical vulnerabilities in Apple’s AirPlay Protocol and AirPlay SDK, collectively dubbed “AirBorne,” exposes devices...
Delta Electronics’ ISPSoft programming software, widely used in industrial automation systems, contains multiple critical vulnerabilities that could...
A critical SQL injection vulnerability (CVE-2025-4039) has been identified in PHPGurukul’s Rail Pass Management System version 1.0,...
A critical vulnerability in YesWiki, tracked as CVE-2025-46348, allows unauthenticated attackers to create and download site backups...
A critical SQL injection vulnerability (CVE-2017-18362) in ConnectWise’s ManagedITSync integration exposed Kaseya VSA servers to unauthenticated remote...
A newly disclosed vulnerability in Apache Tomcat, tracked as CVE-2025-23181, allows unprivileged command execution with a CVSS...
A critical remote code execution (RCE) vulnerability has been identified in PhpGurukul’s Online Banquet Booking System (OBBS)...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three critical vulnerabilities to its Known Exploited...
Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload...
The SANS Internet Storm Center (ISC) Stormcast for April 29, 2025, highlights critical cybersecurity threats, including active...
A critical vulnerability (CVE-2025-34491) in GFI MailEssentials enables authenticated attackers to execute arbitrary code through .NET deserialization...
A critical vulnerability (CVE-2025-46661) has been identified in IPW Systems Metazo versions up to 8.1.3, allowing unauthenticated...
A critical stack-based buffer overflow vulnerability (CVE-2025-4007) has been identified in Tenda W12 and i24 routers, affecting...
