Critical Vulnerabilities

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

CVE News

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

A critical vulnerability (CVE-2015-2079) in Usermin, a web-based administration tool, allows authenticated attackers to execute arbitrary code...

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

CVE News

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with three...

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

CVE News

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

A newly disclosed vulnerability in Apple’s iOS operating system (CVE-2025-24091) allows malicious applications to trigger an irreversible...

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

CVE News

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

Security researchers at Shelltrail have identified three critical vulnerabilities in the IXON VPN client that could allow...

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

CVE News

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

A critical path traversal vulnerability (CVE-2025-26692) affecting SIOS Technology’s Quick Agent (V2 and V3) has been disclosed,...

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

CVE News

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

A critical buffer overflow vulnerability (CVE-2025-3991) has been identified in TOTOLINK N150RT routers running firmware version 3.4.0-B20190525....

Analysis of Actively Exploited Chrome UAF Vulnerabilities and Mitigation Strategies

CVE News

Analysis of Actively Exploited Chrome UAF Vulnerabilities and Mitigation Strategies

Google Chrome recently faced two critical use-after-free (UAF) vulnerabilities that were actively exploited in the wild before...

Sophisticated WooCommerce Phishing Campaign Exploits Fake Security Alerts

Blue-Team

Sophisticated WooCommerce Phishing Campaign Exploits Fake Security Alerts

A widespread phishing campaign targeting WooCommerce store owners has been identified, leveraging fabricated security vulnerability alerts to...

ISC Stormcast: SMS Gateway Scans, Commvault Exploit, and Emerging Threats (April 25, 2025)

Threat Intelligence

ISC Stormcast: SMS Gateway Scans, Commvault Exploit, and Emerging Threats (April 25, 2025)

The SANS Internet Storm Center (ISC) Stormcast for April 25, 2025, highlights critical cybersecurity developments, including SMS...

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

CVE News

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

A critical vulnerability (CVE-2025-46616) has been identified in Quantum StorNext Web GUI API versions prior to 7.2.4,...

Critical SQL Injection Vulnerability in Frontend Dashboard (CVE-2025-46248)

CVE News

Critical SQL Injection Vulnerability in Frontend Dashboard (CVE-2025-46248)

A critical SQL injection vulnerability (CVE-2025-46248) has been identified in M A Vinoth Kumar’s Frontend Dashboard, affecting...

ALBEDO Telecom Net.Time PTP/NTP Clock Vulnerability: Session Expiration Flaw Exposes Credentials

CVE News

ALBEDO Telecom Net.Time PTP/NTP Clock Vulnerability: Session Expiration Flaw Exposes Credentials

A critical vulnerability (CVE-2025-2185) in ALBEDO Telecom’s Net.Time PTP/NTP clock devices could allow attackers to intercept unencrypted...

Critical Zyxel USG FLEX-H Firewall Vulnerabilities Expose Networks to Pre-Auth RCE

CVE News

Critical Zyxel USG FLEX-H Firewall Vulnerabilities Expose Networks to Pre-Auth RCE

Security researcher Alessandro Sgreccia (aka “rainpwn”) has disclosed critical vulnerabilities in Zyxel’s USG FLEX-H firewall series, enabling...

SonicWall SSLVPN Vulnerability (CVE-2025-32818): Remote Firewall Crash Exploit

CVE News

SonicWall SSLVPN Vulnerability (CVE-2025-32818): Remote Firewall Crash Exploit

SonicWall has issued an urgent advisory (SNWLID-2025-0009) regarding a high-severity vulnerability in its SSLVPN Virtual Office interface....

Critical Commvault RCE Vulnerability (CVE-2025-34028) Exploited in the Wild

CVE News

Critical Commvault RCE Vulnerability (CVE-2025-34028) Exploited in the Wild

Organizations using Commvault’s backup and recovery software are under immediate threat due to an actively exploited pre-authenticated...

Critical Authentication Bypass in Apache Student Study Center Desk Management System (CVE-2023-44752)

CVE News

Critical Authentication Bypass in Apache Student Study Center Desk Management System (CVE-2023-44752)

A critical authentication bypass vulnerability (CVE-2023-44752) has been identified in the Apache Student Study Center Desk Management...

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

CVE News

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

A critical vulnerability (CVE-2025-2764) in CarlinKit CPC200-CCPA devices allows network-adjacent attackers to bypass cryptographic signature checks and...

Critical SQL Injection Vulnerability in MuM MapEdit 24.2.3 (CVE-2025-43949)

CVE News

Critical SQL Injection Vulnerability in MuM MapEdit 24.2.3 (CVE-2025-43949)

A critical SQL injection vulnerability (CVE-2025-43949) has been identified in MuM MapEdit version 24.2.3, posing significant risk...

Sonos Era 300 Vulnerability (CVE-2025-1049): Heap-Based Buffer Overflow Enables Remote Code Execution

CVE News

Sonos Era 300 Vulnerability (CVE-2025-1049): Heap-Based Buffer Overflow Enables Remote Code Execution

A critical vulnerability (CVE-2025-1049) affecting Sonos Era 300 speakers has been disclosed, allowing network-adjacent attackers to execute...

Resurgent Vulnerabilities Pose Unique Risks to Edge Devices and Critical Infrastructure

Threat Intelligence

Resurgent Vulnerabilities Pose Unique Risks to Edge Devices and Critical Infrastructure

Attackers are increasingly exploiting older, resurgent vulnerabilities—flaws that were patched years ago but remain unaddressed in many...

Posts pagination

Previous 1 2 3 4 5 6 7 8 … 11 Next

Critical Vulnerabilities

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

Analysis of Actively Exploited Chrome UAF Vulnerabilities and Mitigation Strategies

Sophisticated WooCommerce Phishing Campaign Exploits Fake Security Alerts

ISC Stormcast: SMS Gateway Scans, Commvault Exploit, and Emerging Threats (April 25, 2025)

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

Critical SQL Injection Vulnerability in Frontend Dashboard (CVE-2025-46248)

ALBEDO Telecom Net.Time PTP/NTP Clock Vulnerability: Session Expiration Flaw Exposes Credentials

Critical Zyxel USG FLEX-H Firewall Vulnerabilities Expose Networks to Pre-Auth RCE

SonicWall SSLVPN Vulnerability (CVE-2025-32818): Remote Firewall Crash Exploit

Critical Commvault RCE Vulnerability (CVE-2025-34028) Exploited in the Wild

Critical Authentication Bypass in Apache Student Study Center Desk Management System (CVE-2023-44752)

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

Critical SQL Injection Vulnerability in MuM MapEdit 24.2.3 (CVE-2025-43949)

Sonos Era 300 Vulnerability (CVE-2025-1049): Heap-Based Buffer Overflow Enables Remote Code Execution

Resurgent Vulnerabilities Pose Unique Risks to Edge Devices and Critical Infrastructure

You may have missed

Adobe Analytics Data Leak: Architectural Failure Exposes Cross-Tenant Data

Snapchat’s Shift to Paid Storage: A Technical Analysis of Cloud Service Monetization

Google’s Developer Registration Policy Threatens F-Droid’s Existence

Google Drive for Desktop Deploys AI-Powered Ransomware Detection and Recovery