Critical Vulnerabilities

Analysis of Google Cloud Composer Privilege Escalation Vulnerability (ConfusedComposer)

CVE News

Analysis of Google Cloud Composer Privilege Escalation Vulnerability (ConfusedComposer)

A recently patched high-severity vulnerability in Google Cloud Platform’s Cloud Composer service, dubbed ConfusedComposer, could have allowed...

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

CVE News

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

A critical zero-day remote code execution (RCE) vulnerability in Active! Mail, a widely used Japanese webmail client,...

Siemens TeleControl Server Basic SQL Injection Vulnerabilities: Critical Risks and Mitigations

CVE News

Siemens TeleControl Server Basic SQL Injection Vulnerabilities: Critical Risks and Mitigations

Siemens TeleControl Server Basic (TCSB) has been identified with multiple critical SQL injection vulnerabilities affecting versions prior...

Critical Vulnerabilities in ABB MV Drives: Technical Analysis and Mitigation Strategies

CVE News

Critical Vulnerabilities in ABB MV Drives: Technical Analysis and Mitigation Strategies

ABB’s medium voltage (MV) drives, widely used in industrial automation and critical infrastructure, have been found to...

Critical RCE Vulnerability in Commvault Command Center (CVE-2025-34028)

CVE News

Critical RCE Vulnerability in Commvault Command Center (CVE-2025-34028)

A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-34028, has been disclosed in Commvault Command Center...

CVE-2025-2594: Critical Authentication Bypass in WordPress User Registration & Membership Plugin

CVE News

CVE-2025-2594: Critical Authentication Bypass in WordPress User Registration & Membership Plugin

A high-severity vulnerability (CVE-2025-2594) has been identified in the WordPress User Registration & Membership plugin, allowing unauthenticated...

Critical IBM Hardware Management Console Vulnerability Allows Local Command Execution (CVE-2025-1950)

CVE News

Critical IBM Hardware Management Console Vulnerability Allows Local Command Execution (CVE-2025-1950)

A newly disclosed critical vulnerability in IBM’s Hardware Management Console (HMC) for Power Systems could allow local...

CISA Issues Five Critical ICS Advisories Covering Siemens, Schneider Electric, and ABB Systems

CVE News

CISA Issues Five Critical ICS Advisories Covering Siemens, Schneider Electric, and ABB Systems

The Cybersecurity and Infrastructure Security Agency (CISA) published five Industrial Control Systems (ICS) advisories on April 22,...

Critical Symantec pcAnywhere Remote Code Execution Vulnerability (CVE-2011-3478)

CVE News

Critical Symantec pcAnywhere Remote Code Execution Vulnerability (CVE-2011-3478)

A critical buffer overflow vulnerability in Symantec pcAnywhere, identified as CVE-2011-3478, allows unauthenticated attackers to execute arbitrary...

Critical Buffer Overflow Vulnerability in H3C GR-3000AX Routers (CVE-2025-3854)

CVE News

Critical Buffer Overflow Vulnerability in H3C GR-3000AX Routers (CVE-2025-3854)

A critical buffer overflow vulnerability (CVE-2025-3854) has been identified in H3C GR-3000AX routers running firmware versions up...

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29659): Technical Analysis and Mitigation

CVE News

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29659): Technical Analysis and Mitigation

A critical remote code execution (RCE) vulnerability, designated as CVE-2025-29659, has been identified in the Yi IoT...

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29660): Analysis and Mitigation

CVE News

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29660): Analysis and Mitigation

A critical remote code execution (RCE) vulnerability (CVE-2025-29660) has been identified in the Yi IoT XY-3820 firmware...

Soffid Console Java Deserialization Vulnerability (CVE-2025-32408): Technical Analysis and Mitigation

CVE News

Soffid Console Java Deserialization Vulnerability (CVE-2025-32408): Technical Analysis and Mitigation

A newly disclosed vulnerability in Soffid Console (CVE-2025-32408) exposes systems to remote code execution through insecure Java...

Critical SQL Injection Vulnerability in Dietiqa App (CVE-2025-28009): Technical Analysis and Mitigation

CVE News

Critical SQL Injection Vulnerability in Dietiqa App (CVE-2025-28009): Technical Analysis and Mitigation

A critical SQL injection vulnerability (CVE-2025-28009) has been identified in Dietiqa App version 1.0.20, posing significant risks...

CVE-2025-42599: Critical Stack-Based Buffer Overflow in Active! Mail Threatens Remote Code Execution

CVE News

CVE-2025-42599: Critical Stack-Based Buffer Overflow in Active! Mail Threatens Remote Code Execution

A critical vulnerability (CVE-2025-42599) has been identified in Active! Mail 6, exposing systems to remote code execution...

Critical SQL Injection Vulnerability in Pantherius Modal Survey Plugin (CVE-2025-39471)

CVE News

Critical SQL Injection Vulnerability in Pantherius Modal Survey Plugin (CVE-2025-39471)

A critical SQL injection vulnerability (CVE-2025-39471) has been identified in the Pantherius Modal Survey plugin for WordPress,...

Tenda AC15 Router Vulnerability (CVE-2025-3786): Remote Buffer Overflow Exploit Analysis

CVE News

Tenda AC15 Router Vulnerability (CVE-2025-3786): Remote Buffer Overflow Exploit Analysis

A critical buffer overflow vulnerability (CVE-2025-3786) has been identified in Tenda AC15 routers, affecting firmware versions up...

Critical Authentication Bypass in Seclore v3.27.5.0 (CVE-2024-53591)

CVE News

Critical Authentication Bypass in Seclore v3.27.5.0 (CVE-2024-53591)

A critical vulnerability (CVE-2024-53591) has been identified in Seclore v3.27.5.0 that allows attackers to bypass authentication through...

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

CVE News

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

A critical vulnerability (CVE-2025-1093) has been identified in the AIHub WordPress theme, allowing unauthenticated attackers to upload...

GoBGP Zero-Value Software Version Len Panic Vulnerability (CVE-2025-43971): Analysis and Mitigation

CVE News

GoBGP Zero-Value Software Version Len Panic Vulnerability (CVE-2025-43971): Analysis and Mitigation

A critical vulnerability (CVE-2025-43971) affecting GoBGP versions prior to 3.35.0 was disclosed on April 21, 2025. The...

Posts pagination

Previous 1 2 3 4 5 6 7 8 9 Next

Critical Vulnerabilities

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

Siemens TeleControl Server Basic SQL Injection Vulnerabilities: Critical Risks and Mitigations

Critical Vulnerabilities in ABB MV Drives: Technical Analysis and Mitigation Strategies

Critical RCE Vulnerability in Commvault Command Center (CVE-2025-34028)

CVE-2025-2594: Critical Authentication Bypass in WordPress User Registration & Membership Plugin

Critical IBM Hardware Management Console Vulnerability Allows Local Command Execution (CVE-2025-1950)

CISA Issues Five Critical ICS Advisories Covering Siemens, Schneider Electric, and ABB Systems

Critical Symantec pcAnywhere Remote Code Execution Vulnerability (CVE-2011-3478)

Critical Buffer Overflow Vulnerability in H3C GR-3000AX Routers (CVE-2025-3854)

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29659): Technical Analysis and Mitigation

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29660): Analysis and Mitigation

Soffid Console Java Deserialization Vulnerability (CVE-2025-32408): Technical Analysis and Mitigation

Critical SQL Injection Vulnerability in Dietiqa App (CVE-2025-28009): Technical Analysis and Mitigation

CVE-2025-42599: Critical Stack-Based Buffer Overflow in Active! Mail Threatens Remote Code Execution

Critical SQL Injection Vulnerability in Pantherius Modal Survey Plugin (CVE-2025-39471)

Tenda AC15 Router Vulnerability (CVE-2025-3786): Remote Buffer Overflow Exploit Analysis

Critical Authentication Bypass in Seclore v3.27.5.0 (CVE-2024-53591)

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

GoBGP Zero-Value Software Version Len Panic Vulnerability (CVE-2025-43971): Analysis and Mitigation

You may have missed

Russia’s Throttling of Cloudflare: Technical Impact and Security Implications

Livestreamed Child Exploitation: Technical and Legal Implications of a Disturbing Case

UNFI Cyberattack: Supply Chain Disruption and Recovery Analysis

Hawaiian Airlines Cyberattack: IT Systems Compromised, Flight Operations Unaffected