Critical Vulnerability

Critical Commvault Path Traversal Vulnerability (CVE-2025-34028) Added to CISA KEV Catalog

CVE News

Critical Commvault Path Traversal Vulnerability (CVE-2025-34028) Added to CISA KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has escalated the urgency around a critical vulnerability in...

Critical OpenCTI Container Escalation Vulnerability (CVE-2025-24977) Exposes Infrastructure to Attacks

CVE News

Critical OpenCTI Container Escalation Vulnerability (CVE-2025-24977) Exposes Infrastructure to Attacks

A critical vulnerability in OpenCTI, tracked as CVE-2025-24977, allows authenticated users to execute arbitrary commands on the...

April 2025 Cybersecurity Landscape: Ransomware Surge and Critical Vulnerabilities

Threat Intelligence

April 2025 Cybersecurity Landscape: Ransomware Surge and Critical Vulnerabilities

April 2025 marked one of the most intense periods for cybersecurity professionals worldwide, with unprecedented levels of...

SK Telecom’s SIM Replacement Crisis: Technical and Operational Breakdown

Data Breach

SK Telecom’s SIM Replacement Crisis: Technical and Operational Breakdown

South Korea’s largest mobile carrier, SK Telecom (SKT), is scrambling to contain the fallout from a massive...

Critical SQL Injection Vulnerability in PHPGurukul Rail Pass Management System (CVE-2025-4039)

CVE News

Critical SQL Injection Vulnerability in PHPGurukul Rail Pass Management System (CVE-2025-4039)

A critical SQL injection vulnerability (CVE-2025-4039) has been identified in PHPGurukul’s Rail Pass Management System version 1.0,...

Critical YesWiki Vulnerability (CVE-2025-46348) Allows Unauthenticated Backup Exfiltration

CVE News

Critical YesWiki Vulnerability (CVE-2025-46348) Allows Unauthenticated Backup Exfiltration

A critical vulnerability in YesWiki, tracked as CVE-2025-46348, allows unauthenticated attackers to create and download site backups...

CVE-2017-18362: Critical SQL Injection in ConnectWise ManagedITSync Integration

CVE News

CVE-2017-18362: Critical SQL Injection in ConnectWise ManagedITSync Integration

A critical SQL injection vulnerability (CVE-2017-18362) in ConnectWise’s ManagedITSync integration exposed Kaseya VSA servers to unauthenticated remote...

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

CVE News

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

A newly disclosed vulnerability in Apache Tomcat, tracked as CVE-2025-23181, allows unprivileged command execution with a CVSS...

CVE-2025-45947: Critical RCE Vulnerability in PhpGurukul Online Banquet Booking System

CVE News

CVE-2025-45947: Critical RCE Vulnerability in PhpGurukul Online Banquet Booking System

A critical remote code execution (RCE) vulnerability has been identified in PhpGurukul’s Online Banquet Booking System (OBBS)...

CISA Flags Actively Exploited Vulnerabilities in Broadcom, Commvault, and Qualitia Products

CVE News

CISA Flags Actively Exploited Vulnerabilities in Broadcom, Commvault, and Qualitia Products

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three critical vulnerabilities to its Known Exploited...

Critical SAP NetWeaver Vulnerability (CVE-2025-31324): Exploitation and Mitigation

CVE News

Critical SAP NetWeaver Vulnerability (CVE-2025-31324): Exploitation and Mitigation

Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload...

Critical Server-Side Template Injection Vulnerability in IPW Systems Metazo (CVE-2025-46661)

CVE News

Critical Server-Side Template Injection Vulnerability in IPW Systems Metazo (CVE-2025-46661)

A critical vulnerability (CVE-2025-46661) has been identified in IPW Systems Metazo versions up to 8.1.3, allowing unauthenticated...

Tenda W12 and i24 HTTPd Stack-Based Buffer Overflow Vulnerability (CVE-2025-4007): Technical Analysis and Mitigation

CVE News

Tenda W12 and i24 HTTPd Stack-Based Buffer Overflow Vulnerability (CVE-2025-4007): Technical Analysis and Mitigation

A critical stack-based buffer overflow vulnerability (CVE-2025-4007) has been identified in Tenda W12 and i24 routers, affecting...

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

CVE News

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

A critical vulnerability (CVE-2015-2079) in Usermin, a web-based administration tool, allows authenticated attackers to execute arbitrary code...

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

CVE News

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

A newly disclosed vulnerability in Apple’s iOS operating system (CVE-2025-24091) allows malicious applications to trigger an irreversible...

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

CVE News

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

A critical buffer overflow vulnerability (CVE-2025-3991) has been identified in TOTOLINK N150RT routers running firmware version 3.4.0-B20190525....

Analysis of Actively Exploited Chrome UAF Vulnerabilities and Mitigation Strategies

CVE News

Analysis of Actively Exploited Chrome UAF Vulnerabilities and Mitigation Strategies

Google Chrome recently faced two critical use-after-free (UAF) vulnerabilities that were actively exploited in the wild before...

Tenable Vulnerability Watch: A New Approach to Prioritizing and Reducing Remediation Times

Threat Intelligence

Tenable Vulnerability Watch: A New Approach to Prioritizing and Reducing Remediation Times

Organizations continue to face significant challenges in reducing vulnerability remediation times, with many struggling to prioritize exposures...

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

CVE News

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

A critical vulnerability (CVE-2025-46616) has been identified in Quantum StorNext Web GUI API versions prior to 7.2.4,...

Critical SQL Injection Vulnerability in Frontend Dashboard (CVE-2025-46248)

CVE News

Critical SQL Injection Vulnerability in Frontend Dashboard (CVE-2025-46248)

A critical SQL injection vulnerability (CVE-2025-46248) has been identified in M A Vinoth Kumar’s Frontend Dashboard, affecting...

Posts pagination

Previous 1 2 3 4 5 6 Next

Critical Vulnerability

Critical Commvault Path Traversal Vulnerability (CVE-2025-34028) Added to CISA KEV Catalog

Critical OpenCTI Container Escalation Vulnerability (CVE-2025-24977) Exposes Infrastructure to Attacks

April 2025 Cybersecurity Landscape: Ransomware Surge and Critical Vulnerabilities

SK Telecom’s SIM Replacement Crisis: Technical and Operational Breakdown

Critical SQL Injection Vulnerability in PHPGurukul Rail Pass Management System (CVE-2025-4039)

Critical YesWiki Vulnerability (CVE-2025-46348) Allows Unauthenticated Backup Exfiltration

CVE-2017-18362: Critical SQL Injection in ConnectWise ManagedITSync Integration

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

CVE-2025-45947: Critical RCE Vulnerability in PhpGurukul Online Banquet Booking System

CISA Flags Actively Exploited Vulnerabilities in Broadcom, Commvault, and Qualitia Products

Critical SAP NetWeaver Vulnerability (CVE-2025-31324): Exploitation and Mitigation

Critical Server-Side Template Injection Vulnerability in IPW Systems Metazo (CVE-2025-46661)

Tenda W12 and i24 HTTPd Stack-Based Buffer Overflow Vulnerability (CVE-2025-4007): Technical Analysis and Mitigation

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

Analysis of Actively Exploited Chrome UAF Vulnerabilities and Mitigation Strategies

Tenable Vulnerability Watch: A New Approach to Prioritizing and Reducing Remediation Times

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

Critical SQL Injection Vulnerability in Frontend Dashboard (CVE-2025-46248)

You may have missed

Russia’s Throttling of Cloudflare: Technical Impact and Security Implications

Livestreamed Child Exploitation: Technical and Legal Implications of a Disturbing Case

UNFI Cyberattack: Supply Chain Disruption and Recovery Analysis

Hawaiian Airlines Cyberattack: IT Systems Compromised, Flight Operations Unaffected