CVSS

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

CVE News

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

A critical vulnerability (CVE-2025-46616) has been identified in Quantum StorNext Web GUI API versions prior to 7.2.4,...

Critical SQL Injection Vulnerability in Frontend Dashboard (CVE-2025-46248)

CVE News

Critical SQL Injection Vulnerability in Frontend Dashboard (CVE-2025-46248)

A critical SQL injection vulnerability (CVE-2025-46248) has been identified in M A Vinoth Kumar’s Frontend Dashboard, affecting...

ALBEDO Telecom Net.Time PTP/NTP Clock Vulnerability: Session Expiration Flaw Exposes Credentials

CVE News

ALBEDO Telecom Net.Time PTP/NTP Clock Vulnerability: Session Expiration Flaw Exposes Credentials

A critical vulnerability (CVE-2025-2185) in ALBEDO Telecom’s Net.Time PTP/NTP clock devices could allow attackers to intercept unencrypted...

Critical Zyxel USG FLEX-H Firewall Vulnerabilities Expose Networks to Pre-Auth RCE

CVE News

Critical Zyxel USG FLEX-H Firewall Vulnerabilities Expose Networks to Pre-Auth RCE

Security researcher Alessandro Sgreccia (aka “rainpwn”) has disclosed critical vulnerabilities in Zyxel’s USG FLEX-H firewall series, enabling...

SonicWall SSLVPN Vulnerability (CVE-2025-32818): Remote Firewall Crash Exploit

CVE News

SonicWall SSLVPN Vulnerability (CVE-2025-32818): Remote Firewall Crash Exploit

SonicWall has issued an urgent advisory (SNWLID-2025-0009) regarding a high-severity vulnerability in its SSLVPN Virtual Office interface....

Critical Commvault RCE Vulnerability (CVE-2025-34028) Exploited in the Wild

CVE News

Critical Commvault RCE Vulnerability (CVE-2025-34028) Exploited in the Wild

Organizations using Commvault’s backup and recovery software are under immediate threat due to an actively exploited pre-authenticated...

Critical Authentication Bypass in Apache Student Study Center Desk Management System (CVE-2023-44752)

CVE News

Critical Authentication Bypass in Apache Student Study Center Desk Management System (CVE-2023-44752)

A critical authentication bypass vulnerability (CVE-2023-44752) has been identified in the Apache Student Study Center Desk Management...

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

CVE News

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

A critical vulnerability (CVE-2025-2764) in CarlinKit CPC200-CCPA devices allows network-adjacent attackers to bypass cryptographic signature checks and...

Critical SQL Injection Vulnerability in MuM MapEdit 24.2.3 (CVE-2025-43949)

CVE News

Critical SQL Injection Vulnerability in MuM MapEdit 24.2.3 (CVE-2025-43949)

A critical SQL injection vulnerability (CVE-2025-43949) has been identified in MuM MapEdit version 24.2.3, posing significant risk...

Sonos Era 300 Vulnerability (CVE-2025-1049): Heap-Based Buffer Overflow Enables Remote Code Execution

CVE News

Sonos Era 300 Vulnerability (CVE-2025-1049): Heap-Based Buffer Overflow Enables Remote Code Execution

A critical vulnerability (CVE-2025-1049) affecting Sonos Era 300 speakers has been disclosed, allowing network-adjacent attackers to execute...

TP-Link VN020 F3v(T) Router Vulnerabilities: Remote DoS and RCE Risks

CVE News

TP-Link VN020 F3v(T) Router Vulnerabilities: Remote DoS and RCE Risks

Multiple critical vulnerabilities have been identified in the TP-Link VN020 F3v(T) router running firmware version TT_V6.2.1021, exposing...

Critical Authentication Bypass in Fortinet Products (CVE-2022-40684): Analysis and Mitigation

CVE News

Critical Authentication Bypass in Fortinet Products (CVE-2022-40684): Analysis and Mitigation

A critical authentication bypass vulnerability (CVE-2022-40684) affecting Fortinet’s FortiOS, FortiProxy, and FortiSwitchManager has been actively exploited since...

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

CVE News

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

A critical remote code execution vulnerability has been identified in Dell EMC’s Integrated Dell Remote Access Controller...

compop.ca 3.5.3 Arbitrary Code Execution Vulnerability (CVE-2024-48445)

CVE News

compop.ca 3.5.3 Arbitrary Code Execution Vulnerability (CVE-2024-48445)

A critical vulnerability in compop.ca version 3.5.3 has been disclosed, allowing arbitrary code execution due to an...

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

CVE News

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

A critical Remote Code Execution (RCE) vulnerability has been identified in ASUS ASMB8 iKVM firmware versions ≤1.14.51,...

NagVis 1.9.33 Arbitrary File Read Vulnerability (CVE-2022-46945): Analysis and Mitigation

CVE News

NagVis 1.9.33 Arbitrary File Read Vulnerability (CVE-2022-46945): Analysis and Mitigation

A critical vulnerability in NagVis 1.9.33, tracked as CVE-2022-46945, allows unauthenticated attackers to read arbitrary files via...

Microsoft Resolves Remote Desktop Freezing Issues in Windows Server 2025 and Windows 11 24H2

Blue-Team

Microsoft Resolves Remote Desktop Freezing Issues in Windows Server 2025 and Windows 11 24H2

Microsoft has addressed a critical issue causing Remote Desktop Protocol (RDP) sessions to freeze on Windows Server...

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

CVE News

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

A recent security audit has revealed critical vulnerabilities in Moodle, the widely adopted open-source learning management system...

Analysis of Google Cloud Composer Privilege Escalation Vulnerability (ConfusedComposer)

CVE News

Analysis of Google Cloud Composer Privilege Escalation Vulnerability (ConfusedComposer)

A recently patched high-severity vulnerability in Google Cloud Platform’s Cloud Composer service, dubbed ConfusedComposer, could have allowed...

2025 DBIR Analysis: Edge Device Vulnerabilities and Remediation Trends

CVE News

2025 DBIR Analysis: Edge Device Vulnerabilities and Remediation Trends

The 2025 Verizon Data Breach Investigations Report (DBIR) highlights a concerning 34% year-over-year increase in vulnerability exploitation,...

Posts pagination

Previous 1 … 4 5 6 7 8 9 10 … 12 Next

CVSS

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

Critical SQL Injection Vulnerability in Frontend Dashboard (CVE-2025-46248)

ALBEDO Telecom Net.Time PTP/NTP Clock Vulnerability: Session Expiration Flaw Exposes Credentials

Critical Zyxel USG FLEX-H Firewall Vulnerabilities Expose Networks to Pre-Auth RCE

SonicWall SSLVPN Vulnerability (CVE-2025-32818): Remote Firewall Crash Exploit

Critical Commvault RCE Vulnerability (CVE-2025-34028) Exploited in the Wild

Critical Authentication Bypass in Apache Student Study Center Desk Management System (CVE-2023-44752)

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

Critical SQL Injection Vulnerability in MuM MapEdit 24.2.3 (CVE-2025-43949)

Sonos Era 300 Vulnerability (CVE-2025-1049): Heap-Based Buffer Overflow Enables Remote Code Execution

TP-Link VN020 F3v(T) Router Vulnerabilities: Remote DoS and RCE Risks

Critical Authentication Bypass in Fortinet Products (CVE-2022-40684): Analysis and Mitigation

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

compop.ca 3.5.3 Arbitrary Code Execution Vulnerability (CVE-2024-48445)

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

NagVis 1.9.33 Arbitrary File Read Vulnerability (CVE-2022-46945): Analysis and Mitigation

Microsoft Resolves Remote Desktop Freezing Issues in Windows Server 2025 and Windows 11 24H2

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

2025 DBIR Analysis: Edge Device Vulnerabilities and Remediation Trends

You may have missed

Dark Web Data Exposure: Technical Analysis and Response for Security Professionals

Misinformation as a Threat Vector: Lessons from the Brown University Shooting Investigation

Google’s Gmail Address Change: A New Vector for Account Takeover and Social Engineering

The AI Investment Surge in India: A Strategic Analysis for Security Leaders