High Risk

HHS Layoffs Threaten Medical Device Cybersecurity Oversight

News

HHS Layoffs Threaten Medical Device Cybersecurity Oversight

As the Department of Health and Human Services (HHS) undergoes mass layoffs, lawmakers and cybersecurity experts warn...

CVE-2025-31911: Critical SQL Injection Vulnerability in WordPress Social Share And Social Locker Plugin

CVE News

CVE-2025-31911: Critical SQL Injection Vulnerability in WordPress Social Share And Social Locker Plugin

A critical SQL injection vulnerability (CVE-2025-31911) has been identified in the WordPress plugin “Social Share And Social...

Tenda AC10 Router Vulnerability (CVE-2025-3161): Remote Stack-Based Buffer Overflow Exploit

CVE News

Tenda AC10 Router Vulnerability (CVE-2025-3161): Remote Stack-Based Buffer Overflow Exploit

A critical stack-based buffer overflow vulnerability (CVE-2025-3161) has been identified in Tenda AC10 routers running firmware version...

Dell PowerProtect Data Domain Vulnerability (CVE-2025-29987): Root Access Exploit Analysis

CVE News

Dell PowerProtect Data Domain Vulnerability (CVE-2025-29987): Root Access Exploit Analysis

A critical vulnerability (CVE-2025-29987) in Dell PowerProtect Data Domain systems running Data Domain Operating System (DD OS)...

iPhone Security Alert: Banking Malware and Zero-Day Exploits Threaten Users

Threat Intelligence

iPhone Security Alert: Banking Malware and Zero-Day Exploits Threaten Users

A new wave of cyber threats targeting iPhone users has prompted urgent warnings from security experts. Malicious...

Smart TV Security Alert: 1.6 Million Devices at Risk from Firmware Exploits

News

Smart TV Security Alert: 1.6 Million Devices at Risk from Firmware Exploits

A new wave of attacks targeting smart TVs and streaming boxes has put approximately 1.6 million devices...

AssetView Vulnerability Exposes Systems to Unauthenticated File Access and Deletion (CVE-2025-25060)

CVE News

AssetView Vulnerability Exposes Systems to Unauthenticated File Access and Deletion (CVE-2025-25060)

A critical vulnerability in AssetView and AssetView CLOUD (CVE-2025-25060) has been disclosed, allowing unauthenticated attackers to access...

Critical Path Traversal Vulnerability in FortiSIEM (CVE-2023-40714) Allows Privilege Escalation

CVE News

Critical Path Traversal Vulnerability in FortiSIEM (CVE-2023-40714) Allows Privilege Escalation

A critical vulnerability (CVE-2023-40714) affecting multiple versions of Fortinet’s FortiSIEM security information and event management solution has...

ROS dynparam YAML Deserialization Vulnerability (CVE-2024-39780) Analysis and Mitigation

CVE News

ROS dynparam YAML Deserialization Vulnerability (CVE-2024-39780) Analysis and Mitigation

A critical vulnerability (CVE-2024-39780) has been identified in the Robot Operating System (ROS) dynparam tool, allowing arbitrary...

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

CVE News

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

A critical path traversal vulnerability (CVE-2025-31131) has been identified in YesWiki, a PHP-based wiki system, with a...

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

CVE News

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

A critical SQL injection vulnerability (CVE-2025-30807) has been identified in the Next-Cart Store to WooCommerce Migration plugin,...

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

CVE News

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

A high-severity vulnerability (CVE-2025-30892) has been identified in the Magepeople WpTravelly WordPress plugin, exposing websites to potential...

Critical SQL Injection Vulnerability in WooCommerce Order Splitter Plugin (CVE-2025-31089)

CVE News

Critical SQL Injection Vulnerability in WooCommerce Order Splitter Plugin (CVE-2025-31089)

A high-severity SQL injection vulnerability (CVE-2025-31089) has been identified in Fahad Mahmood’s Order Splitter for WooCommerce plugin,...

CVE-2025-31534: Critical SQL Injection Vulnerability in Shopperdotcom Shopper

CVE News

CVE-2025-31534: Critical SQL Injection Vulnerability in Shopperdotcom Shopper

A critical SQL injection vulnerability (CVE-2025-31534) has been identified in the Shopperdotcom Shopper platform, affecting all versions...

Critical SQL Injection Vulnerability in RSVPMarker WordPress Plugin (CVE-2025-31552)

CVE News

Critical SQL Injection Vulnerability in RSVPMarker WordPress Plugin (CVE-2025-31552)

A critical SQL injection vulnerability (CVE-2025-31552) has been identified in the RSVPMarker WordPress plugin, affecting versions up...

Critical SQL Injection Vulnerability in Advanced WooCommerce Product Sales Reporting (CVE-2025-31553)

CVE News

Critical SQL Injection Vulnerability in Advanced WooCommerce Product Sales Reporting (CVE-2025-31553)

A critical SQL injection vulnerability (CVE-2025-31553) has been identified in the WPFactory Advanced WooCommerce Product Sales Reporting...

Critical Object Injection Vulnerability in Sabuj Kundu CBX Poll Plugin (CVE-2025-31612)

CVE News

Critical Object Injection Vulnerability in Sabuj Kundu CBX Poll Plugin (CVE-2025-31612)

A critical security vulnerability has been identified in the Sabuj Kundu CBX Poll WordPress plugin, tracked as...

High-Severity SQL Injection Vulnerability in WordPress Uptime Robot Plugin (CVE-2025-31547)

CVE News

High-Severity SQL Injection Vulnerability in WordPress Uptime Robot Plugin (CVE-2025-31547)

A high-severity SQL injection vulnerability (CVE-2025-31547) has been identified in the Aphotrax Uptime Robot Plugin for WordPress,...

Critical Authentication Bypass in CHOCO TEI WATCHER mini Exposes Industrial Systems

CVE News

Critical Authentication Bypass in CHOCO TEI WATCHER mini Exposes Industrial Systems

A critical vulnerability (CVE-2025-25211) affecting all versions of the CHOCO TEI WATCHER mini (IB-MCT001) industrial monitoring device...

FamousSparrow APT Resurfaces with Upgraded Cyber Espionage Campaign Targeting Americas

APT-News

FamousSparrow APT Resurfaces with Upgraded Cyber Espionage Campaign Targeting Americas

After a period of inactivity, the Chinese cyber espionage group FamousSparrow has reemerged with upgraded tools and...

Posts pagination

Previous 1 … 7 8 9 10 11 12 13 14 Next

High Risk

HHS Layoffs Threaten Medical Device Cybersecurity Oversight

CVE-2025-31911: Critical SQL Injection Vulnerability in WordPress Social Share And Social Locker Plugin

Tenda AC10 Router Vulnerability (CVE-2025-3161): Remote Stack-Based Buffer Overflow Exploit

Dell PowerProtect Data Domain Vulnerability (CVE-2025-29987): Root Access Exploit Analysis

iPhone Security Alert: Banking Malware and Zero-Day Exploits Threaten Users

Smart TV Security Alert: 1.6 Million Devices at Risk from Firmware Exploits

AssetView Vulnerability Exposes Systems to Unauthenticated File Access and Deletion (CVE-2025-25060)

Critical Path Traversal Vulnerability in FortiSIEM (CVE-2023-40714) Allows Privilege Escalation

ROS dynparam YAML Deserialization Vulnerability (CVE-2024-39780) Analysis and Mitigation

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

Critical SQL Injection Vulnerability in WooCommerce Order Splitter Plugin (CVE-2025-31089)

CVE-2025-31534: Critical SQL Injection Vulnerability in Shopperdotcom Shopper

Critical SQL Injection Vulnerability in RSVPMarker WordPress Plugin (CVE-2025-31552)

Critical SQL Injection Vulnerability in Advanced WooCommerce Product Sales Reporting (CVE-2025-31553)

Critical Object Injection Vulnerability in Sabuj Kundu CBX Poll Plugin (CVE-2025-31612)

High-Severity SQL Injection Vulnerability in WordPress Uptime Robot Plugin (CVE-2025-31547)

Critical Authentication Bypass in CHOCO TEI WATCHER mini Exposes Industrial Systems

FamousSparrow APT Resurfaces with Upgraded Cyber Espionage Campaign Targeting Americas

You may have missed

U.S. Sanctions Grinex Crypto-Exchange as Garantex Successor in Crackdown on Ransomware Money Laundering

Meta’s Erroneous Instagram Account Bans: Technical Implications for Security Teams

Supreme Court’s Decision on Mississippi Social Media Age Verification Law: Technical and Legal Implications

Microsoft Resolves Critical Windows Server Cluster and VM Stability Issues