Remote Code Execution

Sophisticated WooCommerce Phishing Campaign Exploits Fake Security Alerts

Blue-Team

Sophisticated WooCommerce Phishing Campaign Exploits Fake Security Alerts

A widespread phishing campaign targeting WooCommerce store owners has been identified, leveraging fabricated security vulnerability alerts to...

Critical Zyxel USG FLEX-H Firewall Vulnerabilities Expose Networks to Pre-Auth RCE

CVE News

Critical Zyxel USG FLEX-H Firewall Vulnerabilities Expose Networks to Pre-Auth RCE

Security researcher Alessandro Sgreccia (aka “rainpwn”) has disclosed critical vulnerabilities in Zyxel’s USG FLEX-H firewall series, enabling...

Critical Commvault RCE Vulnerability (CVE-2025-34028) Exploited in the Wild

CVE News

Critical Commvault RCE Vulnerability (CVE-2025-34028) Exploited in the Wild

Organizations using Commvault’s backup and recovery software are under immediate threat due to an actively exploited pre-authenticated...

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

CVE News

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

A critical vulnerability (CVE-2025-2764) in CarlinKit CPC200-CCPA devices allows network-adjacent attackers to bypass cryptographic signature checks and...

Sonos Era 300 Vulnerability (CVE-2025-1049): Heap-Based Buffer Overflow Enables Remote Code Execution

CVE News

Sonos Era 300 Vulnerability (CVE-2025-1049): Heap-Based Buffer Overflow Enables Remote Code Execution

A critical vulnerability (CVE-2025-1049) affecting Sonos Era 300 speakers has been disclosed, allowing network-adjacent attackers to execute...

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

CVE News

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

A critical remote code execution vulnerability has been identified in Dell EMC’s Integrated Dell Remote Access Controller...

compop.ca 3.5.3 Arbitrary Code Execution Vulnerability (CVE-2024-48445)

CVE News

compop.ca 3.5.3 Arbitrary Code Execution Vulnerability (CVE-2024-48445)

A critical vulnerability in compop.ca version 3.5.3 has been disclosed, allowing arbitrary code execution due to an...

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

CVE News

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

A critical Remote Code Execution (RCE) vulnerability has been identified in ASUS ASMB8 iKVM firmware versions ≤1.14.51,...

Analysis of Google Cloud Composer Privilege Escalation Vulnerability (ConfusedComposer)

CVE News

Analysis of Google Cloud Composer Privilege Escalation Vulnerability (ConfusedComposer)

A recently patched high-severity vulnerability in Google Cloud Platform’s Cloud Composer service, dubbed ConfusedComposer, could have allowed...

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

CVE News

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

A critical zero-day remote code execution (RCE) vulnerability in Active! Mail, a widely used Japanese webmail client,...

Critical RCE Vulnerability in Commvault Command Center (CVE-2025-34028)

CVE News

Critical RCE Vulnerability in Commvault Command Center (CVE-2025-34028)

A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-34028, has been disclosed in Commvault Command Center...

Critical Symantec pcAnywhere Remote Code Execution Vulnerability (CVE-2011-3478)

CVE News

Critical Symantec pcAnywhere Remote Code Execution Vulnerability (CVE-2011-3478)

A critical buffer overflow vulnerability in Symantec pcAnywhere, identified as CVE-2011-3478, allows unauthenticated attackers to execute arbitrary...

Greenshift WordPress Plugin Vulnerability (CVE-2025-3616): Arbitrary File Upload Analysis

CVE News

Greenshift WordPress Plugin Vulnerability (CVE-2025-3616): Arbitrary File Upload Analysis

A critical vulnerability in the Greenshift WordPress plugin (CVE-2025-3616) allows authenticated attackers to upload arbitrary files, potentially...

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29659): Technical Analysis and Mitigation

CVE News

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29659): Technical Analysis and Mitigation

A critical remote code execution (RCE) vulnerability, designated as CVE-2025-29659, has been identified in the Yi IoT...

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29660): Analysis and Mitigation

CVE News

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29660): Analysis and Mitigation

A critical remote code execution (RCE) vulnerability (CVE-2025-29660) has been identified in the Yi IoT XY-3820 firmware...

Soffid Console Java Deserialization Vulnerability (CVE-2025-32408): Technical Analysis and Mitigation

CVE News

Soffid Console Java Deserialization Vulnerability (CVE-2025-32408): Technical Analysis and Mitigation

A newly disclosed vulnerability in Soffid Console (CVE-2025-32408) exposes systems to remote code execution through insecure Java...

CVE-2025-42599: Critical Stack-Based Buffer Overflow in Active! Mail Threatens Remote Code Execution

CVE News

CVE-2025-42599: Critical Stack-Based Buffer Overflow in Active! Mail Threatens Remote Code Execution

A critical vulnerability (CVE-2025-42599) has been identified in Active! Mail 6, exposing systems to remote code execution...

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

CVE News

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

A critical vulnerability (CVE-2025-1093) has been identified in the AIHub WordPress theme, allowing unauthenticated attackers to upload...

Cisco Webex Vulnerability (CVE-2025-20236) Enables Remote Code Execution via Malicious Links

CVE News

Cisco Webex Vulnerability (CVE-2025-20236) Enables Remote Code Execution via Malicious Links

Cisco has issued patches for a high-severity vulnerability (CVE-2025-20236) in its Webex software that allows unauthenticated attackers...

Critical Erlang/OTP SSH Vulnerability (CVE-2025-32433): Exploits Publicly Available, Patch Urgently

CVE News

Critical Erlang/OTP SSH Vulnerability (CVE-2025-32433): Exploits Publicly Available, Patch Urgently

A critical remote code execution (RCE) vulnerability in Erlang/OTP’s SSH implementation (CVE-2025-32433) now has publicly available exploits,...

Posts pagination

Previous 1 2 3 4 Next

Remote Code Execution

Sophisticated WooCommerce Phishing Campaign Exploits Fake Security Alerts

Critical Zyxel USG FLEX-H Firewall Vulnerabilities Expose Networks to Pre-Auth RCE

Critical Commvault RCE Vulnerability (CVE-2025-34028) Exploited in the Wild

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

Sonos Era 300 Vulnerability (CVE-2025-1049): Heap-Based Buffer Overflow Enables Remote Code Execution

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

compop.ca 3.5.3 Arbitrary Code Execution Vulnerability (CVE-2024-48445)

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

Critical RCE Vulnerability in Commvault Command Center (CVE-2025-34028)

Critical Symantec pcAnywhere Remote Code Execution Vulnerability (CVE-2011-3478)

Greenshift WordPress Plugin Vulnerability (CVE-2025-3616): Arbitrary File Upload Analysis

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29659): Technical Analysis and Mitigation

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29660): Analysis and Mitigation

Soffid Console Java Deserialization Vulnerability (CVE-2025-32408): Technical Analysis and Mitigation

CVE-2025-42599: Critical Stack-Based Buffer Overflow in Active! Mail Threatens Remote Code Execution

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

Cisco Webex Vulnerability (CVE-2025-20236) Enables Remote Code Execution via Malicious Links

Critical Erlang/OTP SSH Vulnerability (CVE-2025-32433): Exploits Publicly Available, Patch Urgently

You may have missed

Grok AI Chatbot Generates Antisemitic Content Due to Code Update, Sparking Backlash

McDonald’s AI Hiring Chatbot Exposes 64 Million Applicants’ Data via Default Credentials

Critical Pre-Auth RCE Exploit Released for Fortinet FortiWeb: Patch Immediately

Gravity Forms Compromised in Supply-Chain Attack: Backdoored Plugins Distributed via Official Website