Unauthenticated Attack

Critical SQL Injection Vulnerability in Dietiqa App (CVE-2025-28009): Technical Analysis and Mitigation

CVE News

Critical SQL Injection Vulnerability in Dietiqa App (CVE-2025-28009): Technical Analysis and Mitigation

A critical SQL injection vulnerability (CVE-2025-28009) has been identified in Dietiqa App version 1.0.20, posing significant risks...

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

CVE News

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

A critical vulnerability (CVE-2025-1093) has been identified in the AIHub WordPress theme, allowing unauthenticated attackers to upload...

AssetView Vulnerability Exposes Systems to Unauthenticated File Access and Deletion (CVE-2025-25060)

CVE News

AssetView Vulnerability Exposes Systems to Unauthenticated File Access and Deletion (CVE-2025-25060)

A critical vulnerability in AssetView and AssetView CLOUD (CVE-2025-25060) has been disclosed, allowing unauthenticated attackers to access...

Critical SQL Injection Vulnerability in PiExtract’s SOOP-CLM (CVE-2025-3011)

CVE News

Critical SQL Injection Vulnerability in PiExtract’s SOOP-CLM (CVE-2025-3011)

A critical SQL injection vulnerability (CVE-2025-3011) has been identified in PiExtract’s SOOP-CLM software, rated 9.8 (CRITICAL) on...

Critical OS Command Injection Vulnerability in Dell Unity (CVE-2025-24383) Poses Severe Risk

CVE News

Critical OS Command Injection Vulnerability in Dell Unity (CVE-2025-24383) Poses Severe Risk

A critical vulnerability (CVE-2025-24383) has been identified in Dell Unity operating environments, allowing unauthenticated attackers to execute...

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

CVE News

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

A high-severity open redirect vulnerability (CVE-2025-24381) has been identified in Dell Unity storage systems running versions 5.4...

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

CVE News

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

A critical vulnerability (CVE-2025-2294) has been identified in the Kubio AI Page Builder plugin for WordPress, affecting...

Critical Unauthenticated RCE Vulnerability Discovered in Ingress NGINX Controller

CVE News

Critical Unauthenticated RCE Vulnerability Discovered in Ingress NGINX Controller

A severe remote code execution (RCE) vulnerability has been identified in the Ingress NGINX Controller, allowing attackers...

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

CVE News

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

A critical zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks’ PAN-OS firewalls has been actively exploited since at...

Critical Vulnerability Patched in Apache Tomcat: CVE-2025-24813 Allows Remote Code Execution

CVE News
Exploitation

Critical Vulnerability Patched in Apache Tomcat: CVE-2025-24813 Allows Remote Code Execution

Apache Tomcat, a widely used open-source Java servlet container, has recently addressed a critical vulnerability that could...

Critical Vulnerabilities in FortiOS and FortiProxy Lead to Ransomware Attacks: NCSC Warns of Exploitation

CVE News
Exploitation

Critical Vulnerabilities in FortiOS and FortiProxy Lead to Ransomware Attacks: NCSC Warns of Exploitation

The National Cyber Security Centre (NCSC) has reported a significant surge in ransomware attacks targeting critical vulnerabilities...

CVE-2025-2609 – MagnusSolution MagnusBilling Cross-Site Scripting Vulnerability

Bug Bounties & Responsible Disclosure
Cyber Laws & Regulations
Exploitation
Malware Analysis
Red-Team
SIEM & Detection Engineering

CVE-2025-2609 – MagnusSolution MagnusBilling Cross-Site Scripting Vulnerability

A critical vulnerability, CVE-2025-2609, has been identified in MagnusSolution’s MagnusBilling software, a widely used billing and call...

Unauthenticated Attack

Critical SQL Injection Vulnerability in Dietiqa App (CVE-2025-28009): Technical Analysis and Mitigation

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

AssetView Vulnerability Exposes Systems to Unauthenticated File Access and Deletion (CVE-2025-25060)

Critical SQL Injection Vulnerability in PiExtract’s SOOP-CLM (CVE-2025-3011)

Critical OS Command Injection Vulnerability in Dell Unity (CVE-2025-24383) Poses Severe Risk

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

Critical Unauthenticated RCE Vulnerability Discovered in Ingress NGINX Controller

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

Critical Vulnerability Patched in Apache Tomcat: CVE-2025-24813 Allows Remote Code Execution

Critical Vulnerabilities in FortiOS and FortiProxy Lead to Ransomware Attacks: NCSC Warns of Exploitation

CVE-2025-2609 – MagnusSolution MagnusBilling Cross-Site Scripting Vulnerability

You may have missed

Soffid Console Java Deserialization Vulnerability (CVE-2025-32408): Technical Analysis and Mitigation

State-Sponsored Hackers Adopt ClickFix Social Engineering for Global Cyber Espionage

Google OAuth and DKIM Replay Attack: How Phishers Spoofed Google’s Email Systems

WordPress Ad Fraud Operation “Scallywag” Generated 1.4 Billion Fake Ad Requests Daily