Vulnerability Management

SonicWall SSLVPN Vulnerability (CVE-2025-32818): Remote Firewall Crash Exploit

CVE News

SonicWall SSLVPN Vulnerability (CVE-2025-32818): Remote Firewall Crash Exploit

SonicWall has issued an urgent advisory (SNWLID-2025-0009) regarding a high-severity vulnerability in its SSLVPN Virtual Office interface....

Critical Commvault RCE Vulnerability (CVE-2025-34028) Exploited in the Wild

CVE News

Critical Commvault RCE Vulnerability (CVE-2025-34028) Exploited in the Wild

Organizations using Commvault’s backup and recovery software are under immediate threat due to an actively exploited pre-authenticated...

Rise in Credential Theft and Vulnerability Exploitation Dominates Cyber Threats in 2024

Threat Intelligence

Rise in Credential Theft and Vulnerability Exploitation Dominates Cyber Threats in 2024

Recent reports highlight a significant shift in cyberattack strategies, with vulnerability exploitation and credential theft now accounting...

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

CVE News

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

A critical vulnerability (CVE-2025-2764) in CarlinKit CPC200-CCPA devices allows network-adjacent attackers to bypass cryptographic signature checks and...

Critical SQL Injection Vulnerability in MuM MapEdit 24.2.3 (CVE-2025-43949)

CVE News

Critical SQL Injection Vulnerability in MuM MapEdit 24.2.3 (CVE-2025-43949)

A critical SQL injection vulnerability (CVE-2025-43949) has been identified in MuM MapEdit version 24.2.3, posing significant risk...

Supply Chain Attack Compromises xrpl.js Library to Steal XRP Wallet Keys

APT-News

Supply Chain Attack Compromises xrpl.js Library to Steal XRP Wallet Keys

The widely used xrpl.js library, a critical component for interacting with the XRP Ledger, was compromised in...

Resurgent Vulnerabilities Pose Unique Risks to Edge Devices and Critical Infrastructure

Threat Intelligence

Resurgent Vulnerabilities Pose Unique Risks to Edge Devices and Critical Infrastructure

Attackers are increasingly exploiting older, resurgent vulnerabilities—flaws that were patched years ago but remain unaddressed in many...

Critical Authentication Bypass in Fortinet Products (CVE-2022-40684): Analysis and Mitigation

CVE News

Critical Authentication Bypass in Fortinet Products (CVE-2022-40684): Analysis and Mitigation

A critical authentication bypass vulnerability (CVE-2022-40684) affecting Fortinet’s FortiOS, FortiProxy, and FortiSwitchManager has been actively exploited since...

Garage Management System 1.0 Stored XSS Vulnerability (CVE-2022-41358): Analysis and Mitigation

CVE News

Garage Management System 1.0 Stored XSS Vulnerability (CVE-2022-41358): Analysis and Mitigation

A stored cross-site scripting (XSS) vulnerability has been identified in Garage Management System 1.0, specifically affecting the...

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

CVE News

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

A critical remote code execution vulnerability has been identified in Dell EMC’s Integrated Dell Remote Access Controller...

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

CVE News

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

A critical Remote Code Execution (RCE) vulnerability has been identified in ASUS ASMB8 iKVM firmware versions ≤1.14.51,...

WebMethods Integration Server 10.15.0 Vulnerability: Unauthenticated Access to Admin Panel (CVE-2024-23733)

CVE News

WebMethods Integration Server 10.15.0 Vulnerability: Unauthenticated Access to Admin Panel (CVE-2024-23733)

A critical vulnerability in Software AG’s webMethods Integration Server 10.15.0 allows unauthenticated attackers to bypass authentication and...

NagVis 1.9.33 Arbitrary File Read Vulnerability (CVE-2022-46945): Analysis and Mitigation

CVE News

NagVis 1.9.33 Arbitrary File Read Vulnerability (CVE-2022-46945): Analysis and Mitigation

A critical vulnerability in NagVis 1.9.33, tracked as CVE-2022-46945, allows unauthenticated attackers to read arbitrary files via...

KiviCare Clinic & Patient Management System (EHR) 3.6.4 SQL Injection Vulnerability (CVE-2024-11728)

CVE News

KiviCare Clinic & Patient Management System (EHR) 3.6.4 SQL Injection Vulnerability (CVE-2024-11728)

A critical unauthenticated SQL injection vulnerability (CVE-2024-11728) has been identified in KiviCare Clinic & Patient Management System...

Microsoft Resolves Remote Desktop Freezing Issues in Windows Server 2025 and Windows 11 24H2

Blue-Team

Microsoft Resolves Remote Desktop Freezing Issues in Windows Server 2025 and Windows 11 24H2

Microsoft has addressed a critical issue causing Remote Desktop Protocol (RDP) sessions to freeze on Windows Server...

Ripple’s xrpl.js NPM Package Compromised in Supply Chain Attack Targeting XRP Wallets

CVE News

Ripple’s xrpl.js NPM Package Compromised in Supply Chain Attack Targeting XRP Wallets

A critical supply chain attack has compromised Ripple’s official xrpl.js NPM package, injecting malicious code designed to...

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

CVE News

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

A recently disclosed vulnerability in the code-projects Online Exam Mastering System 1.0 exposes users to reflected Cross-Site...

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

CVE News

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

A recent security audit has revealed critical vulnerabilities in Moodle, the widely adopted open-source learning management system...

Analysis of Google Cloud Composer Privilege Escalation Vulnerability (ConfusedComposer)

CVE News

Analysis of Google Cloud Composer Privilege Escalation Vulnerability (ConfusedComposer)

A recently patched high-severity vulnerability in Google Cloud Platform’s Cloud Composer service, dubbed ConfusedComposer, could have allowed...

2025 DBIR Analysis: Edge Device Vulnerabilities and Remediation Trends

CVE News

2025 DBIR Analysis: Edge Device Vulnerabilities and Remediation Trends

The 2025 Verizon Data Breach Investigations Report (DBIR) highlights a concerning 34% year-over-year increase in vulnerability exploitation,...

Posts pagination

Previous 1 … 7 8 9 10 11 12 13 … 16 Next

Vulnerability Management

SonicWall SSLVPN Vulnerability (CVE-2025-32818): Remote Firewall Crash Exploit

Critical Commvault RCE Vulnerability (CVE-2025-34028) Exploited in the Wild

Rise in Credential Theft and Vulnerability Exploitation Dominates Cyber Threats in 2024

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

Critical SQL Injection Vulnerability in MuM MapEdit 24.2.3 (CVE-2025-43949)

Supply Chain Attack Compromises xrpl.js Library to Steal XRP Wallet Keys

Resurgent Vulnerabilities Pose Unique Risks to Edge Devices and Critical Infrastructure

Critical Authentication Bypass in Fortinet Products (CVE-2022-40684): Analysis and Mitigation

Garage Management System 1.0 Stored XSS Vulnerability (CVE-2022-41358): Analysis and Mitigation

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

WebMethods Integration Server 10.15.0 Vulnerability: Unauthenticated Access to Admin Panel (CVE-2024-23733)

NagVis 1.9.33 Arbitrary File Read Vulnerability (CVE-2022-46945): Analysis and Mitigation

KiviCare Clinic & Patient Management System (EHR) 3.6.4 SQL Injection Vulnerability (CVE-2024-11728)

Microsoft Resolves Remote Desktop Freezing Issues in Windows Server 2025 and Windows 11 24H2

Ripple’s xrpl.js NPM Package Compromised in Supply Chain Attack Targeting XRP Wallets

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

2025 DBIR Analysis: Edge Device Vulnerabilities and Remediation Trends

You may have missed

Adobe Analytics Data Leak: Architectural Failure Exposes Cross-Tenant Data

Snapchat’s Shift to Paid Storage: A Technical Analysis of Cloud Service Monetization

Google’s Developer Registration Policy Threatens F-Droid’s Existence

Google Drive for Desktop Deploys AI-Powered Ransomware Detection and Recovery