Vulnerability Management

SonicWall SMA VPN Exploitation: Active Attacks Since January 2025

CVE News

SonicWall SMA VPN Exploitation: Active Attacks Since January 2025

Cybersecurity firm Arctic Wolf has confirmed that a remote code execution (RCE) vulnerability in SonicWall Secure Mobile...

Critical Erlang/OTP SSH Vulnerability (CVE-2025-32433): Exploits Publicly Available, Patch Urgently

CVE News

Critical Erlang/OTP SSH Vulnerability (CVE-2025-32433): Exploits Publicly Available, Patch Urgently

A critical remote code execution (RCE) vulnerability in Erlang/OTP’s SSH implementation (CVE-2025-32433) now has publicly available exploits,...

Verizon Call Filter App Vulnerability Exposes Millions of Call Logs

CVE News

Verizon Call Filter App Vulnerability Exposes Millions of Call Logs

A recently patched vulnerability in Verizon’s Call Filter iOS app allowed unauthorized access to call metadata for...

CVE-2025-31911: Critical SQL Injection Vulnerability in WordPress Social Share And Social Locker Plugin

CVE News

CVE-2025-31911: Critical SQL Injection Vulnerability in WordPress Social Share And Social Locker Plugin

A critical SQL injection vulnerability (CVE-2025-31911) has been identified in the WordPress plugin “Social Share And Social...

Tenda AC10 Router Vulnerability (CVE-2025-3161): Remote Stack-Based Buffer Overflow Exploit

CVE News

Tenda AC10 Router Vulnerability (CVE-2025-3161): Remote Stack-Based Buffer Overflow Exploit

A critical stack-based buffer overflow vulnerability (CVE-2025-3161) has been identified in Tenda AC10 routers running firmware version...

Dell PowerProtect Data Domain Vulnerability (CVE-2025-29987): Root Access Exploit Analysis

CVE News

Dell PowerProtect Data Domain Vulnerability (CVE-2025-29987): Root Access Exploit Analysis

A critical vulnerability (CVE-2025-29987) in Dell PowerProtect Data Domain systems running Data Domain Operating System (DD OS)...

GitHub Expands Security Tools Following 39 Million Secret Leaks in 2024

Data Breach

GitHub Expands Security Tools Following 39 Million Secret Leaks in 2024

GitHub has introduced new security measures after its systems detected 39 million exposed secrets—including API keys, tokens,...

Verizon Call Filter API Vulnerability Exposed Customer Call Logs via Unsecured Endpoint

CVE News

Verizon Call Filter API Vulnerability Exposed Customer Call Logs via Unsecured Endpoint

A security flaw in Verizon’s Call Filter API allowed unauthorized access to customers’ incoming call histories due...

AssetView Vulnerability Exposes Systems to Unauthenticated File Access and Deletion (CVE-2025-25060)

CVE News

AssetView Vulnerability Exposes Systems to Unauthenticated File Access and Deletion (CVE-2025-25060)

A critical vulnerability in AssetView and AssetView CLOUD (CVE-2025-25060) has been disclosed, allowing unauthenticated attackers to access...

Critical Path Traversal Vulnerability in FortiSIEM (CVE-2023-40714) Allows Privilege Escalation

CVE News

Critical Path Traversal Vulnerability in FortiSIEM (CVE-2023-40714) Allows Privilege Escalation

A critical vulnerability (CVE-2023-40714) affecting multiple versions of Fortinet’s FortiSIEM security information and event management solution has...

ROS dynparam YAML Deserialization Vulnerability (CVE-2024-39780) Analysis and Mitigation

CVE News

ROS dynparam YAML Deserialization Vulnerability (CVE-2024-39780) Analysis and Mitigation

A critical vulnerability (CVE-2024-39780) has been identified in the Robot Operating System (ROS) dynparam tool, allowing arbitrary...

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

CVE News

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

A critical path traversal vulnerability (CVE-2025-31131) has been identified in YesWiki, a PHP-based wiki system, with a...

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

CVE News

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

A critical SQL injection vulnerability (CVE-2025-30807) has been identified in the Next-Cart Store to WooCommerce Migration plugin,...

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

CVE News

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

A high-severity vulnerability (CVE-2025-30892) has been identified in the Magepeople WpTravelly WordPress plugin, exposing websites to potential...

Critical SQL Injection Vulnerability in WooCommerce Order Splitter Plugin (CVE-2025-31089)

CVE News

Critical SQL Injection Vulnerability in WooCommerce Order Splitter Plugin (CVE-2025-31089)

A high-severity SQL injection vulnerability (CVE-2025-31089) has been identified in Fahad Mahmood’s Order Splitter for WooCommerce plugin,...

CVE-2025-31534: Critical SQL Injection Vulnerability in Shopperdotcom Shopper

CVE News

CVE-2025-31534: Critical SQL Injection Vulnerability in Shopperdotcom Shopper

A critical SQL injection vulnerability (CVE-2025-31534) has been identified in the Shopperdotcom Shopper platform, affecting all versions...

Critical SQL Injection Vulnerability in Salesmate Add-On for Gravity Forms (CVE-2025-31551)

CVE News

Critical SQL Injection Vulnerability in Salesmate Add-On for Gravity Forms (CVE-2025-31551)

A critical SQL injection vulnerability (CVE-2025-31551) has been identified in the Salesmate.io Salesmate Add-On for Gravity Forms,...

Critical SQL Injection Vulnerability in RSVPMarker WordPress Plugin (CVE-2025-31552)

CVE News

Critical SQL Injection Vulnerability in RSVPMarker WordPress Plugin (CVE-2025-31552)

A critical SQL injection vulnerability (CVE-2025-31552) has been identified in the RSVPMarker WordPress plugin, affecting versions up...

Critical SQL Injection Vulnerability in Advanced WooCommerce Product Sales Reporting (CVE-2025-31553)

CVE News

Critical SQL Injection Vulnerability in Advanced WooCommerce Product Sales Reporting (CVE-2025-31553)

A critical SQL injection vulnerability (CVE-2025-31553) has been identified in the WPFactory Advanced WooCommerce Product Sales Reporting...

Critical Object Injection Vulnerability in Sabuj Kundu CBX Poll Plugin (CVE-2025-31612)

CVE News

Critical Object Injection Vulnerability in Sabuj Kundu CBX Poll Plugin (CVE-2025-31612)

A critical security vulnerability has been identified in the Sabuj Kundu CBX Poll WordPress plugin, tracked as...

Posts pagination

Previous 1 … 11 12 13 14 15 16 17 18 Next

Vulnerability Management

SonicWall SMA VPN Exploitation: Active Attacks Since January 2025

Critical Erlang/OTP SSH Vulnerability (CVE-2025-32433): Exploits Publicly Available, Patch Urgently

Verizon Call Filter App Vulnerability Exposes Millions of Call Logs

CVE-2025-31911: Critical SQL Injection Vulnerability in WordPress Social Share And Social Locker Plugin

Tenda AC10 Router Vulnerability (CVE-2025-3161): Remote Stack-Based Buffer Overflow Exploit

Dell PowerProtect Data Domain Vulnerability (CVE-2025-29987): Root Access Exploit Analysis

GitHub Expands Security Tools Following 39 Million Secret Leaks in 2024

Verizon Call Filter API Vulnerability Exposed Customer Call Logs via Unsecured Endpoint

AssetView Vulnerability Exposes Systems to Unauthenticated File Access and Deletion (CVE-2025-25060)

Critical Path Traversal Vulnerability in FortiSIEM (CVE-2023-40714) Allows Privilege Escalation

ROS dynparam YAML Deserialization Vulnerability (CVE-2024-39780) Analysis and Mitigation

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

Critical SQL Injection Vulnerability in WooCommerce Order Splitter Plugin (CVE-2025-31089)

CVE-2025-31534: Critical SQL Injection Vulnerability in Shopperdotcom Shopper

Critical SQL Injection Vulnerability in Salesmate Add-On for Gravity Forms (CVE-2025-31551)

Critical SQL Injection Vulnerability in RSVPMarker WordPress Plugin (CVE-2025-31552)

Critical SQL Injection Vulnerability in Advanced WooCommerce Product Sales Reporting (CVE-2025-31553)

Critical Object Injection Vulnerability in Sabuj Kundu CBX Poll Plugin (CVE-2025-31612)

You may have missed

Dark Web Data Exposure: Technical Analysis and Response for Security Professionals

Misinformation as a Threat Vector: Lessons from the Brown University Shooting Investigation

Google’s Gmail Address Change: A New Vector for Account Takeover and Social Engineering

The AI Investment Surge in India: A Strategic Analysis for Security Leaders