Vulnerability Report Archives • Page 71 of 86 • Daily CyberSecurity

GitLab Patches High-Severity Flaws: Update Now to Prevent XSS and Account Takeover GitLab security updates Duo AI flaw fixed GitLab Runner Hijack, DoS Fix GitLab GraphQL Flaws, CVE-2025-11340 CVE-2024-9693 GitLab vulnerability, XSS

GitLab security updates Duo AI flaw fixed GitLab Runner Hijack, DoS Fix GitLab GraphQL Flaws, CVE-2025-11340 CVE-2024-9693 GitLab vulnerability, XSS

GitLab Patches High-Severity Flaws: Update Now to Prevent XSS and Account Takeover

Do Son August 13, 2025

GitLab has announced the release of versions 18.2.2, 18.1.4, and 18.0.6 for both the Community Edition (CE)...

Microsoft’s August Patch Tuesday: Zero-Day Kerberos Flaw Threatens Domain Admins Windows Kernel Zero-Day, Patch Tuesday CVE-2022-34713 Patch Tuesday, Zero-day

Windows Kernel Zero-Day, Patch Tuesday CVE-2022-34713 Patch Tuesday, Zero-day

Microsoft’s August Patch Tuesday: Zero-Day Kerberos Flaw Threatens Domain Admins

Do Son August 13, 2025

Microsoft’s August 2025 Patch Tuesday brings security updates for 119 vulnerabilities, including 13 rated Critical and 91...

Zoom Patches Critical Flaw (CVE-2025-49457): Windows Users Face Privilege Escalation Risk Zoom Rooms LPE, Downgrade Protection Bypass Zoom High-Risk Flaws Zoom security updates

Zoom Rooms LPE, Downgrade Protection Bypass Zoom High-Risk Flaws Zoom security updates

Zoom Patches Critical Flaw (CVE-2025-49457): Windows Users Face Privilege Escalation Risk

Do Son August 13, 2025

Zoom has released security updates addressing two significant vulnerabilities in its Windows-based clients—CVE-2025-49456 and CVE-2025-49457—that could enable...

Chrome Security Update Use After Free Chrome Security Update Critical Vulnerabilities Chrome Security Update CVE-2026-3062 Chrome Security Update V8 Engine Vulnerability Chrome Security Update CVE-2026-1862 CVE-2026-0628 Chrome 143 Update Chrome Safe Browsing UAF, CVE-2025-11756 Chrome Memory Flaws, CVE-2025-11460 Google Chrome, vulnerability CVE-2025-10200, CVE-2025-10201 Big Sleep CVE-2025-9478 Chrome Update, Security Vulnerabilities

Chrome Stable Update 139 Blocks High-Severity Exploits in V8, libaom, and ANGLE

Do Son August 13, 2025

Google has rolled out a Stable Channel update for desktop users, bringing Chrome to version 139.0.7258.127/.128 for...

FortiSIEM CVE-2025-25256 (CVSS 9.8): Remote Unauthenticated Command Injection with Exploit in the Wild FortiSIEM, Command Injection CVE-2025-25256

FortiSIEM, Command Injection CVE-2025-25256

FortiSIEM CVE-2025-25256 (CVSS 9.8): Remote Unauthenticated Command Injection with Exploit in the Wild

Do Son August 13, 2025

Fortinet has issued an urgent security advisory for a critical remote unauthenticated command injection vulnerability affecting multiple...

SAP Patch Day August 2025: Critical Code Injection Flaws Threaten Core ERP Systems SAP Code Injection

SAP Patch Day August 2025: Critical Code Injection Flaws Threaten Core ERP Systems

Do Son August 12, 2025

Today, 2025, SAP released 15 new Security Notes and 4 updates to previously issued advisories as part...

The Win-DDoS Epidemic: New Flaws Weaponize Windows Domain Controllers for Massive DoS Attacks, PoC Releases

Do Son August 12, 2025

SafeBreach Labs researchers have uncovered a new class of denial-of-service (DoS) vulnerabilities in Microsoft Windows that could...

Critical Erlang/OTP Flaw (CVE-2025-32433) Under Active Exploitation, Allowing Unauthenticated RCE on OT Networks Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Critical Erlang/OTP Flaw (CVE-2025-32433) Under Active Exploitation, Allowing Unauthenticated RCE on OT Networks

Do Son August 12, 2025

Security researchers at Unit 42 have issued an urgent warning regarding CVE-2025-32433, a CVSS 10.0-rated vulnerability in...

Apache bRPC Flaw (CVE-2025-54472) Allows Remote Denial-of-Service Attack Apache bRPC Vulnerability CVE-2025-60021 Apache bRPC, CVE-2025-59789 Apache bRPC, Redis Vulnerability

Apache bRPC Vulnerability CVE-2025-60021 Apache bRPC, CVE-2025-59789 Apache bRPC, Redis Vulnerability

Apache bRPC Flaw (CVE-2025-54472) Allows Remote Denial-of-Service Attack

Do Son August 12, 2025

The Apache bRPC project has issued an important security advisory addressing a critical flaw in its Redis...

Record-Breaking Payout: Google Awards $250,000 for a Critical Chrome Flaw (CVE-2025-4609) Chrome Vulnerability CVE-2024-4761 - Google Sell Chrome CVE-2025-1920 Chrome Crash, Browser Issue

Chrome Vulnerability CVE-2024-4761 - Google Sell Chrome CVE-2025-1920 Chrome Crash, Browser Issue

Record-Breaking Payout: Google Awards $250,000 for a Critical Chrome Flaw (CVE-2025-4609)

Do Son August 12, 2025

A recently disclosed Chromium issue details a critical security vulnerability (CVE-2025-4609) discovered on April 23, 2025, by...

BadCam: Critical Flaws in Lenovo Linux Webcams Allow Remote BadUSB Attacks and Persistent Infections

Do Son August 12, 2025

Security researchers at Eclypsium have identified critical vulnerabilities in select Lenovo USB webcams that could allow attackers...

EPM Poisoning (CVE-2025-49760): New Windows RPC Exploit Hijacks Services, Allowing Full Active Directory Compromise, PoC Releases

Do Son August 12, 2025

Security researcher Ron Ben Yizhak from SafeBreach Labs has uncovered a novel attack technique dubbed Endpoint Mapper...

CISA Alert: Critical Flaw (CVE-2025-8284) in Packet Power Devices Allows Unauthenticated Remote Takeover Packet Power, CISA Alert

CISA Alert: Critical Flaw (CVE-2025-8284) in Packet Power Devices Allows Unauthenticated Remote Takeover

Do Son August 11, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-severity alert for a missing authentication...

CVE-2025-55188: 7-Zip Arbitrary File Write Flaw Could Lead to Code Execution 7-Zip Vulnerability, Arbitrary File Write

CVE-2025-55188: 7-Zip Arbitrary File Write Flaw Could Lead to Code Execution

Do Son August 11, 2025

A newly disclosed vulnerability in 7-Zip, tracked as CVE-2025-55188, has been identified by security researcher Landon. The...

Urgent Xerox FreeFlow Core Patch: Critical Flaws (CVSS 9.8) Allow RCE and SSRF Xerox RCE, FreeFlow Core Vulnerabilities

Urgent Xerox FreeFlow Core Patch: Critical Flaws (CVSS 9.8) Allow RCE and SSRF

Do Son August 11, 2025

Xerox has released a security update for FreeFlow Core, addressing two high-impact vulnerabilities that could allow attackers...

CVE-2025-5095 (CVSS 9.8): Critical Flaw in ARC Solo Broadcasting Devices Allows Unauthenticated Takeover

Do Son August 11, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning about a critical authentication...

Linux Kernel Flaw (CVE-2025-38236): Privilege Escalation Risk, PoC Code Available Linux Kernel Exploit, Privilege Escalation

Linux Kernel Flaw (CVE-2025-38236): Privilege Escalation Risk, PoC Code Available

Do Son August 11, 2025

Security researcher Jann Horn from Google Project Zero disclosed the technical details and proof-of-concept exploit code for...

WinRAR Update: Zero-Day Path Traversal Flaw (CVE-2025-8088) Actively Exploited to Deliver Malware WinRAR Zero-Day, Path Traversal CVE-2025-8088

WinRAR Update: Zero-Day Path Traversal Flaw (CVE-2025-8088) Actively Exploited to Deliver Malware

Do Son August 11, 2025

Security researchers at ESET have uncovered a zero-day path traversal vulnerability in the Windows version of WinRAR...

PyPI Rejects Malicious ZIP Archives to Block “Parser Confusion” Attacks PyPI Security, ZIP Confusion

PyPI Rejects Malicious ZIP Archives to Block “Parser Confusion” Attacks

Do Son August 9, 2025

The Python Package Index (PyPI) has announced a set of new upload restrictions aimed at protecting Python...

CISA Alert: Critical Flaws Expose EG4 Electronics Inverters to Remote Takeover EG4 Electronics, CISA Alert

CISA Alert: Critical Flaws Expose EG4 Electronics Inverters to Remote Takeover

Do Son August 9, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a risk evaluation warning about multiple high-severity...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

Vulnerability Report

GitLab Patches High-Severity Flaws: Update Now to Prevent XSS and Account Takeover

Microsoft’s August Patch Tuesday: Zero-Day Kerberos Flaw Threatens Domain Admins

Zoom Patches Critical Flaw (CVE-2025-49457): Windows Users Face Privilege Escalation Risk

Chrome Stable Update 139 Blocks High-Severity Exploits in V8, libaom, and ANGLE

FortiSIEM CVE-2025-25256 (CVSS 9.8): Remote Unauthenticated Command Injection with Exploit in the Wild

SAP Patch Day August 2025: Critical Code Injection Flaws Threaten Core ERP Systems

The Win-DDoS Epidemic: New Flaws Weaponize Windows Domain Controllers for Massive DoS Attacks, PoC Releases

Critical Erlang/OTP Flaw (CVE-2025-32433) Under Active Exploitation, Allowing Unauthenticated RCE on OT Networks

Apache bRPC Flaw (CVE-2025-54472) Allows Remote Denial-of-Service Attack

Record-Breaking Payout: Google Awards $250,000 for a Critical Chrome Flaw (CVE-2025-4609)

BadCam: Critical Flaws in Lenovo Linux Webcams Allow Remote BadUSB Attacks and Persistent Infections

EPM Poisoning (CVE-2025-49760): New Windows RPC Exploit Hijacks Services, Allowing Full Active Directory Compromise, PoC Releases

CISA Alert: Critical Flaw (CVE-2025-8284) in Packet Power Devices Allows Unauthenticated Remote Takeover

CVE-2025-55188: 7-Zip Arbitrary File Write Flaw Could Lead to Code Execution

Urgent Xerox FreeFlow Core Patch: Critical Flaws (CVSS 9.8) Allow RCE and SSRF

CVE-2025-5095 (CVSS 9.8): Critical Flaw in ARC Solo Broadcasting Devices Allows Unauthenticated Takeover

Linux Kernel Flaw (CVE-2025-38236): Privilege Escalation Risk, PoC Code Available

WinRAR Update: Zero-Day Path Traversal Flaw (CVE-2025-8088) Actively Exploited to Deliver Malware

PyPI Rejects Malicious ZIP Archives to Block “Parser Confusion” Attacks

CISA Alert: Critical Flaws Expose EG4 Electronics Inverters to Remote Takeover