Vulnerability Report Archives • Page 76 of 86 • Daily CyberSecurity

Microsoft Unveils RedirectionGuard: A New Windows 11 Defense Against Privilege Escalation Attacks Mico

Microsoft Unveils RedirectionGuard: A New Windows 11 Defense Against Privilege Escalation Attacks

Do Son July 17, 2025

As attackers continue to evolve their tactics, Microsoft is taking bold strides to neutralize entire classes of...

NVIDIA Plugs Critical Flaws in Container Toolkit and GPU Operator: CVE-2025-23266 & CVE-2025-23267 NVIDIA Security, Container Vulnerabilities

NVIDIA Plugs Critical Flaws in Container Toolkit and GPU Operator: CVE-2025-23266 & CVE-2025-23267

Do Son July 17, 2025

NVIDIA has released a critical security update for its Container Toolkit and GPU Operator, patching two high-impact...

Google’s Big Sleep AI Foils Live Zero-Day Exploit in SQLite (CVE-2025-6965) AI Cybersecurity, Vulnerability Hunting

Google’s Big Sleep AI Foils Live Zero-Day Exploit in SQLite (CVE-2025-6965)

Do Son July 17, 2025

In a demonstration of artificial intelligence applied to cybersecurity, Google has revealed that its AI agent, Big...

AI Spam Threatens cURL’s Bug Bounty Program: Developer Considers Shutting It Down

Do Son July 16, 2025

Daniel, the developer behind the widely used open-source utility cURL, recently revealed in a blog post that...

High-Severity Node.js Flaws Expose Windows Apps to Path Traversal (CVE-2025-27210) & HashDoS (CVE-2025-27209) Attacks CVE-2022-32212 Node.js Vulnerabilities, Path Traversal

CVE-2022-32212 Node.js Vulnerabilities, Path Traversal

High-Severity Node.js Flaws Expose Windows Apps to Path Traversal (CVE-2025-27210) & HashDoS (CVE-2025-27209) Attacks

Do Son July 16, 2025

The OpenJS Foundation has released important updates to Node.js 24.x, 22.x, and 20.x release lines, addressing two...

Apache CXF Vulnerability: DoS and Data Leak Risks Exposed (CVE-2025-48795) Apache CXF, DoS Vulnerability

Apache CXF Vulnerability: DoS and Data Leak Risks Exposed (CVE-2025-48795)

Do Son July 15, 2025

The Apache Software Foundation has disclosed a vulnerability—CVE-2025-48795—affecting multiple versions of Apache CXF, an open-source web services...

Broadcom Addresses Critical Vulnerabilities in VMware ESXi, Workstation, and Fusion VMware Vulnerabilities, Virtualization Security

Broadcom Addresses Critical Vulnerabilities in VMware ESXi, Workstation, and Fusion

Do Son July 15, 2025

Broadcom has issued an urgent advisory addressing four critical vulnerabilities affecting VMware ESXi, Workstation, Fusion, and Tools,...

Urgent Chrome Update: Google Patches Critical Zero-Day (CVE-2025-6558) Under Active Attack Chrome security update exploit in the wild Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Chrome security update exploit in the wild Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Urgent Chrome Update: Google Patches Critical Zero-Day (CVE-2025-6558) Under Active Attack

Do Son July 15, 2025

Google has released a critical Stable Channel update for Chrome Desktop (version 138.0.7204.157/.158), addressing six security vulnerabilities,...

CVE-2025-53833 (CVSS 10): Critical SSTI Flaw in LaRecipe Threatens Millions of Laravel Apps LaRecipe, Remote Code Execution

CVE-2025-53833 (CVSS 10): Critical SSTI Flaw in LaRecipe Threatens Millions of Laravel Apps

Do Son July 15, 2025

A newly discovered Server-Side Template Injection (SSTI) vulnerability in the widely-used LaRecipe documentation tool has been assigned...

CISA Warns of Active Exploitation of Wing FTP Server Flaw (CVE-2025-47812), CVSS 10 Cisco VPN Zero-Day, ASA Vulnerability Ivanti Vulnerabilities Wing FTP Server, RCE Exploit CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor

Cisco VPN Zero-Day, ASA Vulnerability Ivanti Vulnerabilities Wing FTP Server, RCE Exploit CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor

CISA Warns of Active Exploitation of Wing FTP Server Flaw (CVE-2025-47812), CVSS 10

Do Son July 15, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-47812 to its Known Exploited Vulnerabilities (KEV) Catalog...

ImageMagick Flaw (CVE-2025-53101): Stack Buffer Overflow Allows Potential Remote Code Execution ImageMagick, Stack Buffer Overflow

ImageMagick Flaw (CVE-2025-53101): Stack Buffer Overflow Allows Potential Remote Code Execution

Do Son July 15, 2025

A flaw has been discovered in ImageMagick, the widely used open-source image manipulation suite, that could lead...

CVE-2025-43856: OAuth2 Account Hijacking Flaw Found in Immich, a Popular Self-Hosted Photo Platform Immich, Account Hijacking

CVE-2025-43856: OAuth2 Account Hijacking Flaw Found in Immich, a Popular Self-Hosted Photo Platform

Do Son July 15, 2025

A critical vulnerability has been disclosed in Immich, a rapidly growing open-source project for self-hosted photo and...

Critical Apache Jackrabbit Flaw (CVE-2025-53689): XXE Attacks Allow Data Exfiltration & DoS Apache Jackrabbit, JNDI injection CVE-2023-37895 Apache Jackrabbit, XXE Vulnerability

Critical Apache Jackrabbit Flaw (CVE-2025-53689): XXE Attacks Allow Data Exfiltration & DoS

Do Son July 14, 2025

A critical XML External Entity (XXE) vulnerability has been identified in multiple versions of Apache Jackrabbit, a...

GPUHammer: First Rowhammer Attack on GDDR6 GPU Memory Induces Bit Flips, Degrades AI Models GPUHammer, Rowhammer

GPUHammer: First Rowhammer Attack on GDDR6 GPU Memory Induces Bit Flips, Degrades AI Models

Do Son July 14, 2025

For nearly a decade, Rowhammer has haunted DRAM technology, and now it has entered a new field:...

CVE-2025-7503 (CVSS 10): Hidden Backdoor in Popular IP Camera Grants Hackers Root Access IP Camera, Critical Vulnerability

CVE-2025-7503 (CVSS 10): Hidden Backdoor in Popular IP Camera Grants Hackers Root Access

Do Son July 14, 2025

A critical vulnerability (CVE-2025-7503) has been uncovered in an IP camera manufactured by Shenzhen Liandian Communication Technology...

CVE-2025-25257 (CVSS 9.6): Pre-Auth SQLi in Fortinet FortiWeb Opens Door to RCE, PoC Published CVE-2025-25257 PoC FortiWeb, SQL Injection

CVE-2025-25257 (CVSS 9.6): Pre-Auth SQLi in Fortinet FortiWeb Opens Door to RCE, PoC Published

Do Son July 14, 2025

A critical security flaw in Fortinet’s FortiWeb web application firewall has been publicly weaponized, with proof-of-concept (PoC)...

RenderShock: New Zero-Click Attack Explores Hidden Vulnerabilities in OS & Enterprise Environments

Do Son July 14, 2025

CYFIRMA has uncovered a new threat model called RenderShock — a zero-click attack strategy that turns convenience...

SMM Vulnerabilities in Gigabyte UEFI Firmware Expose Systems to Stealthy Attacks Gigabyte UEFI, Critical Vulnerabilities

SMM Vulnerabilities in Gigabyte UEFI Firmware Expose Systems to Stealthy Attacks

Do Son July 14, 2025

In a warning issued by CERT/CC, multiple high-impact vulnerabilities have been identified in Gigabyte UEFI firmware that...

CVE-2025-30023: Critical RCE Vulnerability Discovered in Axis Video Management Software Axis Communications, Remote Code Execution

CVE-2025-30023: Critical RCE Vulnerability Discovered in Axis Video Management Software

Do Son July 14, 2025

Axis Communications has issued a security advisory for a critical vulnerability affecting several of its flagship software...

Rockwell Arena Simulation Flaw: Remote Code Execution Via Malicious DOE Files

Do Son July 12, 2025

Rockwell Automation has issued a security advisory detailing two vulnerabilities affecting its Arena Simulation software. Disclosed by...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

Vulnerability Report

Microsoft Unveils RedirectionGuard: A New Windows 11 Defense Against Privilege Escalation Attacks

NVIDIA Plugs Critical Flaws in Container Toolkit and GPU Operator: CVE-2025-23266 & CVE-2025-23267

Google’s Big Sleep AI Foils Live Zero-Day Exploit in SQLite (CVE-2025-6965)

AI Spam Threatens cURL’s Bug Bounty Program: Developer Considers Shutting It Down

High-Severity Node.js Flaws Expose Windows Apps to Path Traversal (CVE-2025-27210) & HashDoS (CVE-2025-27209) Attacks

Apache CXF Vulnerability: DoS and Data Leak Risks Exposed (CVE-2025-48795)

Broadcom Addresses Critical Vulnerabilities in VMware ESXi, Workstation, and Fusion

Urgent Chrome Update: Google Patches Critical Zero-Day (CVE-2025-6558) Under Active Attack

CVE-2025-53833 (CVSS 10): Critical SSTI Flaw in LaRecipe Threatens Millions of Laravel Apps

CISA Warns of Active Exploitation of Wing FTP Server Flaw (CVE-2025-47812), CVSS 10

ImageMagick Flaw (CVE-2025-53101): Stack Buffer Overflow Allows Potential Remote Code Execution

CVE-2025-43856: OAuth2 Account Hijacking Flaw Found in Immich, a Popular Self-Hosted Photo Platform

Critical Apache Jackrabbit Flaw (CVE-2025-53689): XXE Attacks Allow Data Exfiltration & DoS

GPUHammer: First Rowhammer Attack on GDDR6 GPU Memory Induces Bit Flips, Degrades AI Models

CVE-2025-7503 (CVSS 10): Hidden Backdoor in Popular IP Camera Grants Hackers Root Access

CVE-2025-25257 (CVSS 9.6): Pre-Auth SQLi in Fortinet FortiWeb Opens Door to RCE, PoC Published

RenderShock: New Zero-Click Attack Explores Hidden Vulnerabilities in OS & Enterprise Environments

SMM Vulnerabilities in Gigabyte UEFI Firmware Expose Systems to Stealthy Attacks

CVE-2025-30023: Critical RCE Vulnerability Discovered in Axis Video Management Software

Rockwell Arena Simulation Flaw: Remote Code Execution Via Malicious DOE Files