Vulnerability Report Archives • Page 84 of 88 • Daily CyberSecurity

EchoLeak: First AI Zero-Click Vulnerability Leaks Data from Microsoft 365 Copilot AI Security, Data Exfiltration

EchoLeak: First AI Zero-Click Vulnerability Leaks Data from Microsoft 365 Copilot

Do Son June 13, 2025

In the age of artificial intelligence, a multitude of AI agents has emerged, yet their rapid proliferation...

CVE-2025-5491: Acer Control Center Bug Allows Remote Code Execution as NT AUTHORITY\SYSTEM Acer ControlCenter, Privilege Escalation

CVE-2025-5491: Acer Control Center Bug Allows Remote Code Execution as NT AUTHORITY\SYSTEM

Do Son June 13, 2025

Acer has released a critical security update addressing a newly disclosed local privilege escalation vulnerability in its...

CVE-2024-9404: Remote DoS Vulnerability Found in Moxa Industrial Switches Moxa Switches, DoS Vulnerability

CVE-2024-9404: Remote DoS Vulnerability Found in Moxa Industrial Switches

Do Son June 13, 2025

Moxa has issued a high-severity security advisory for a newly discovered vulnerability—CVE-2024-9404—that affects its widely deployed PT-G7728...

Urgent CISA Alert: Ransomware Actors Exploiting SimpleHelp RMM Flaw (CVE-2024-57727) SimpleHelp RMM, Ransomware

Urgent CISA Alert: Ransomware Actors Exploiting SimpleHelp RMM Flaw (CVE-2024-57727)

Do Son June 13, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with its federal partners, has issued a high-priority...

Warning: Discontinued Amazon Cloud Cam Has Vulnerability (CVE-2025-6031), Exposing Your Network Amazon Cloud Cam, Unsupported Device

Warning: Discontinued Amazon Cloud Cam Has Vulnerability (CVE-2025-6031), Exposing Your Network

Do Son June 13, 2025

A newly disclosed vulnerability in the now-discontinued Amazon Cloud Cam has raised serious concerns about the risks...

Apache Tomcat Under Attack: Massive Brute-Force Campaign Targets Manager Interfaces Apache Tomcat, Brute-Force Attacks CVE-2024-38286 - Apache Tomcat 11

Apache Tomcat, Brute-Force Attacks CVE-2024-38286 - Apache Tomcat 11

Apache Tomcat Under Attack: Massive Brute-Force Campaign Targets Manager Interfaces

Do Son June 13, 2025

A significant surge in brute-force attacks is targeting Apache Tomcat Manager interfaces, according to a new report...

Flaw in PostgreSQL JDBC Driver (CVE-2025-49146) Exposes Database Connections to MITM Attacks! PostgreSQL JDBC, MITM Vulnerability

Flaw in PostgreSQL JDBC Driver (CVE-2025-49146) Exposes Database Connections to MITM Attacks!

Do Son June 13, 2025

A recently disclosed vulnerability in the PostgreSQL JDBC Driver (PgJDBC) could allow attackers to intercept database connections...

High-Severity Flaw in HashiCorp Nomad (CVE-2025-4922) Allows Privilege Escalation HashiCorp Nomad, Privilege Escalation

High-Severity Flaw in HashiCorp Nomad (CVE-2025-4922) Allows Privilege Escalation

Do Son June 13, 2025

HashiCorp has disclosed a high-severity vulnerability in its workload orchestration tool, Nomad, which could allow attackers to...

Zero-Click iMessage Alert: Paragon’s Graphite Spyware Exploits iOS Flaw, Targets Journalists Zero-Click Spyware, Graphite CVE-2025-43200

Zero-Click iMessage Alert: Paragon’s Graphite Spyware Exploits iOS Flaw, Targets Journalists

Do Son June 12, 2025

On April 29, 2025, Apple issued alerts: select iOS users were being targeted with advanced spyware. Among...

CVE-2025-41234: Spring Framework Vulnerability Enables Reflected File Download Attacks Spring Framework, RFD Vulnerability

CVE-2025-41234: Spring Framework Vulnerability Enables Reflected File Download Attacks

Do Son June 12, 2025

The Spring project has released a security advisory disclosing a vulnerability in the popular Spring Framework, which...

Urgent Firefox Alert: Critical Memory Corruption Flaws (CVSS 9.8) Allow Remote Code Execution Firefox Vulnerabilities

Urgent Firefox Alert: Critical Memory Corruption Flaws (CVSS 9.8) Allow Remote Code Execution

Do Son June 12, 2025

The Mozilla Foundation has issued an urgent security update for the Firefox web browser, addressing two critical...

Urgent GitLab Security Alert: High-Severity Flaws Allow Account Takeover & Code Injection! GitLab Security, High-Severity Flaws

Urgent GitLab Security Alert: High-Severity Flaws Allow Account Takeover & Code Injection!

Do Son June 12, 2025

GitLab has issued urgent security updates for its Community Edition (CE) and Enterprise Edition (EE), addressing a...

Flaws in Weidmueller IE-SR-2TX Routers Allow Remote Root Access! Weidmueller, Critical Vulnerabilities

Flaws in Weidmueller IE-SR-2TX Routers Allow Remote Root Access!

Do Son June 12, 2025

A recent coordinated security advisory issued by CERT@VDE and Weidmueller has disclosed three critical vulnerabilities affecting the...

IGEL OS 10 Flaw (CVE-2025-47827): Full Secure Boot Bypass Allows Untrusted Kernel & Rootkits, PoC Available IGEL OS, Secure Boot Bypass

IGEL OS 10 Flaw (CVE-2025-47827): Full Secure Boot Bypass Allows Untrusted Kernel & Rootkits, PoC Available

Do Son June 12, 2025

Researcher Zack Didcott has disclosed a critical vulnerability affecting IGEL OS 10. Tracked as CVE-2025-47827, the flaw...

Urgent Siemens Energy Alert: Critical Flaw (CVSS 9.9) in Private 5G Core Exposes Sensitive Data! Siemens Energy, Critical Vulnerability CVE-2025-40585

Siemens Energy, Critical Vulnerability CVE-2025-40585

Urgent Siemens Energy Alert: Critical Flaw (CVSS 9.9) in Private 5G Core Exposes Sensitive Data!

Do Son June 12, 2025

Siemens has issued a critical security advisory regarding its Energy Services platform—formerly known as Managed Applications and...

Critical RCE Flaw (CVSS 9.8) in QNX SDP Exposes Automotive & IoT Systems to Attack! QNX Vulnerability, Remote Code Execution CVE-2025-2474

Critical RCE Flaw (CVSS 9.8) in QNX SDP Exposes Automotive & IoT Systems to Attack!

Do Son June 12, 2025

The QNX Software Development Platform (SDP)—a foundation of many embedded and real-time systems—has been found vulnerable to...

TPM 2.0 Flaw (CVE-2025-2884) Exposes Sensitive Data & Disrupts Trusted Computing! TPM 2.0, Security Vulnerability

TPM 2.0 Flaw (CVE-2025-2884) Exposes Sensitive Data & Disrupts Trusted Computing!

Do Son June 12, 2025

A vulnerability in the Trusted Platform Module (TPM) 2.0 reference implementation has been disclosed, potentially allowing attackers...

HPE Aruba Networking Patches Sensitive Data Exposure Vulnerability in Private 5G Core Platform HPE Aruba, 5G Security

HPE Aruba Networking Patches Sensitive Data Exposure Vulnerability in Private 5G Core Platform

Do Son June 11, 2025

HPE Aruba Networking has released a security update addressing a high-severity vulnerability in its Private 5G Core...

High-Severity Flaw in Kibana: Unauthorized Access Possible in Synthetic Monitoring! Kibana Vulnerability, Elastic Security

High-Severity Flaw in Kibana: Unauthorized Access Possible in Synthetic Monitoring!

Do Son June 11, 2025

Elastic has disclosed a high-severity vulnerability (CVE-2024-43706) affecting its Kibana observability platform, specifically in the Synthetic Monitoring...

Ivanti Patches High-Severity Credential Decryption Flaws in Workspace Control Ivanti Workspace Control

Ivanti Patches High-Severity Credential Decryption Flaws in Workspace Control

Do Son June 11, 2025

Ivanti has released critical security updates addressing three high-severity vulnerabilities in Ivanti Workspace Control (IWC)—a widely-used tool...

Critical Alert 1 Active Exploit Detected Today