Vulnerability Report

Critical RCE Flaws in MICI NetFax Server Unpatched, Vendor Refuses Fix

• Vulnerability Report

Critical RCE Flaws in MICI NetFax Server Unpatched, Vendor Refuses Fix

Do Son June 2, 2025 0

Security researchers at Rapid7 have uncovered a troubling trio of vulnerabilities in MICI Network Co., Ltd.’s NetFax...

Read More Read more about Critical RCE Flaws in MICI NetFax Server Unpatched, Vendor Refuses Fix

NetSPI Details Multiple Local Privilege Escalation Vulnerabilities in SonicWall NetExtender

• Vulnerability Report

NetSPI Details Multiple Local Privilege Escalation Vulnerabilities in SonicWall NetExtender

Do Son June 2, 2025 0

In a detailed investigation, NetSPI security researchers have uncovered multiple high-risk local privilege escalation (LPE) vulnerabilities in...

Read More Read more about NetSPI Details Multiple Local Privilege Escalation Vulnerabilities in SonicWall NetExtender

Path Traversal at Scale: Study Uncovers 1,756 Vulnerable GitHub Projects and LLM Contamination

• Vulnerability Report

Path Traversal at Scale: Study Uncovers 1,756 Vulnerable GitHub Projects and LLM Contamination

Do Son June 2, 2025 0

A study titled “Eradicating the Unseen” reveals the widespread presence of a critical path traversal vulnerability (CWE-22)...

Read More Read more about Path Traversal at Scale: Study Uncovers 1,756 Vulnerable GitHub Projects and LLM Contamination

Hitachi Energy’s Asset Suite Hit by Multiple Critical Vulnerabilities

• Vulnerability Report

Hitachi Energy’s Asset Suite Hit by Multiple Critical Vulnerabilities

Do Son June 1, 2025 0

Hitachi Energy has issued a cybersecurity advisory warning of multiple vulnerabilities impacting its Asset Suite product—a widely...

Read More Read more about Hitachi Energy’s Asset Suite Hit by Multiple Critical Vulnerabilities

CVE-2025-40909: Perl Threads Vulnerability Exposes File Operation Race Condition

• Vulnerability Report

CVE-2025-40909: Perl Threads Vulnerability Exposes File Operation Race Condition

Do Son May 31, 2025 0

A newly disclosed vulnerability in Perl’s threading mechanism, tracked as CVE-2025-40909, exposes systems to race conditions involving...

Read More Read more about CVE-2025-40909: Perl Threads Vulnerability Exposes File Operation Race Condition

CVE-2025-48912: Apache Superset Flaw Allows Row-Level Security Bypass via SQL Injection

• Vulnerability Report

CVE-2025-48912: Apache Superset Flaw Allows Row-Level Security Bypass via SQL Injection

Do Son May 31, 2025 0

A serious security vulnerability has been discovered in Apache Superset, a widely used open-source data exploration and...

Read More Read more about CVE-2025-48912: Apache Superset Flaw Allows Row-Level Security Bypass via SQL Injection

Horizon3 Details Critical File Upload Vulnerability in Cisco IOS XE WLC (CVE-2025-20188, CVSS 10)

• Vulnerability Report

Horizon3 Details Critical File Upload Vulnerability in Cisco IOS XE WLC (CVE-2025-20188, CVSS 10)

Do Son May 30, 2025 0

A critical vulnerability—CVE-2025-20188—has been disclosed in Cisco IOS XE Wireless LAN Controller (WLC) software, allowing unauthenticated attackers...

Read More Read more about Horizon3 Details Critical File Upload Vulnerability in Cisco IOS XE WLC (CVE-2025-20188, CVSS 10)

CVE-2024-8474: OpenVPN Connect Vulnerability Leaks Private Keys

• Vulnerability Report

CVE-2024-8474: OpenVPN Connect Vulnerability Leaks Private Keys

Do Son January 6, 2025 0

Popular VPN client app, OpenVPN Connect, patched a critical security flaw that could have exposed users’ private...

Read More Read more about CVE-2024-8474: OpenVPN Connect Vulnerability Leaks Private Keys