Vulnerability Report

MediaTek’s June 2025 Security Bulletin: High-Severity Flaw & Multiple Medium Risks Uncovered

• Vulnerability Report

MediaTek’s June 2025 Security Bulletin: High-Severity Flaw & Multiple Medium Risks Uncovered

Do Son June 2, 2025 0

MediaTek, a leading global chipset manufacturer, has published its June 2025 Product Security Bulletin, disclosing one high-severity...

Read More Read more about MediaTek’s June 2025 Security Bulletin: High-Severity Flaw & Multiple Medium Risks Uncovered

Critical RCE Flaw Patched in Roundcube Webmail: Update Immediately!

• Vulnerability Report

Critical RCE Flaw Patched in Roundcube Webmail: Update Immediately!

Do Son June 2, 2025 0

Roundcube Webmail, a widely-used browser-based IMAP client, has patched a critical security vulnerability, tracked as CVE-2025-49113 (CVSS...

Read More Read more about Critical RCE Flaw Patched in Roundcube Webmail: Update Immediately!

CISA Alert: Critical Flaws in Consilium Safety CS5000 Fire Panel Could Enable Remote Takeover, No Patch

• Vulnerability Report

CISA Alert: Critical Flaws in Consilium Safety CS5000 Fire Panel Could Enable Remote Takeover, No Patch

Do Son June 2, 2025 0

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory warning of two critical security...

Read More Read more about CISA Alert: Critical Flaws in Consilium Safety CS5000 Fire Panel Could Enable Remote Takeover, No Patch

Critical RCE Flaws in MICI NetFax Server Unpatched, Vendor Refuses Fix

• Vulnerability Report

Critical RCE Flaws in MICI NetFax Server Unpatched, Vendor Refuses Fix

Do Son June 2, 2025 0

Security researchers at Rapid7 have uncovered a troubling trio of vulnerabilities in MICI Network Co., Ltd.’s NetFax...

Read More Read more about Critical RCE Flaws in MICI NetFax Server Unpatched, Vendor Refuses Fix

NetSPI Details Multiple Local Privilege Escalation Vulnerabilities in SonicWall NetExtender

• Vulnerability Report

NetSPI Details Multiple Local Privilege Escalation Vulnerabilities in SonicWall NetExtender

Do Son June 2, 2025 0

In a detailed investigation, NetSPI security researchers have uncovered multiple high-risk local privilege escalation (LPE) vulnerabilities in...

Read More Read more about NetSPI Details Multiple Local Privilege Escalation Vulnerabilities in SonicWall NetExtender

Path Traversal at Scale: Study Uncovers 1,756 Vulnerable GitHub Projects and LLM Contamination

• Vulnerability Report

Path Traversal at Scale: Study Uncovers 1,756 Vulnerable GitHub Projects and LLM Contamination

Do Son June 2, 2025 0

A study titled “Eradicating the Unseen” reveals the widespread presence of a critical path traversal vulnerability (CWE-22)...

Read More Read more about Path Traversal at Scale: Study Uncovers 1,756 Vulnerable GitHub Projects and LLM Contamination

Hitachi Energy’s Asset Suite Hit by Multiple Critical Vulnerabilities

• Vulnerability Report

Hitachi Energy’s Asset Suite Hit by Multiple Critical Vulnerabilities

Do Son June 1, 2025 0

Hitachi Energy has issued a cybersecurity advisory warning of multiple vulnerabilities impacting its Asset Suite product—a widely...

Read More Read more about Hitachi Energy’s Asset Suite Hit by Multiple Critical Vulnerabilities

CVE-2025-40909: Perl Threads Vulnerability Exposes File Operation Race Condition

• Vulnerability Report

CVE-2025-40909: Perl Threads Vulnerability Exposes File Operation Race Condition

Do Son May 31, 2025 0

A newly disclosed vulnerability in Perl’s threading mechanism, tracked as CVE-2025-40909, exposes systems to race conditions involving...

Read More Read more about CVE-2025-40909: Perl Threads Vulnerability Exposes File Operation Race Condition

CVE-2025-48912: Apache Superset Flaw Allows Row-Level Security Bypass via SQL Injection

• Vulnerability Report

CVE-2025-48912: Apache Superset Flaw Allows Row-Level Security Bypass via SQL Injection

Do Son May 31, 2025 0

A serious security vulnerability has been discovered in Apache Superset, a widely used open-source data exploration and...

Read More Read more about CVE-2025-48912: Apache Superset Flaw Allows Row-Level Security Bypass via SQL Injection

Horizon3 Details Critical File Upload Vulnerability in Cisco IOS XE WLC (CVE-2025-20188, CVSS 10)

• Vulnerability Report

Horizon3 Details Critical File Upload Vulnerability in Cisco IOS XE WLC (CVE-2025-20188, CVSS 10)

Do Son May 30, 2025 0

A critical vulnerability—CVE-2025-20188—has been disclosed in Cisco IOS XE Wireless LAN Controller (WLC) software, allowing unauthenticated attackers...

Read More Read more about Horizon3 Details Critical File Upload Vulnerability in Cisco IOS XE WLC (CVE-2025-20188, CVSS 10)

CVE-2024-8474: OpenVPN Connect Vulnerability Leaks Private Keys

• Vulnerability Report

CVE-2024-8474: OpenVPN Connect Vulnerability Leaks Private Keys

Do Son January 6, 2025 0

Popular VPN client app, OpenVPN Connect, patched a critical security flaw that could have exposed users’ private...

Read More Read more about CVE-2024-8474: OpenVPN Connect Vulnerability Leaks Private Keys