Vulnerability Archives • Page 10 of 190 • Daily CyberSecurity

PoC Unleashed: Linux vsock Flaw Enables Privilege Escalation to Root vsock privilege escalation

PoC Unleashed: Linux vsock Flaw Enables Privilege Escalation to Root

Ddos June 4, 2025

Independent researcher V4bel published the technical details and a proof-of-concept exploit code for a Linux kernel vulnerability,...

Samba Security Alert: Stale Group Data Poses Risk in Kerberos SMB Sessions, No Patch! Samba Vulnerability, Kerberos Authentication

Samba Security Alert: Stale Group Data Poses Risk in Kerberos SMB Sessions, No Patch!

Ddos June 4, 2025

The Samba Team has issued an important advisory regarding a vulnerability affecting Kerberos-based authentication in Samba version...

CVSS 10.0: Critical Flaw Threatens DELMIA Apriso Manufacturing Systems DELMIA Apriso, Critical Vulnerability

CVSS 10.0: Critical Flaw Threatens DELMIA Apriso Manufacturing Systems

Ddos June 3, 2025

DELMIA Apriso is part of Dassault Systèmes’ industrial solutions suite and functions as a Manufacturing Execution System...

Splunk Issues Patches for Two Security Flaws: Windows Permission Misconfiguration and Reflected XSS Splunk Vulnerabilities, Security Advisory

Splunk Vulnerabilities, Security Advisory

Splunk Issues Patches for Two Security Flaws: Windows Permission Misconfiguration and Reflected XSS

Ddos June 3, 2025

Splunk Inc., a leader in data analytics and security monitoring, has issued security advisories for two newly...

Critical 9.8 CVSS Authentication Bypass in HPE StoreOnce Software HPE StoreOnce, Authentication Bypass

Critical 9.8 CVSS Authentication Bypass in HPE StoreOnce Software

Ddos June 3, 2025

Hewlett Packard Enterprise (HPE) has issued a security bulletin detailing multiple severe vulnerabilities in its StoreOnce Software,...

ModSecurity Alert: New DoS Vulnerability Discovered! ModSecurity, DoS Vulnerability

ModSecurity Alert: New DoS Vulnerability Discovered!

Ddos June 2, 2025

The ModSecurity project has issued a security advisory disclosing a new vulnerability—CVE-2025-48866—in its widely used open-source web...

Qualcomm Reveals Active Exploitation of Multiple Zero-Days in Adreno GPU Qualcomm Zero-Days, Snapdragon Vulnerabilities

Qualcomm Reveals Active Exploitation of Multiple Zero-Days in Adreno GPU

Ddos June 2, 2025

Qualcomm has disclosed several critical security flaws in its latest June 2025 Security Bulletin, including multiple zero-day...

Critical Security Flaws Found in AXIS OS: Patch Your Devices Now! AXIS OS Vulnerability, Privilege Escalation

Critical Security Flaws Found in AXIS OS: Patch Your Devices Now!

Ddos June 2, 2025

Axis Communications has issued critical and high-severity patches addressing three recently disclosed vulnerabilities in AXIS OS, the...

PoC Reveals Apple Audio Zero-Day Enabling Remote Code Execution via Malicious Media Files CoreAudio Vulnerability, Apple Zero-Day

PoC Reveals Apple Audio Zero-Day Enabling Remote Code Execution via Malicious Media Files

Ddos June 2, 2025

Apple has patched a high-severity zero-day vulnerability in CoreAudio, the framework responsible for audio playback and processing...

Critical SSRF Flaw in Esri Portal for ArcGIS Exposes Internal Networks Esri ArcGIS, SSRF Vulnerability

Critical SSRF Flaw in Esri Portal for ArcGIS Exposes Internal Networks

Ddos June 2, 2025

Esri has issued a critical security patch for its widely used Portal for ArcGIS software, addressing a...

Critical Flaw in Fabio Load Balancer Allows HTTP Header Tampering & Access Bypass Fabio Load Balancer, Header Manipulation

Critical Flaw in Fabio Load Balancer Allows HTTP Header Tampering & Access Bypass

Ddos June 2, 2025

A newly disclosed vulnerability in the Fabio load balancer, tracked as CVE-2025-48865, allows malicious clients to manipulate...

Critical Flaws in Veritas DLO Expose Systems to Remote Code Execution Veritas DLO, Critical Vulnerabilities

Critical Flaws in Veritas DLO Expose Systems to Remote Code Execution

Ddos June 2, 2025

Veritas has issued a security advisory warning users of its Desktop Laptop Option (DLO) platform about two...

Critical 10.0 CVSS Flaws Found in Netwrix Directory Manager v11 – Patch Immediately! Netwrix, Directory Manager Vulnerabilities

Critical 10.0 CVSS Flaws Found in Netwrix Directory Manager v11 – Patch Immediately!

Ddos May 31, 2025

Netwrix, a provider of identity governance and access management solutions, has issued a critical security advisory warning...

Apache Tomcat Flaw Allows Security Bypass on Case-Insensitive Systems Apache Tomcat vulnerability CGI servlet bypass

Apache Tomcat Flaw Allows Security Bypass on Case-Insensitive Systems

Ddos May 30, 2025

The Apache Software Foundation has disclosed a low-severity security vulnerability affecting multiple versions of the Apache Tomcat...

Spring Cloud Gateway vulnerability Header spoofing

Spring Cloud Gateway Vulnerability Exposes Applications to Header Injection Risks

Ddos May 30, 2025

A newly disclosed vulnerability in Spring Cloud Gateway Server could expose applications to header spoofing and potential...

Critical (CVSS 9.8): IBM Tivoli Monitoring Flaw Risks Remote Code Execution IBM Tivoli vulnerability CVE-2025-3357

Critical (CVSS 9.8): IBM Tivoli Monitoring Flaw Risks Remote Code Execution

Ddos May 30, 2025

IBM has issued a critical security update for its Tivoli Monitoring suite, addressing a high-severity vulnerability that...

ZITADEL Flaw: Host Header Injection Risks Account Takeover (Password Reset) ZITADEL vulnerability Account takeover

ZITADEL Flaw: Host Header Injection Risks Account Takeover (Password Reset)

Ddos May 30, 2025

ZITADEL, a modern identity and access management platform, has patched a critical vulnerability in its password reset...

Critical Vulnerability (CVSS 9.3): Icinga 2 Flaw Risks Certificate Impersonation Icinga 2 vulnerability Certificate impersonation

Critical Vulnerability (CVSS 9.3): Icinga 2 Flaw Risks Certificate Impersonation

Ddos May 30, 2025

A critical vulnerability in Icinga 2, the popular open-source monitoring system, has been disclosed, exposing systems to...

Security Alert: Multi Flaws in Kea DHCP Server Disclosed Kea DHCP vulnerability Privilege escalation

Security Alert: Multi Flaws in Kea DHCP Server Disclosed

Ddos May 30, 2025

The Internet Systems Consortium (ISC) has issued an urgent advisory affecting its modern Kea DHCP server, disclosing...

Industrial Systems at Risk: Critical Mitsubishi MELSEC Flaw (CVSS 9.1), No Patch Mitsubishi MELSEC vulnerability Industrial control system DoS

Industrial Systems at Risk: Critical Mitsubishi MELSEC Flaw (CVSS 9.1), No Patch

Ddos May 29, 2025

Mitsubishi Electric Corporation released a security advisory warning users of a serious vulnerability in its MELSEC iQ-F...

Critical Alert 1 Active Exploit Detected Today