Vulnerability Archives • Page 10 of 190 • Daily CyberSecurity

Legacy vBulletin 4.x Patch Backfires: RCE via Signed Base64 Payloads and a Full PoC vBulletin RCE

Legacy vBulletin 4.x Patch Backfires: RCE via Signed Base64 Payloads and a Full PoC

Do Son June 7, 2025

Security researcher Egidio Romano (EgiX) uncovers a fascinating PHP Object Injection (POI) vulnerability in legacy versions of...

Critical Flaws in Acronis Cyber Protect Expose Sensitive Data: CVSS 10 Vulnerabilities Patched Acronis Vulnerabilities, Cybersecurity Advisory

Acronis Vulnerabilities, Cybersecurity Advisory

Critical Flaws in Acronis Cyber Protect Expose Sensitive Data: CVSS 10 Vulnerabilities Patched

Do Son June 6, 2025

Acronis International GmbH has issued a critical security advisory addressing a series of high-severity vulnerabilities in its...

Critical CVSS 9.8 Flaw Hits Popular LlamaIndex Framework Used by Millions LlamaIndex Vulnerability, SQL Injection

Critical CVSS 9.8 Flaw Hits Popular LlamaIndex Framework Used by Millions

Do Son June 6, 2025

LlamaIndex, a widely adopted framework for building LLM-powered applications with over 3.9 million monthly downloads, has been...

CRITICAL (CVSS 9.4) Python ‘tarfile’ Vulnerability: Arbitrary Filesystem Writes Possible! CPython Vulnerabilities, Python Tarfile CVE-2025-4517

CRITICAL (CVSS 9.4) Python ‘tarfile’ Vulnerability: Arbitrary Filesystem Writes Possible!

Do Son June 5, 2025

The CPython project has issued a security advisory addressing five vulnerabilities—including one CRITICAL and three HIGH-severity flaws—affecting...

Critical Dell Bug (CVSS 9.8) Lets Unauthenticated Attackers Fully Compromise the System Dell AI PC marketing pivot, XPS 2026 brand revival, NPU, Tech Industry News CVE-2023-32484 PowerScale OneFS, CVE-2024-53298

Critical Dell Bug (CVSS 9.8) Lets Unauthenticated Attackers Fully Compromise the System

Do Son June 5, 2025

Dell Technologies has issued urgent patches for multiple vulnerabilities impacting PowerScale OneFS, a core component of Dell’s...

Unpatched Telecom Flaws (CVSS 9.8) Enable Remote Code Execution: Critical Buffer Overflows Expose Core Infrastructure Buffer Overflow Telecom Vulnerabilities

Unpatched Telecom Flaws (CVSS 9.8) Enable Remote Code Execution: Critical Buffer Overflows Expose Core Infrastructure

Do Son June 4, 2025

Two newly disclosed vulnerabilities in popular telecommunications devices expose critical infrastructure to unauthenticated remote code execution and...

PoC Unleashed: Linux vsock Flaw Enables Privilege Escalation to Root vsock privilege escalation

PoC Unleashed: Linux vsock Flaw Enables Privilege Escalation to Root

Do Son June 4, 2025

Independent researcher V4bel published the technical details and a proof-of-concept exploit code for a Linux kernel vulnerability,...

Samba Security Alert: Stale Group Data Poses Risk in Kerberos SMB Sessions, No Patch! Samba Vulnerability, Kerberos Authentication

Samba Security Alert: Stale Group Data Poses Risk in Kerberos SMB Sessions, No Patch!

Do Son June 4, 2025

The Samba Team has issued an important advisory regarding a vulnerability affecting Kerberos-based authentication in Samba version...

CVSS 10.0: Critical Flaw Threatens DELMIA Apriso Manufacturing Systems DELMIA Apriso, Critical Vulnerability

CVSS 10.0: Critical Flaw Threatens DELMIA Apriso Manufacturing Systems

Do Son June 3, 2025

DELMIA Apriso is part of Dassault Systèmes’ industrial solutions suite and functions as a Manufacturing Execution System...

Splunk Issues Patches for Two Security Flaws: Windows Permission Misconfiguration and Reflected XSS Splunk Vulnerabilities, Security Advisory

Splunk Vulnerabilities, Security Advisory

Splunk Issues Patches for Two Security Flaws: Windows Permission Misconfiguration and Reflected XSS

Do Son June 3, 2025

Splunk Inc., a leader in data analytics and security monitoring, has issued security advisories for two newly...

Critical 9.8 CVSS Authentication Bypass in HPE StoreOnce Software HPE StoreOnce, Authentication Bypass

Critical 9.8 CVSS Authentication Bypass in HPE StoreOnce Software

Do Son June 3, 2025

Hewlett Packard Enterprise (HPE) has issued a security bulletin detailing multiple severe vulnerabilities in its StoreOnce Software,...

ModSecurity Alert: New DoS Vulnerability Discovered! ModSecurity, DoS Vulnerability

ModSecurity Alert: New DoS Vulnerability Discovered!

Do Son June 2, 2025

The ModSecurity project has issued a security advisory disclosing a new vulnerability—CVE-2025-48866—in its widely used open-source web...

Qualcomm Reveals Active Exploitation of Multiple Zero-Days in Adreno GPU Qualcomm Zero-Days, Snapdragon Vulnerabilities

Qualcomm Reveals Active Exploitation of Multiple Zero-Days in Adreno GPU

Do Son June 2, 2025

Qualcomm has disclosed several critical security flaws in its latest June 2025 Security Bulletin, including multiple zero-day...

Critical Security Flaws Found in AXIS OS: Patch Your Devices Now! AXIS OS Vulnerability, Privilege Escalation

Critical Security Flaws Found in AXIS OS: Patch Your Devices Now!

Do Son June 2, 2025

Axis Communications has issued critical and high-severity patches addressing three recently disclosed vulnerabilities in AXIS OS, the...

PoC Reveals Apple Audio Zero-Day Enabling Remote Code Execution via Malicious Media Files CoreAudio Vulnerability, Apple Zero-Day

PoC Reveals Apple Audio Zero-Day Enabling Remote Code Execution via Malicious Media Files

Do Son June 2, 2025

Apple has patched a high-severity zero-day vulnerability in CoreAudio, the framework responsible for audio playback and processing...

Critical SSRF Flaw in Esri Portal for ArcGIS Exposes Internal Networks Esri ArcGIS, SSRF Vulnerability

Critical SSRF Flaw in Esri Portal for ArcGIS Exposes Internal Networks

Do Son June 2, 2025

Esri has issued a critical security patch for its widely used Portal for ArcGIS software, addressing a...

Critical Flaw in Fabio Load Balancer Allows HTTP Header Tampering & Access Bypass Fabio Load Balancer, Header Manipulation

Critical Flaw in Fabio Load Balancer Allows HTTP Header Tampering & Access Bypass

Do Son June 2, 2025

A newly disclosed vulnerability in the Fabio load balancer, tracked as CVE-2025-48865, allows malicious clients to manipulate...

Critical Flaws in Veritas DLO Expose Systems to Remote Code Execution Veritas DLO, Critical Vulnerabilities

Critical Flaws in Veritas DLO Expose Systems to Remote Code Execution

Do Son June 2, 2025

Veritas has issued a security advisory warning users of its Desktop Laptop Option (DLO) platform about two...

Critical 10.0 CVSS Flaws Found in Netwrix Directory Manager v11 – Patch Immediately! Netwrix, Directory Manager Vulnerabilities

Critical 10.0 CVSS Flaws Found in Netwrix Directory Manager v11 – Patch Immediately!

Do Son May 31, 2025

Netwrix, a provider of identity governance and access management solutions, has issued a critical security advisory warning...

Apache Tomcat Flaw Allows Security Bypass on Case-Insensitive Systems Apache Tomcat vulnerability CGI servlet bypass

Apache Tomcat Flaw Allows Security Bypass on Case-Insensitive Systems

Do Son May 30, 2025

The Apache Software Foundation has disclosed a low-severity security vulnerability affecting multiple versions of the Apache Tomcat...

Critical Alert 4 Active Exploits Detected Today