Vulnerability Archives • Page 12 of 190 • Daily CyberSecurity

Critical Pre-Auth RCE: vBulletin Flaw Allows Full Server Compromise (PoC Available) vBulletin RCE, pre-auth RCE

Critical Pre-Auth RCE: vBulletin Flaw Allows Full Server Compromise (PoC Available)

Ddos May 26, 2025

A newly disclosed vulnerability in vBulletin, one of the most widely used commercial forum platforms on the...

Critical WSO2 Flaw: Unauthenticated Account Takeover Risk (CVSS 9.8) WSO2 vulnerability, account takeover

Critical WSO2 Flaw: Unauthenticated Account Takeover Risk (CVSS 9.8)

Ddos May 26, 2025

A recently disclosed vulnerability in WSO2 products, identified as CVE-2024-6914, poses a severe security threat to organizations...

Sony Camera Hack (CVSS 9.4): Default Credential Flaw Risks Full Control (PoC) Sony camera hack, default credential exploit

Sony Camera Hack (CVSS 9.4): Default Credential Flaw Risks Full Control (PoC)

Ddos May 26, 2025

A newly disclosed critical vulnerability in Sony’s SNC-series network cameras—tracked as CVE-2025-5124 with a CVSS score of...

Persistent DoS: Unauthenticated Attacker Crashes GNOME RDP (Even After Systemd) Linux desktop security, GNOME RDP

Persistent DoS: Unauthenticated Attacker Crashes GNOME RDP (Even After Systemd)

Ddos May 26, 2025

A newly disclosed flaw in GNOME’s remote desktop component, tracked as CVE-2025-5024 (CVSS 7.4), could allow unauthenticated...

Ghostscript Flaw Leaks Plaintext Passwords in Encrypted PDFs Ghostscript vulnerability, PDF password leak

Ghostscript Flaw Leaks Plaintext Passwords in Encrypted PDFs

Ddos May 25, 2025

A vulnerability in Artifex Ghostscript, a widely used PDF and PostScript processor, is putting user data at...

ABB ASPECT BMS Critical Flaws: RCE and Privilege Escalation Risks ABB ASPECT vulnerabilities, BMS security

ABB ASPECT BMS Critical Flaws: RCE and Privilege Escalation Risks

Ddos May 24, 2025

ABB has issued a comprehensive cybersecurity advisory revealing 32 security vulnerabilities impacting its ASPECT Building Management System...

Critical NETGEAR Router Flaw Enables Full Admin Access via Hidden Backdoor (PoC Included) NETGEAR, Authentication Bypass

Critical NETGEAR Router Flaw Enables Full Admin Access via Hidden Backdoor (PoC Included)

Ddos May 23, 2025

A newly disclosed and highly critical vulnerability, tracked as CVE-2025-4978 with a CVSSv4 score of 9.3, has...

Print Security Warning: Canon Printers Exposed to Data Theft Printer security, Canon update

Print Security Warning: Canon Printers Exposed to Data Theft

Ddos May 23, 2025

Canon has issued a security advisory warning customers about two high-severity vulnerabilities—CVE-2025-3078 and CVE-2025-3079—that affect a range...

ModSecurity DoS Flaw: PoC Available for Apache Vulnerability (No Workaround, Patch Pending) libmodsecurity3 Denial of Service WAF Security Vulnerability CVE-2025-27110 ModSecurity vulnerability, JSON DoS

libmodsecurity3 Denial of Service WAF Security Vulnerability CVE-2025-27110 ModSecurity vulnerability, JSON DoS

ModSecurity DoS Flaw: PoC Available for Apache Vulnerability (No Workaround, Patch Pending)

Ddos May 23, 2025

A newly disclosed vulnerability in ModSecurity’s Apache module, tracked as CVE-2025-47947, exposes web servers to a potentially...

Ivanti EPMM Under Attack: Zero-Day RCE Exploited by China-Linked Group UNC5221 Ivanti EPMM RCE, China-nexus threat

Ivanti EPMM Under Attack: Zero-Day RCE Exploited by China-Linked Group UNC5221

Ddos May 23, 2025

A newly discovered zero-day vulnerability in Ivanti Endpoint Manager Mobile (EPMM) — CVE-2025-4428 — is being actively...

Privilege Escalation Flaws in Cisco Unified Intelligence Center Threaten User Data Integrity Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Privilege Escalation Flaws in Cisco Unified Intelligence Center Threaten User Data Integrity

Ddos May 22, 2025

Cisco has released security updates addressing two privilege escalation vulnerabilities—CVE-2025-20113 and CVE-2025-20114—in its Unified Intelligence Center (UIC)...

Unauthenticated Attacker Can Read Sensitive Files in Mitel OpenScape Xpressions MiContact Center Business Vulnerabilities Mitel vulnerability, OpenScape Xpressions

MiContact Center Business Vulnerabilities Mitel vulnerability, OpenScape Xpressions

Unauthenticated Attacker Can Read Sensitive Files in Mitel OpenScape Xpressions

Ddos May 22, 2025

Mitel has issued a security advisory warning of a high-severity path traversal vulnerability (CVE-2025-48026) in its OpenScape...

Google Chrome Update: 8 Security Fixes Including High-Severity Flaw Chrome security update, browser vulnerabilities

Google Chrome Update: 8 Security Fixes Including High-Severity Flaw

Ddos May 22, 2025

Google has released a Stable Channel update to version 137.0.7151.40/.41 for Windows and Mac as part of...

Unpatched 0-Days (CVSS 10): Versa Concerto Flaws Threaten Enterprise Networks Versa Concerto exploit, SD-WAN security

Unpatched 0-Days (CVSS 10): Versa Concerto Flaws Threaten Enterprise Networks

Ddos May 22, 2025

Versa Concerto, a popular SD-WAN and network orchestration platform used by large enterprises and governments, is under...

RADIUS Risk: Unauthenticated Remote Attacker Can Crash Cisco ISE by Default CVE-2024-20419 - Cisco Webex Vulnerability Cisco ISE DoS, CVE-2025-20152

CVE-2024-20419 - Cisco Webex Vulnerability Cisco ISE DoS, CVE-2025-20152

RADIUS Risk: Unauthenticated Remote Attacker Can Crash Cisco ISE by Default

Ddos May 22, 2025

Cisco has published a security advisory for a high-severity vulnerability impacting its Identity Services Engine (ISE) product....

Grafana Zero-Day? Emergency Patch Released ‘One Day Ahead of Schedule’ for XSS Flaw Grafana SCIM Flaw CVE-2025-41115 Grafana Vulnerabilities, XSS Flaw Grafana security alert, XSS patch

Grafana Zero-Day? Emergency Patch Released ‘One Day Ahead of Schedule’ for XSS Flaw

Ddos May 22, 2025

Grafana Labs issued an unscheduled security release—Grafana 12.0.0+security-01—alongside patches for all supported versions, addressing a high-severity cross-site...

GitLab Patches High-Severity Flaws: DoS and 2FA Bypass Fixed GitLab Security Update CVE-2026-0723 CVE-2023-7028 & CVE-2023-5356 GitLab vulnerability, DoS flaw

GitLab Security Update CVE-2026-0723 CVE-2023-7028 & CVE-2023-5356 GitLab vulnerability, DoS flaw

GitLab Patches High-Severity Flaws: DoS and 2FA Bypass Fixed

Ddos May 22, 2025

GitLab announced the release of versions 18.0.1, 17.11.3, and 17.10.7 for both its Community Edition (CE) and...

NIST Proposes New Metric to Predict “Likely Exploited” Vulnerabilities NIST LEV, vulnerability prioritization Likely Exploited Vulnerability

NIST LEV, vulnerability prioritization Likely Exploited Vulnerability

NIST Proposes New Metric to Predict “Likely Exploited” Vulnerabilities

Ddos May 22, 2025

The U.S. National Institute of Standards and Technology (NIST) is proposing a metric to address one of...

Langroid Flaws (CVSS 9.8) Expose LLM Apps to RCE Langroid vulnerability, LLM agent exploit

Langroid Flaws (CVSS 9.8) Expose LLM Apps to RCE

Ddos May 22, 2025

Researchers have disclosed two critical vulnerabilities in Langroid, a popular Python framework designed for building large language...

Critical Flaws in AI Browse Agents: Exposed to Credential Theft and Hijacking Prompt injection, agent hijacking

Critical Flaws in AI Browse Agents: Exposed to Credential Theft and Hijacking

Ddos May 22, 2025

As AI-powered browsing agents increasingly automate complex web tasks—from booking travel to managing emails—they’re becoming both indispensable...

Critical Alert 1 Active Exploit Detected Today