Vulnerability Archives • Page 146 of 190 • Daily CyberSecurity

CVE-2023-3823 & CVE-2023-3824 – PHP Security Vulnerabilities: What You Need to Know

Do Son August 7, 2023

PHP is a popular programming language used to create dynamic web pages. However, like any software, it...

Hacking Tesla’s MCU-Z: A Breakdown of New AMD-Based Vulnerabilities

Do Son August 6, 2023

Tesla’s electric vehicles, through their MCU (Multimedia Control Unit), have utilized all three major tech components, starting...

CVE-2023-39157: RCE in JetElements For Elementor Plugin affects 300,000 websites

Do Son August 3, 2023

A critical vulnerability has been discovered in the JetElements For Elementor plugin that could allow an authenticated...

CVE-2023-39292 & CVE-2023-39293: Mitel MiVoice Office 400 SMB Controller Security Vulnerabilities

Do Son August 3, 2023

Recently, two critical security vulnerabilities have emerged in the MiVoice Office 400 SMB Controller, drawing significant attention...

CVE-2023-35082: Critical Security Vulnerability in MobileIron Core

Do Son August 3, 2023

IT software company Ivanti has disclosed a new critical security vulnerability in its MobileIron Core mobile device...

CVE-2023-3718: Aruba CX Switches Vulnerable to Remote Code Execution

Do Son August 2, 2023

Aruba Networking has released updates for wired switch products running AOS-CX that address a security vulnerability in...

CVE-2023-3162: Stripe Payment Plugin for WooCommerce Authentication Bypass Flaw

Do Son August 2, 2023

A critical security vulnerability has been discovered in the Stripe Payment Plugin for WooCommerce that could allow...

CVE-2023-20583 – A new vulnerability impacting CPUs

Do Son August 2, 2023

Austrian and German scientists have devised a power monitoring side-channel attack targeting computer CPUs, capable of leaking...

CVE-2023-28130 – A Critical Security Flaw in Check Point Gaia Portal

Do Son August 2, 2023

A critical vulnerability has been discovered in Check Point Gaia Portal that could allow an authenticated attacker...

Hackers are actively exploiting BleedingPipe vulnerability in Minecraft mods

Do Son August 1, 2023

Last Saturday, researchers from the Minecraft security community, MMPA, issued a reminder to gamers via a blog...

CVE-2023-31710: TP-Link Archer AX21 Router Vulnerable to Remote Code Execution

Do Son August 1, 2023

TP-Link has patched a critical vulnerability in its Archer AX21 router that could allow attackers to execute...

CISA Adds Ivanti Endpoint Manager Mobile Flaw (CVE-2023-35081) to its KEV Catalog CVE-2023-35081 & CVE-2024-11639

CISA Adds Ivanti Endpoint Manager Mobile Flaw (CVE-2023-35081) to its KEV Catalog

Do Son August 1, 2023

Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) cast a spotlight on a particularly disconcerting issue...

Researchers Disclose MikroTik RouterOS Security Flaw, Putting Hundreds of Thousands of Devices at Risk

Do Son July 31, 2023

Recently, VulnCheck unveiled in a report a critical privilege escalation vulnerability (CVE-2023-30799, CVSS score 9.1) present within...

CVE-2022-27595 & CVE-2022-27600: Two high-severity flaws in QVPN and QNAP Systems QNAP QVR Pro Vulnerability CVE-2026-22898 CVE-2022-27595 - CVE-2024-48860 & CVE-2024-48861

QNAP QVR Pro Vulnerability CVE-2026-22898 CVE-2022-27595 - CVE-2024-48860 & CVE-2024-48861

CVE-2022-27595 & CVE-2022-27600: Two high-severity flaws in QVPN and QNAP Systems

Do Son July 30, 2023

QNAP has recently released security advisories for two vulnerabilities that affect the QVPN Device Client for Windows...

Researcher releases PoC exploit for MobileIron zero-day bug (CVE-2023-35078) CVE-2023-35078 PoC

Researcher releases PoC exploit for MobileIron zero-day bug (CVE-2023-35078)

Do Son July 29, 2023

A specter is haunting the world of mobile device management – the specter of a zero-day authentication...

CVE-2023-38646: Remote Command Execution Vulnerability in Metabase

Do Son July 26, 2023

In the realm of business intelligence, the open-source tool Metabase has marked its presence with its seamless...

CVE-2023-37895: A Critical Remote Code Execution in Apache Jackrabbit Apache Jackrabbit, JNDI injection CVE-2023-37895 Apache Jackrabbit, XXE Vulnerability

CVE-2023-37895: A Critical Remote Code Execution in Apache Jackrabbit

Do Son July 26, 2023

A critical security vulnerability, identified as CVE-2023-37895, has been discovered in Apache Jackrabbit, an open-source content repository...

CVE-2023-38647: Critical Deserialization Vulnerability in Apache Helix Workflow and REST

Do Son July 26, 2023

In the dynamic world of cyber security, threats are continually evolving and vulnerabilities are regularly exposed. The...

CVE-2023-26045: NodeBB Forum Software Remote Code Execution Flaw

Do Son July 25, 2023

Bulletin board platforms form the heart of our digital forums, acting as arenas for interaction, discussion, and...

CVE-2023-34478: Apache Shiro Path Traversal Vulnerability

Do Son July 24, 2023

A critical vulnerability has been identified in Apache Shiro. This security loophole tracked as CVE-2023-34478, can result...