Vulnerability Archives • Page 16 of 190 • Daily CyberSecurity

Microsoft May 2025 Patch Tuesday Fixes 83 Vulnerabilities, Including 5 Exploited in the Wild Patch Tuesday, Zero-Day Exploits

Microsoft May 2025 Patch Tuesday Fixes 83 Vulnerabilities, Including 5 Exploited in the Wild

Ddos May 13, 2025

Microsoft’s May 2025 Patch Tuesday has addressed a total of 83 vulnerabilities across its product ecosystem, including...

Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Ivanti EPMM Flaws Exploited in the Wild: Chained RCE and Auth Bypass Threaten Mobile Device Management

Ddos May 13, 2025

Ivanti has released a security updates addressing two vulnerabilities in Endpoint Manager Mobile (EPMM)—CVE-2025-4427 and CVE-2025-4428—that, when...

Fortinet CVE-2025-32756 Exploited in the Wild: Critical RCE Flaw Hits FortiVoice and More Fortinet, CVE-2025-32756

Fortinet CVE-2025-32756 Exploited in the Wild: Critical RCE Flaw Hits FortiVoice and More

Ddos May 13, 2025

Fortinet has disclosed a critical stack-based buffer overflow vulnerability, tracked as CVE-2025-32756, affecting a wide range of...

SAP Security Alert: May 2025 Patch Day Exposes Critical Threats! SAP Security Patch CVE-2025-42999

SAP Security Alert: May 2025 Patch Day Exposes Critical Threats!

Ddos May 13, 2025

Today, 2025, SAP released 16 new Security Notes and updated 2 previously released ones as part of...

PoC Released: CVE-2025-31258 Sandbox Escape in macOS via RemoteViewServices RemoteViewServices macOS Sandbox Escape

PoC Released: CVE-2025-31258 Sandbox Escape in macOS via RemoteViewServices

Ddos May 13, 2025

Apple has released a patch for a newly disclosed vulnerability in macOS, tracked as CVE-2025-31258, that could...

Multiple CVEs in GNU Screen: Local Root Exploit and TTY Hijacking Discovered GNU Screen vulnerabilities setuid-root exploit

Multiple CVEs in GNU Screen: Local Root Exploit and TTY Hijacking Discovered

Ddos May 13, 2025

A comprehensive security audit by the SUSE Security Team has uncovered a collection of serious flaws in...

CVE-2025-1087: Critical Template Injection in Insomnia API Client Enables Remote Code Execution Insomnia, template injection

CVE-2025-1087: Critical Template Injection in Insomnia API Client Enables Remote Code Execution

Ddos May 13, 2025

A critical vulnerability in Kong’s popular open-source API client, Insomnia, could allow attackers to execute arbitrary code...

PoC Released: CVE-2025-31644 Exploit Grants Root Access on F5 BIG-IP via Appliance Mode Command Injection CVE-2024-45844 command injection root access

PoC Released: CVE-2025-31644 Exploit Grants Root Access on F5 BIG-IP via Appliance Mode Command Injection

Ddos May 13, 2025

A high-severity vulnerability identified as CVE-2025-31644 has been discovered in F5’s BIG-IP systems operating in Appliance mode,...

Türkiye-Linked Hackers Exploit Output Messenger Zero-Day (CVE-2025-27920) in Espionage Campaign

Ddos May 12, 2025

Microsoft Threat Intelligence has linked a regional cyber-espionage campaign exploiting a zero-day vulnerability in Output Messenger to...

VMware Tools Update Addresses Insecure File Handling Vulnerability VMware Aria Operations CVE-2026-22719 VMware Fusion - CVE-2024-38811 VMware security, CVE-2025-22247

VMware Aria Operations CVE-2026-22719 VMware Fusion - CVE-2024-38811 VMware security, CVE-2025-22247

VMware Tools Update Addresses Insecure File Handling Vulnerability

Ddos May 12, 2025

Broadcom has released a security advisory addressing a moderate-severity vulnerability in VMware Tools, identified as CVE-2025-22247, which...

PoC Released: CVE-2024-26809 Exploits nftables Double-Free to Achieve Root Shell CVE-2024-26581 PoC Exploit nftables, CVE-2024-26809

PoC Released: CVE-2024-26809 Exploits nftables Double-Free to Achieve Root Shell

Ddos May 12, 2025

A vulnerability has been discovered in the Linux kernel’s nftables subsystem, specifically within the net/netfilter module, that...

Critical Security Flaws Found in ASUS DriverHub: Update Immediately ASUS DriverHub, vulnerability

Critical Security Flaws Found in ASUS DriverHub: Update Immediately

Ddos May 12, 2025

ASUS DriverHub, a tool designed to simplify driver updates by automatically detecting motherboard models and displaying available...

VS Code in the Browser at Risk: code-server Security Alert code-server, VS Code, security

VS Code in the Browser at Risk: code-server Security Alert

Ddos May 12, 2025

A newly disclosed security advisory reveals a vulnerability in the widely popular code-server project, which enables users...

Stack Overflow Alert! XML Flaw in libexpat Threatens Widespread Software libexpat, XML vulnerability

Stack Overflow Alert! XML Flaw in libexpat Threatens Widespread Software

Ddos May 12, 2025

The CERT Coordination Center (CERT/CC) has issued a vulnerability note warning of a stack overflow flaw in...

Critical Vulnerabilities Uncovered in Mitel SIP Phones: Command Injection and File Upload Risks Mitel vulnerabilities, SIP phone security

Critical Vulnerabilities Uncovered in Mitel SIP Phones: Command Injection and File Upload Risks

Ddos May 11, 2025

In a newly published security advisory, Mitel has disclosed two critical vulnerabilities affecting several of its SIP...

From Web Shell to Full Control: APT-Style Exploits Surge Against SAP NetWeaver Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

From Web Shell to Full Control: APT-Style Exploits Surge Against SAP NetWeaver

Ddos May 11, 2025

In a report issued by Unit 42, researchers disclosed that the vulnerability CVE-2025-31324, affecting SAP NetWeaver’s Visual...

Arista Patches Critical Vulnerability in CloudVision ZTP With CVSS 10 Score CloudVision ZTP, CVE-2025-0505

Arista Patches Critical Vulnerability in CloudVision ZTP With CVSS 10 Score

Ddos May 10, 2025

Arista Networks has issued a critical security advisory for a newly discovered vulnerability – CVE-2025-0505—rated with a...

Arista Fixes Critical CloudVision Portal Vulnerability with CVSS 10 Score Arista CloudVision, CVE-2024-11186

Arista Fixes Critical CloudVision Portal Vulnerability with CVSS 10 Score

Ddos May 9, 2025

Arista Networks has released a critical security advisory detailing a severe vulnerability in its CloudVision Portal (CVP)...

Microsoft Patches Four Critical Azure and Power Apps Vulnerabilities, Including CVSS 10 Privilege Escalation Smart App Control blocking Armoury Crate, ROG Ally Defender false positive 2026 Microsoft Zero-Day, Cloud Files UAF Microsoft Access end of life CVE-2025-21298 Azure Vulnerabilities