Vulnerability Archives • Page 17 of 190 • Daily CyberSecurity

Radware Cloud WAF Vulnerable to Filter Bypass via Crafted Requests Radware WAF, WAF bypass OWASP CRS Vulnerability CVE-2026-21876

Radware Cloud WAF Vulnerable to Filter Bypass via Crafted Requests

Ddos May 9, 2025

A newly disclosed vulnerability note by CERT/CC reveals two security flaws (CVE-2024-56523, CVE-2024-56524) in the Radware Cloud...

Critical CVE-2025-20188 (CVSS 10) Flaw in Cisco IOS XE WLCs Allows Remote Root Access CVE-2025-20188 IOS XE vulnerability Cisco

Critical CVE-2025-20188 (CVSS 10) Flaw in Cisco IOS XE WLCs Allows Remote Root Access

Ddos May 8, 2025

Cisco has released a security advisory addressing a critical vulnerability in its IOS XE Software for Wireless...

Multi Vulnerabilities Found in SonicWall SMA 100 Series Prompt Urgent Security Update SonicWall Security Advisory SonicOS Patch 2026 CVE-2025-23006 SonicWall, SMA 100 Vulnerabilities

Multi Vulnerabilities Found in SonicWall SMA 100 Series Prompt Urgent Security Update

Ddos May 8, 2025

SonicWall has released a security advisory detailing multiple vulnerabilities affecting its Secure Mobile Access (SMA) 100 series...

CVE-2025-23123 (CVSS 10): Critical UniFi Protect Cameras Flaw Demands Immediate Updates UniFi Protect Cameras, Security Advisory

CVE-2025-23123 (CVSS 10): Critical UniFi Protect Cameras Flaw Demands Immediate Updates

Ddos May 8, 2025

Ubiquiti has released a critical security advisory addressing two vulnerabilities in its UniFi Protect ecosystem, including a...

CVE-2025-27533: Apache ActiveMQ Memory Allocation Bug Could Lead to Denial of Service ActiveMQ RCE Jolokia Exploit ActiveMQ CVE-2025-27533 ActiveMQ Deserialization RCE, CVE-2025-54539

ActiveMQ RCE Jolokia Exploit ActiveMQ CVE-2025-27533 ActiveMQ Deserialization RCE, CVE-2025-54539

CVE-2025-27533: Apache ActiveMQ Memory Allocation Bug Could Lead to Denial of Service

Ddos May 8, 2025

Apache ActiveMQ, the widely used open-source message broker known for its robust support of multiple protocols and...

Critical Privilege Escalation Flaw in IGEL OS Exposes Systems to Root Access Risks IGEL OS, Privilege Escalation

Critical Privilege Escalation Flaw in IGEL OS Exposes Systems to Root Access Risks

Ddos May 8, 2025

IGEL Technology has issued a critical security advisory for its Linux-based operating system, IGEL OS, warning users...

Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Zero-Day CLFS Vulnerability (CVE-2025-29824) Exploited in Ransomware Attacks

Ddos May 7, 2025

Symantec’s Threat Hunter Team has uncovered a sophisticated attack involving a zero-day privilege escalation vulnerability in Microsoft’s...

CVE-2025-25014 (CVSS 9.1): Prototype Pollution in Kibana Opens Door to Code Execution CVE-2024-43707 Kibana vulnerability Prototype pollution CVE-2025-25014

CVE-2024-43707 Kibana vulnerability Prototype pollution CVE-2025-25014

CVE-2025-25014 (CVSS 9.1): Prototype Pollution in Kibana Opens Door to Code Execution

Ddos May 7, 2025

Elastic has issued a critical security advisory for Kibana, warning users of a vulnerability tracked as CVE-2025-25014....

Botnet Exploits Old GeoVision IoT Devices via CVE-2024-6047 & CVE-2024-11120 GeoVision, Mirai

Botnet Exploits Old GeoVision IoT Devices via CVE-2024-6047 & CVE-2024-11120

Ddos May 7, 2025

The Akamai Security Intelligence and Response Team (SIRT) has identified active exploitation of two command injection vulnerabilities...

CVE-2025-46728: cpp-httplib Vulnerability Exposes Servers to Denial of Service cpp-httplib, memory exhaustion

CVE-2025-46728: cpp-httplib Vulnerability Exposes Servers to Denial of Service

Ddos May 7, 2025

The cpp-httplib, a C++11 single-file header-only cross-platform HTTP/HTTPS library known for its ease of setup, is facing...

CVE-2025-47241: Critical Whitelist Bypass in Browser Use Exposes Internal Services Browser Use, whitelist bypass

CVE-2025-47241: Critical Whitelist Bypass in Browser Use Exposes Internal Services

Ddos May 7, 2025

Security researchers from ARIMLABS.AI have disclosed a serious vulnerability in the Browser Use project—a tool that provides...

CVE-2025-24977: Critical RCE Flaw in OpenCTI Platform Exposes Infrastructure to Root-Level Attacks OpenCTI, security vulnerability

CVE-2025-24977: Critical RCE Flaw in OpenCTI Platform Exposes Infrastructure to Root-Level Attacks

Ddos May 7, 2025

A critical security vulnerability has been identified in the OpenCTI Platform, an open-source solution used by organizations...

Critical AWS Amplify Studio Flaw Allows Code Execution – Update Now! AWS Amplify, security vulnerability

Critical AWS Amplify Studio Flaw Allows Code Execution – Update Now!

Ddos May 7, 2025

A critical-severity security flaw has been identified in AWS Amplify Studio, specifically within the amplify-codegen-ui package. This...

CVE-2025-27007: Critical OttoKit WordPress Plugin Flaw Exploited After Disclosure, 100K+ Sites at Risk OttoKit exploit, WordPress security

CVE-2025-27007: Critical OttoKit WordPress Plugin Flaw Exploited After Disclosure, 100K+ Sites at Risk

Ddos May 6, 2025

A newly disclosed critical vulnerability in the popular OttoKit WordPress plugin—with over 100,000 active installations—has placed countless...

Unauthenticated DoS Vulnerability Crashes Windows Deployment Services, No Patch Preauth DoS, Windows Deployment Services

Unauthenticated DoS Vulnerability Crashes Windows Deployment Services, No Patch

Ddos May 6, 2025

A newly disclosed denial-of-service (DoS) vulnerability in Windows Deployment Services (WDS) threatens enterprise networks with remote, unauthenticated...

CVE-2025-2905 (CVSS 9.1): Critical XXE Vulnerability Found in WSO2 API Manager WSO2, XXE vulnerability CVE-2025-2905

CVE-2025-2905 (CVSS 9.1): Critical XXE Vulnerability Found in WSO2 API Manager

Ddos May 6, 2025

A critical security vulnerability has been identified in WSO2 API Manager 2.0.0 and earlier, posing a significant...

CVE-2025-2605 (CVSS 9.9): Critical Vulnerability Found in Honeywell MB-Secure Alarm Panels Honeywell, command injection

CVE-2025-2605 (CVSS 9.9): Critical Vulnerability Found in Honeywell MB-Secure Alarm Panels

Ddos May 6, 2025

Honeywell has issued an urgent security notice (SN 2025-05-01-01) disclosing a critical vulnerability in its MB-Secure and...

Digigram PYKO-OUT AoIP Devices Exposed to Attacks Due to Missing Default Password Digigram, default password vulnerability

Digigram PYKO-OUT AoIP Devices Exposed to Attacks Due to Missing Default Password

Ddos May 6, 2025

A security vulnerability has been identified in Digigram’s PYKO-OUT audio-over-IP (AoIP) product, raising concerns about its use...

Critical IBM Cognos Analytics Vulnerabilities Demand Urgent Patching Cognos Analytics, IBM vulnerabilities

Critical IBM Cognos Analytics Vulnerabilities Demand Urgent Patching

Ddos May 6, 2025

IBM has released security updates to address two critical vulnerabilities affecting its flagship business intelligence platform, IBM...

Android Security Bulletin May 2025: Multi Vulnerabilities Including Actively Exploited CVE-2025-27363 Android Security Bulletin CVE-2025-27363

Android Security Bulletin CVE-2025-27363

Android Security Bulletin May 2025: Multi Vulnerabilities Including Actively Exploited CVE-2025-27363

Ddos May 5, 2025

Google has released its Android Security Bulletin for May 2025, highlighting a range of high-severity vulnerabilities affecting...

Critical Alert 1 Active Exploit Detected Today