Vulnerability Archives • Page 19 of 190 • Daily CyberSecurity

SonicWall Confirms Active Exploitation of SMA 100 Vulnerabilities – Urges Immediate Patching SonicWall, SMA 100 vulnerabilities

SonicWall Confirms Active Exploitation of SMA 100 Vulnerabilities – Urges Immediate Patching

Do Son May 1, 2025

On April 29, 2025, SonicWall issued an urgent update to two previously disclosed vulnerabilities affecting its SMA...

CVE-2024-10442 (CVSS 10): Zero-Click RCE in Synology DiskStation, PoC Publishes Synology vulnerability CVE-2024-10442 PoC

CVE-2024-10442 (CVSS 10): Zero-Click RCE in Synology DiskStation, PoC Publishes

Do Son May 1, 2025

A critical remote code execution (RCE) vulnerability has been disclosed in Synology’s DiskStation DS1823xs+, a popular NAS...

CVE-2025-29906: Finit’s Bundled Getty Flaw Allows Authentication Bypass on Linux Systems Finit vulnerability, authentication bypass

CVE-2025-29906: Finit’s Bundled Getty Flaw Allows Authentication Bypass on Linux Systems

Do Son May 1, 2025

A serious security vulnerability has been discovered in Finit, a lightweight and fast init system for Linux,...

CVE-2025-32444 (CVSS 10): Critical RCE Flaw in vLLM’s Mooncake Integration Exposes AI Infrastructure vLLM Vulnerability CVE-2026-22778 vLLM Memory Corruption, AI Inference RCE CVE-2025-29783 CVE-2025-32444 vLLM vulnerability vLLM, Remote Code Execution

vLLM Vulnerability CVE-2026-22778 vLLM Memory Corruption, AI Inference RCE CVE-2025-29783 CVE-2025-32444 vLLM vulnerability vLLM, Remote Code Execution

CVE-2025-32444 (CVSS 10): Critical RCE Flaw in vLLM’s Mooncake Integration Exposes AI Infrastructure

Do Son May 1, 2025

A critical security vulnerability has been disclosed in vLLM, a popular open-source library used for high-performance inference...

CISA Adds SAP NetWeaver Zero-Day CVE-2025-31324 to KEV Database SAP NetWeaver, CVE-2025-31324

CISA Adds SAP NetWeaver Zero-Day CVE-2025-31324 to KEV Database

Do Son April 30, 2025

A critical security vulnerability in SAP NetWeaver is under active exploitation, posing a significant threat to organizations...

Chrome Update Fixes High-Severity Security Flaw (CVE-2025-4096) Chrome 136, Security Update

Chrome Update Fixes High-Severity Security Flaw (CVE-2025-4096)

Do Son April 30, 2025

The Chrome team has just rolled out its latest stable channel update (version 136) for Windows, Mac,...

Unpatched Windows LNK Vulnerability Allows Attacker to Capture NTLM Hash Windows LNK UNC Path Exploit

Unpatched Windows LNK Vulnerability Allows Attacker to Capture NTLM Hash

Do Son April 30, 2025

Security researcher Nafiez has publicly disclosed an unpatched vulnerability affecting Windows LNK files (shortcuts)—an issue that can...

High-Severity DoS Vulnerability Found in PowerDNS DNSdist (CVE-2025-30194) DNSdist vulnerability, CVE-2025-30194

High-Severity DoS Vulnerability Found in PowerDNS DNSdist (CVE-2025-30194)

Do Son April 30, 2025

The PowerDNS team has issued a high-severity security advisory—CVE-2025-30194—regarding a newly discovered denial-of-service (DoS) vulnerability in DNSdist,...

Rancher Releases Patch for CVE-2024-22031 Privilege Escalation Vulnerability Rancher CVE-2024-22031 Privilege Escalation

Rancher Releases Patch for CVE-2024-22031 Privilege Escalation Vulnerability

Do Son April 30, 2025

The SUSE Rancher Security Team has issued a security advisory regarding a newly disclosed vulnerability affecting multiple...

AirBorne Exploits: Zero-Click Wormable RCE Hits Apple & IoT Devices AirPlay Vulnerability AirBorne Zero-Click RCE

AirBorne Exploits: Zero-Click Wormable RCE Hits Apple & IoT Devices

Do Son April 29, 2025

In a sweeping and deeply technical report, Oligo Security Research has disclosed a dangerous new family of...

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

Google: Zero-Day Exploits Shift from Browsers to Enterprise Security Tools in 2024

Do Son April 29, 2025

In its latest threat landscape analysis, the Google Threat Intelligence Group (GTIG) reported a continued surge in...

0-Click NTLM Authentication Bypass Hits Microsoft Telnet Server, PoC Releases, No Patch Telnet Bypass Authentication Vulnerability

0-Click NTLM Authentication Bypass Hits Microsoft Telnet Server, PoC Releases, No Patch

Do Son April 29, 2025

A severe vulnerability affecting Microsoft Telnet Server has been uncovered, allowing remote attackers to completely bypass authentication...

Apache Tomcat Security Update Fixes DoS and Rewrite Rule Bypass Flaws Apache Tomcat CVE-2025-31650

Apache Tomcat Security Update Fixes DoS and Rewrite Rule Bypass Flaws

Do Son April 29, 2025

The Apache Software Foundation has released important security updates to address two vulnerabilities affecting multiple versions of...

CVE-2025-21756: How a Tiny Linux Kernel Bug Led to a Full Root Exploit, PoC Releases

Do Son April 29, 2025

In a recently analysis, security researcher Michael Hoefler has exposed the full depth of CVE-2025-21756, a Use-After-Free...

Quantum Issues Critical Patch for StorNext GUI RCE Vulnerabilities (CVE-2025-46616, CVE-2025-46617) StorNext Vulnerabilities, Remote Code Execution

StorNext Vulnerabilities, Remote Code Execution

Quantum Issues Critical Patch for StorNext GUI RCE Vulnerabilities (CVE-2025-46616, CVE-2025-46617)

Do Son April 29, 2025

Quantum has issued a critical security advisory warning users of two high-severity vulnerabilities in the StorNext GUI...

CVE-2025-3200: Wiesemann & Theis Com-Server Devices Exposed by Deprecated TLS Protocols CVE-2025-3200, Wiesemann & Theis Vulnerability

CVE-2025-3200: Wiesemann & Theis Com-Server Devices Exposed by Deprecated TLS Protocols

Do Son April 29, 2025

A coordinated security advisory from CERT@VDE and Wiesemann & Theis GmbH has revealed critical vulnerabilities impacting several...

Critical Vulnerabilities in Quick Agent Software Expose Ricoh MFPs to Remote Attacks Quick Agent Vulnerability, Ricoh MFP Security

Critical Vulnerabilities in Quick Agent Software Expose Ricoh MFPs to Remote Attacks

Do Son April 29, 2025

The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has issued an alert regarding multiple critical vulnerabilities...

Craft CMS Zero-Day CVE-2025-32432 Exploited with Metasploit Module Now Public Craft CMS zero-day, CVE-2025-32432

Craft CMS Zero-Day CVE-2025-32432 Exploited with Metasploit Module Now Public

Do Son April 28, 2025

Security researcher Chocapikk has published a Metasploit module for a critical zero-day vulnerability impacting Craft CMS, tracked...

CISA Warns of Critical Vulnerabilities in Planet Technology Products Planet Technology vulnerabilities, CISA advisory

CISA Warns of Critical Vulnerabilities in Planet Technology Products

Do Son April 28, 2025

CISA has issued a new security advisory highlighting critical vulnerabilities impacting several Planet Technology products, including UNI-NMS-Lite,...

Critical Flaw Exposes Linux Security Blind Spot: io_uring Bypasses Detection io_uring vulnerability, Linux runtime security

Critical Flaw Exposes Linux Security Blind Spot: io_uring Bypasses Detection

Do Son April 28, 2025

ARMO researchers have uncovered a critical weakness in Linux runtime security tools, revealing how the io_uring interface...

Critical Alert 4 Active Exploits Detected Today