Vulnerability Archives • Page 19 of 190 • Daily CyberSecurity

Unpatched Windows LNK Vulnerability Allows Attacker to Capture NTLM Hash Windows LNK UNC Path Exploit

Unpatched Windows LNK Vulnerability Allows Attacker to Capture NTLM Hash

Ddos April 30, 2025

Security researcher Nafiez has publicly disclosed an unpatched vulnerability affecting Windows LNK files (shortcuts)—an issue that can...

High-Severity DoS Vulnerability Found in PowerDNS DNSdist (CVE-2025-30194) DNSdist vulnerability, CVE-2025-30194

High-Severity DoS Vulnerability Found in PowerDNS DNSdist (CVE-2025-30194)

Ddos April 30, 2025

The PowerDNS team has issued a high-severity security advisory—CVE-2025-30194—regarding a newly discovered denial-of-service (DoS) vulnerability in DNSdist,...

Rancher Releases Patch for CVE-2024-22031 Privilege Escalation Vulnerability Rancher CVE-2024-22031 Privilege Escalation

Rancher Releases Patch for CVE-2024-22031 Privilege Escalation Vulnerability

Ddos April 30, 2025

The SUSE Rancher Security Team has issued a security advisory regarding a newly disclosed vulnerability affecting multiple...

AirBorne Exploits: Zero-Click Wormable RCE Hits Apple & IoT Devices AirPlay Vulnerability AirBorne Zero-Click RCE

AirBorne Exploits: Zero-Click Wormable RCE Hits Apple & IoT Devices

Ddos April 29, 2025

In a sweeping and deeply technical report, Oligo Security Research has disclosed a dangerous new family of...

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

Google: Zero-Day Exploits Shift from Browsers to Enterprise Security Tools in 2024

Ddos April 29, 2025

In its latest threat landscape analysis, the Google Threat Intelligence Group (GTIG) reported a continued surge in...

0-Click NTLM Authentication Bypass Hits Microsoft Telnet Server, PoC Releases, No Patch Telnet Bypass Authentication Vulnerability

0-Click NTLM Authentication Bypass Hits Microsoft Telnet Server, PoC Releases, No Patch

Ddos April 29, 2025

A severe vulnerability affecting Microsoft Telnet Server has been uncovered, allowing remote attackers to completely bypass authentication...

Apache Tomcat Security Update Fixes DoS and Rewrite Rule Bypass Flaws Apache Tomcat CVE-2025-31650

Apache Tomcat Security Update Fixes DoS and Rewrite Rule Bypass Flaws

Ddos April 29, 2025

The Apache Software Foundation has released important security updates to address two vulnerabilities affecting multiple versions of...

CVE-2025-21756: How a Tiny Linux Kernel Bug Led to a Full Root Exploit, PoC Releases

Ddos April 29, 2025

In a recently analysis, security researcher Michael Hoefler has exposed the full depth of CVE-2025-21756, a Use-After-Free...

Quantum Issues Critical Patch for StorNext GUI RCE Vulnerabilities (CVE-2025-46616, CVE-2025-46617) StorNext Vulnerabilities, Remote Code Execution

StorNext Vulnerabilities, Remote Code Execution

Quantum Issues Critical Patch for StorNext GUI RCE Vulnerabilities (CVE-2025-46616, CVE-2025-46617)

Ddos April 29, 2025

Quantum has issued a critical security advisory warning users of two high-severity vulnerabilities in the StorNext GUI...

CVE-2025-3200: Wiesemann & Theis Com-Server Devices Exposed by Deprecated TLS Protocols CVE-2025-3200, Wiesemann & Theis Vulnerability

CVE-2025-3200: Wiesemann & Theis Com-Server Devices Exposed by Deprecated TLS Protocols

Ddos April 29, 2025

A coordinated security advisory from CERT@VDE and Wiesemann & Theis GmbH has revealed critical vulnerabilities impacting several...

Critical Vulnerabilities in Quick Agent Software Expose Ricoh MFPs to Remote Attacks Quick Agent Vulnerability, Ricoh MFP Security

Critical Vulnerabilities in Quick Agent Software Expose Ricoh MFPs to Remote Attacks

Ddos April 29, 2025

The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has issued an alert regarding multiple critical vulnerabilities...

Craft CMS Zero-Day CVE-2025-32432 Exploited with Metasploit Module Now Public Craft CMS zero-day, CVE-2025-32432

Craft CMS Zero-Day CVE-2025-32432 Exploited with Metasploit Module Now Public

Ddos April 28, 2025

Security researcher Chocapikk has published a Metasploit module for a critical zero-day vulnerability impacting Craft CMS, tracked...

CISA Warns of Critical Vulnerabilities in Planet Technology Products Planet Technology vulnerabilities, CISA advisory

CISA Warns of Critical Vulnerabilities in Planet Technology Products

Ddos April 28, 2025

CISA has issued a new security advisory highlighting critical vulnerabilities impacting several Planet Technology products, including UNI-NMS-Lite,...

Critical Flaw Exposes Linux Security Blind Spot: io_uring Bypasses Detection io_uring vulnerability, Linux runtime security

Critical Flaw Exposes Linux Security Blind Spot: io_uring Bypasses Detection

Ddos April 28, 2025

ARMO researchers have uncovered a critical weakness in Linux runtime security tools, revealing how the io_uring interface...

React Router Vulnerabilities CVE-2025-61686

React Router Vulnerabilities CVE-2025-43864 and CVE-2025-43865 Expose Web Applications to Attack

Ddos April 28, 2025

The React Router team has issued the advisory addressing two vulnerabilities affecting applications running in Framework mode:...

CVE-2025-23016: Critical FastCGI Heap Overflow Threatens Embedded Devices, PoC Releases FastCGI vulnerability, CVE-2025-23016

CVE-2025-23016: Critical FastCGI Heap Overflow Threatens Embedded Devices, PoC Releases

Ddos April 28, 2025

Security researcher Baptiste Mayaud from Synacktiv has detailed a critical vulnerability in the FastCGI library, tracked as...

Multiple Vulnerabilities in NETSCOUT nGeniusONE Threaten Infrastructure Visibility Platforms nGeniusONE, Vulnerability

Multiple Vulnerabilities in NETSCOUT nGeniusONE Threaten Infrastructure Visibility Platforms

Ddos April 28, 2025

NETSCOUT has issued a advisory addressing a series of security vulnerabilities in its flagship infrastructure monitoring platform,...

CVE-2025-43859: Request Smuggling Vulnerability in Python’s h11 HTTP Library Request Smuggling h11 vulnerability

CVE-2025-43859: Request Smuggling Vulnerability in Python’s h11 HTTP Library

Ddos April 27, 2025

A critical vulnerability tracked as CVE-2025-43859 has been disclosed in h11, a minimalist, I/O-agnostic HTTP/1.1 protocol library...

ConnectWise Patches Critical ViewState RCE Vulnerability in ScreenConnect ScreenConnect vulnerability ViewState RCE

ConnectWise Patches Critical ViewState RCE Vulnerability in ScreenConnect

Ddos April 26, 2025

ConnectWise has issued an important security bulletin addressing a critical code injection vulnerability in ScreenConnect versions 25.2.3...

Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

DslogdRAT Malware Targets Ivanti Connect Secure via CVE-2025-0282 Zero-Day Exploit

Ddos April 26, 2025

A newly published report by Yuma Masubuchi from the JPCERT Coordination Center (JPCERT/CC) has uncovered the deployment...

Critical Alert 1 Active Exploit Detected Today