Vulnerability Archives • Page 21 of 190 • Daily CyberSecurity

NVIDIA NeMo Framework: High-Risk Vulnerabilities Allow Remote Code Execution NVIDIA NeMo Remote Code Execution

NVIDIA NeMo Framework: High-Risk Vulnerabilities Allow Remote Code Execution

Do Son April 24, 2025

NVIDIA has issued a security bulletin disclosing three high-severity vulnerabilities in its NeMo Framework, a scalable, cloud-native...

Verizon DBIR 2025: Vulnerability Exploitation Surges, Third-Party Breaches Double Data breach report Vulnerability exploitation

Verizon DBIR 2025: Vulnerability Exploitation Surges, Third-Party Breaches Double

Do Son April 24, 2025

The 2025 Verizon Data Breach Investigations Report (DBIR) has brought to light some important shifts in the...

Grafana Patches CVE-2025-3260 and More in Critical Security Update Grafana Vulnerability Dashboard Permission Bypass

Grafana Patches CVE-2025-3260 and More in Critical Security Update

Do Son April 24, 2025

Grafana Labs has issued security updates for multiple product versions, addressing one high and two medium-severity vulnerabilities...

SSL.com Discloses Mis-issuance of Digital Certificates Due to DCV Flaw SSL.com Certificate Mis-issuance

SSL.com Discloses Mis-issuance of Digital Certificates Due to DCV Flaw

Do Son April 23, 2025

SSL.com has disclosed an incident involving the mis-issuance of digital certificates due to an error in its...

Critical RCE Vulnerability in Erlang/OTP SSH Server Impacts Multiple Cisco Products Cisco vulnerability Remote Code Execution

Critical RCE Vulnerability in Erlang/OTP SSH Server Impacts Multiple Cisco Products

Do Son April 23, 2025

A critical remote code execution (RCE) vulnerability tracked as CVE-2025-32433 has disclosed. This flaw resides in the...

IBM HMC Vulnerable to Privilege Escalation Attacks IBM HMC Privilege Escalation

IBM HMC Vulnerable to Privilege Escalation Attacks

Do Son April 23, 2025

Two security vulnerabilities have been disclosed in the IBM Hardware Management Console (HMC) for Power Systems, both...

Stored XSS Flaw in TP-Link WR841N Routers Could Expose Admin Credentials (CVE-2025-25427) TP-Link XSS WR841N vulnerability

Stored XSS Flaw in TP-Link WR841N Routers Could Expose Admin Credentials (CVE-2025-25427)

Do Son April 23, 2025

A security vulnerability has been identified in TP-Link WR841N routers, posing a risk to users. The vulnerability...

Two Critical RCE Flaws Expose Yi IOT Smart Cameras to Full Device Takeover Yi IOT vulnerabilities, remote command execution

Two Critical RCE Flaws Expose Yi IOT Smart Cameras to Full Device Takeover

Do Son April 23, 2025

Security researcher Yassine Damiri has uncovered two critical vulnerabilities in the Yi IOT XY-3820 smart camera, posing...

Zyxel Patches High-Severity Security Flaws in USG FLEX H Firewalls Zyxel Vulnerability Firewall Security

Zyxel Patches High-Severity Security Flaws in USG FLEX H Firewalls

Do Son April 23, 2025

Zyxel has released patches to address security vulnerabilities in its USG FLEX H series firewalls, urging users...

“ConfusedComposer”: GCP Composer Vulnerability Allows Privilege Escalation GCP Composer Privilege Escalation

“ConfusedComposer”: GCP Composer Vulnerability Allows Privilege Escalation

Do Son April 23, 2025

Tenable Research has identified a now-patched privilege-escalation vulnerability in Google Cloud Platform (GCP) dubbed “Confused Composer”. The...

CVE-2025-21204: SYSTEM-Level Privilege Escalation in Windows Update Stack Exposed, PoC Released CVE-2025-21204, Windows Update Stack

CVE-2025-21204: SYSTEM-Level Privilege Escalation in Windows Update Stack Exposed, PoC Released

Do Son April 22, 2025

Security researcher Elli Shlomo published the technical details and a proof-of-concept exploit code for CVE-2025-21204, a severe...

CVE-2025-33028: WinZip Flaw Exposes Users to Silent Code Execution via MotW Bypass, No Patch WinZip vulnerability MotW bypass CVE-2025-33028

CVE-2025-33028: WinZip Flaw Exposes Users to Silent Code Execution via MotW Bypass, No Patch

Do Son April 22, 2025

A security flaw has been unearthed in WinZip, the popular file compression utility, placing millions of users...

Critical CVE-2025-1976 Vulnerability in Brocade Fabric OS Actively Exploited Brocade Fabric OS, CVE-2025-1976

Critical CVE-2025-1976 Vulnerability in Brocade Fabric OS Actively Exploited

Do Son April 22, 2025

A critical security vulnerability has been identified in Brocade Fabric OS, posing a significant risk to affected...

RustoBot Botnet Exploits Router Flaws in Sophisticated Attacks RustoBot, Router Vulnerability

RustoBot Botnet Exploits Router Flaws in Sophisticated Attacks

Do Son April 22, 2025

FortiGuard Labs recently discovered RustoBot, written in Rust, a memory-safe language known for its performance and security,...

Over 50k WordPress Sites at Takeover Risk Via Vulnerable Plugin Greenshift plugin WordPress vulnerability

Over 50k WordPress Sites at Takeover Risk Via Vulnerable Plugin

Do Son April 21, 2025

A critical vulnerability affecting the popular WordPress plugin Greenshift – animation and page builder blocks has come...

Cellebrite Android Zero-Day Exploit PoC Released: CVE-2024-53104 Cellebrite exploit, Android zero-day

Cellebrite Android Zero-Day Exploit PoC Released: CVE-2024-53104

Do Son April 21, 2025

A security researcher published a proof-of-concept exploit code for an Android zero-day exploit chain developed by Cellebrite...

Critical PyTorch Vulnerability CVE-2025-32434 Allows Remote Code Execution PyTorch vulnerability, CVE-2025-32434 CVE-2026-24747

Critical PyTorch Vulnerability CVE-2025-32434 Allows Remote Code Execution

Do Son April 21, 2025

A critical vulnerability has been unearthed in PyTorch, one of the most beloved deep learning frameworks out...

Yokogawa Recorders Vulnerable to Attack Due to Insecure Default Settings Yokogawa vulnerability Insecure default settings

Yokogawa Recorders Vulnerable to Attack Due to Insecure Default Settings

Do Son April 21, 2025

Yokogawa Electric Corporation has issued a security advisory warning of a critical vulnerability affecting several of its...

CVE-2025-2492: Critical ASUS Router Vulnerability Requires Immediate Firmware Update ASUS router vulnerability CVE-2025-2492

CVE-2025-2492: Critical ASUS Router Vulnerability Requires Immediate Firmware Update

Do Son April 21, 2025

ASUS has released a firmware update addressing a critical-severity vulnerability—CVE-2025-2492—with a CVSSv4 score of 9.2. The flaw...

CVE-2025-42599: Critical Buffer Overflow in Active! mail Exploited in the Wild Active! mail vulnerability, CVE-2025-42599

CVE-2025-42599: Critical Buffer Overflow in Active! mail Exploited in the Wild

Do Son April 21, 2025

A severe security vulnerability has been identified in Active! mail, a product of QUALITIA CO., LTD., posing...

Critical Alert 4 Active Exploits Detected Today