Vulnerability Archives • Page 26 of 190 • Daily CyberSecurity

CVE-2025-22457: UNC5221 Exploits Ivanti Zero-Day Flaw to Deploy TRAILBLAZE and BRUSHFIRE Malware

Ddos April 3, 2025

Ivanti has recently disclosed a critical security vulnerability, identified as CVE-2025-22457, affecting several of its widely-used products....

CVE-2025-31334: WinRAR Flaw Enables Mark-of-the-Web Bypass and Arbitrary Code Execution

Ddos April 3, 2025

A newly disclosed vulnerability in WinRAR, the world’s most widely used file compression tool with over 500...

Verizon Call Filter App Vulnerability Exposed Call Records of Millions

Ddos April 3, 2025

A security vulnerability in the Verizon Call Filter iOS app allowed attackers to potentially leak the call...

Multiple Jenkins Plugin and Core Vulnerabilities Expose Sensitive Data and Execution Paths

Ddos April 3, 2025

The Jenkins project has released a new security advisory highlighting several medium to high severity vulnerabilities affecting...

CVE-2025-31137: React Router Vulnerability Exposes Web Apps to Cache Poisoning and WAF Bypass Attacks

Ddos April 3, 2025

A newly discovered vulnerability, CVE-2025-31137, has been identified in React Router, a popular library used for managing...

CVE-2025-0415 (CVSSv4 9.2): Critical Vulnerability Discovered in Moxa Network Devices Moxa Hard-Coded Credentials, Critical JWT Bypass CVE-2024-9137 and CVE-2024-9139 - CVE-2024-12297 CVE-2024-7695 CVE-2024-9404 CVE-2024-12297 CVE-2025-0415

Moxa Hard-Coded Credentials, Critical JWT Bypass CVE-2024-9137 and CVE-2024-9139 - CVE-2024-12297 CVE-2024-7695 CVE-2024-9404 CVE-2024-12297 CVE-2025-0415

CVE-2025-0415 (CVSSv4 9.2): Critical Vulnerability Discovered in Moxa Network Devices

Ddos April 3, 2025

A critical security vulnerability, identified as CVE-2025-0415 (CVSSv4 9.2), has been found in multiple Moxa secure routers,...

Multiple Vulnerabilities in Zabbix Open the Door to XSS, DoS, and SQL Injection CVE-2024-36465

Multiple Vulnerabilities in Zabbix Open the Door to XSS, DoS, and SQL Injection

Ddos April 3, 2025

Zabbix, a cornerstone in IT infrastructure monitoring fixed five newly disclosed security vulnerabilities ranging from low-severity information...

Rancher Users: Update Now to Fix Admin Takeover Bug (CVE-2025-23391)

Ddos April 3, 2025

A security vulnerability has been identified in Rancher, an open-source container management platform that makes it easy...

High-Severity Vulnerabilities in Bruno API Client Expose Users to Potential RCE CVE-2025-30354 & CVE-2025-30210

High-Severity Vulnerabilities in Bruno API Client Expose Users to Potential RCE

Ddos April 3, 2025

A security advisory from the Bruno project has revealed critical vulnerabilities in the Bruno API client, highlighting...

CVE-2025-0676: High-Severity Vulnerability Threatens Moxa Network Devices

Ddos April 2, 2025

A security vulnerability has been identified in several Moxa secure routers, cellular routers, and network security appliances,...

CISA Flags Apache Tomcat CVE-2025-24813 as Actively Exploited with 9.8 CVSS CVE-2025-24813 exploit

CISA Flags Apache Tomcat CVE-2025-24813 as Actively Exploited with 9.8 CVSS

Ddos April 2, 2025

A critical vulnerability in Apache Tomcat, now actively exploited in the wild, has landed in the CISA...

Chrome 135: 14 Security Fixes, High-Severity CVE-2025-3066 Flaw Patched Chrome 135 CVE-2025-3066

Chrome 135: 14 Security Fixes, High-Severity CVE-2025-3066 Flaw Patched

Ddos April 2, 2025

Google’s Chrome team has officially rolled out Chrome 135 to the Stable Channel for Windows, macOS, and...

VyOS and Debian Systems Vulnerable to Man-in-the-Middle Attacks (CVE-2025-30095)

Ddos April 2, 2025

A critical vulnerability tracked as CVE-2025-30095 has been discovered in VyOS, a popular open-source network operating system....

MongoDB Patches: DoS & Bypass Risks Addressed MongoDB DoS, Pre-Authentication Vulnerability CVE-2024-7553 - MongoDB Server CVE-2025-3083, CVE-2025-3084, and CVE-2025-3085

MongoDB DoS, Pre-Authentication Vulnerability CVE-2024-7553 - MongoDB Server CVE-2025-3083, CVE-2025-3084, and CVE-2025-3085

MongoDB Patches: DoS & Bypass Risks Addressed

Ddos April 2, 2025

MongoDB, the popular open-source NoSQL database, has released patches addressing three newly disclosed vulnerabilities that could expose...

CVE-2025-30223 (CVSS 9.3): Critical XSS Vulnerability Discovered in Beego Framework

Ddos April 2, 2025

A Cross-Site Scripting (XSS) vulnerability has been identified in the Beego framework, a popular Go framework for...

8 Zero-Day Vulnerabilities Uncovered in Netgear WNR854T Router Netgear WNR854T vulnerability Vulnerabilities

8 Zero-Day Vulnerabilities Uncovered in Netgear WNR854T Router

Ddos April 2, 2025

Security researcher Dylan has disclosed a set of eight previously unknown zero-day vulnerabilities affecting the Netgear WNR854T,...

CVE-2025-30065 (CVSS 10): Critical Vulnerability Discovered in Apache Parquet Java CVE-2025-30065 Apache Parquet, CVE-2025-46762

CVE-2025-30065 (CVSS 10): Critical Vulnerability Discovered in Apache Parquet Java

Ddos April 2, 2025

Apache Parquet, a widely used open-source, column-oriented data file format, has been found to contain a critical...

Critical Vulnerabilities Threaten IBM App Connect Enterprise IBM API Connect, CVE-2025-13915 IBM Privilege Escalation, CVE-2025-36356 IBM Power Systems - CVE-2024-45656 CVE-2024-49814 and CVE-2024-51450 CVE-2024-56346 and CVE-2024-56347 CVE-2025-1302

IBM API Connect, CVE-2025-13915 IBM Privilege Escalation, CVE-2025-36356 IBM Power Systems - CVE-2024-45656 CVE-2024-49814 and CVE-2024-51450 CVE-2024-56346 and CVE-2024-56347 CVE-2025-1302

Critical Vulnerabilities Threaten IBM App Connect Enterprise

Ddos April 2, 2025

IBM has issued a critical security bulletin warning that multiple versions of its App Connect Enterprise (ACE)...

Google Patches ImageRunner: Fixing Critical Cloud Run Container Access Flaw Railway app Google Cloud suspension Google Cloud CDN Interconnect pricing 2026, GCP data transfer cost increase Google Cloud Disrupted ImageRunner Alphabet earnings, Google AI