Vulnerability Archives • Page 28 of 190 • Daily CyberSecurity

CVE-2025-30353: Directus Vulnerability Exposes Sensitive Data in Webhook Trigger Flows CVE-2024-27295

CVE-2025-30353: Directus Vulnerability Exposes Sensitive Data in Webhook Trigger Flows

Do Son March 28, 2025

A security vulnerability has been identified in Directus, a real-time API and App dashboard used for managing...

Ghostscript Nightmare: Critical Severity Vulnerabilities Put Users at Risk CVE-2023-36664 CVE-2025-27832, CVE-2025-27831, CVE-2025-27836, and CVE-2025-27837

CVE-2023-36664 CVE-2025-27832, CVE-2025-27831, CVE-2025-27836, and CVE-2025-27837

Ghostscript Nightmare: Critical Severity Vulnerabilities Put Users at Risk

Do Son March 28, 2025

A series of security vulnerabilities has been identified in Artifex Ghostscript, a widely used interpreter for PostScript...

CHOCO TEI WATCHER mini Devices Found Vulnerable to Critical Remote Exploits, CISA Warns CHOCO TEI WATCHER vulnerability

CHOCO TEI WATCHER mini Devices Found Vulnerable to Critical Remote Exploits, CISA Warns

Do Son March 28, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory alerting organizations to multiple...

CVE-2025-2857: New Firefox Sandbox Escape Emerges Following Active Exploitation of CVE-2025-2783 Firefox Klar Adjust

CVE-2025-2857: New Firefox Sandbox Escape Emerges Following Active Exploitation of CVE-2025-2783

Do Son March 27, 2025

Mozilla releases urgent security patch for Windows users as researchers uncover another IPC vulnerability echoing a recently...

CVE-2025-2848: Synology Mail Server Vulnerability Allows Remote Configuration Tampering Synology Chat Server vulnerabilities Synology security update Synology DSM Update NAS Security Vulnerability Synology VPN Update SSL VPN Vulnerability Synology Telnet Flaw DSM Security Update Synology DSM Telnet vulnerability BeeStation Zero-Day, Pwn2Own RCE CVE-2024-11131 & CVE-2024-10442 CVE-2025-2848 Synology, NAS

CVE-2025-2848: Synology Mail Server Vulnerability Allows Remote Configuration Tampering

Do Son March 27, 2025

A recently disclosed vulnerability in Synology Mail Server could allow remote authenticated attackers to tamper with system...

Millions at Risk: PoC Exploit Releases for Vite Arbitrary File Read Flaw (CVE-2025-30208)

Do Son March 27, 2025

Vite, the blazing-fast frontend build tool that powers millions of modern web applications, has been found vulnerable...

CVE-2025-2825: Critical Vulnerability in CrushFTP Exposes Servers to Unauthenticated Access Risk CVE-2024-4040 & CVE-2025-2825

CVE-2025-2825: Critical Vulnerability in CrushFTP Exposes Servers to Unauthenticated Access Risk

Do Son March 27, 2025

Admins urged to patch immediately as CrushFTP discloses high-severity flaw impacting versions 10 and 11. A new...

Splunk Alert: RCE and Data Leak Vulnerabilities Threaten Platforms

Do Son March 27, 2025

Splunk, a widely used platform for searching, monitoring, and analyzing machine-generated data, has released a security advisory...

Synapse Servers at Risk: Zero-Day DoS in the Wild CVE-2025-30355

Synapse Servers at Risk: Zero-Day DoS in the Wild

Do Son March 27, 2025

A critical zero-day vulnerability has been discovered in Synapse, an open-source Matrix homeserver implementation. This flaw is...

CVE-2025-30232: Use-After-Free Vulnerability in Exim Exposes Systems to Privilege Escalation CVE-2023-42115 CVE 2025-30232

CVE-2025-30232: Use-After-Free Vulnerability in Exim Exposes Systems to Privilege Escalation

Do Son March 27, 2025

Exim, a widely used message transfer agent (MTA) for Unix systems, is facing a critical security vulnerability....

CISA Flags Active Exploits in Sitecore CMS: CVE-2019-9874 and CVE-2019-9875, PoC Publishes CVE-2019-9874 & CVE-2019-9875

CISA Flags Active Exploits in Sitecore CMS: CVE-2019-9874 and CVE-2019-9875, PoC Publishes

Do Son March 27, 2025

Two critical vulnerabilities in Sitecore’s anti-CSRF module have re-emerged as active threats, with proof-of-concept exploits in circulation...

Researcher Drops PoC for 9.8 CVSS Ingress-NGINX CVE-2025-1974 Flaw in Kubernetes CVE-2025-1974 PoC

Researcher Drops PoC for 9.8 CVSS Ingress-NGINX CVE-2025-1974 Flaw in Kubernetes

Do Son March 27, 2025

A series of critical security vulnerabilities has been discovered in the Ingress-NGINX Controller for Kubernetes, posing a...

Triple Threat in Frappe Framework: SQL Injection, RCE, and Info Disclosure Fixed in Recent Patches Frappe Framework vulnerability

Triple Threat in Frappe Framework: SQL Injection, RCE, and Info Disclosure Fixed in Recent Patches

Do Son March 27, 2025

Multiple critical security vulnerabilities have been identified in the Frappe Framework, a full-stack web framework powering ERPNext...

WordPress Plugin CVE-2025-2563 Scores 9.8, Threatens Thousands of Membership Sites

Do Son March 27, 2025

A critical security vulnerability has been discovered in the “User Registration & Membership” WordPress plugin, a popular...

CryptoLib Vulnerability: Heap Overflow Threatens Space Communications CVE-2025-30216

CryptoLib Vulnerability: Heap Overflow Threatens Space Communications

Do Son March 27, 2025

A critical security vulnerability has been identified in CryptoLib, a C-based software implementation of the CCSDS Space...

Mass Reboots and Exploit Attempts Plague DrayTek Routers Across the Globe CVE-2021-20123 & CVE-2021-20124 CVE-2020-8515

Mass Reboots and Exploit Attempts Plague DrayTek Routers Across the Globe

Do Son March 27, 2025

Recent reports have highlighted widespread issues with DrayTek routers, including numerous reboots in the UK and Australia,...

CVE-2024-55963: Appsmith’s Default PostgreSQL Misconfiguration Leads to RCE, PoC Releases CVE-2024-55963 PoC

CVE-2024-55963: Appsmith’s Default PostgreSQL Misconfiguration Leads to RCE, PoC Releases

Do Son March 27, 2025

Rhino Security Labs recently detailed a series of critical vulnerabilities affecting default installations of the Appsmith product....

GitLab Alert: Patch Now! XSS & Privilege Escalation Risks CVE-2024-3092 CVE-2025-2255 & CVE-2025-0811

GitLab Alert: Patch Now! XSS & Privilege Escalation Risks

Do Son March 26, 2025

GitLab has issued a security advisory, urging all users of self-managed GitLab Community Edition (CE) and Enterprise...

CVE-2025-30091: Critical RCE Flaw Found in MoxieManager

Do Son March 26, 2025

Tiny Technologies has recently issued a security advisory regarding a critical vulnerability discovered in MoxieManager, a file...

VMware Tools for Windows Hit by CVE-2025-22230 Auth Bypass Flaw VMware SD-WAN Vulnerabilities CVE-2025-22230

VMware Tools for Windows Hit by CVE-2025-22230 Auth Bypass Flaw

Do Son March 26, 2025

A recent security advisory from Broadcom highlights a significant security update for VMware Tools for Windows. The...