Vulnerability Archives • Page 33 of 190 • Daily CyberSecurity

Apache Traffic Server Patches Multiple Security Vulnerabilities Apache Traffic Server Vulnerabilities CVE-2024-56195 and CVE-2024-56196

Apache Traffic Server Patches Multiple Security Vulnerabilities

Ddos March 9, 2025

The Apache Traffic Server project has released updates to address several security vulnerabilities affecting multiple versions of...

Commvault Addresses Critical Webserver Vulnerability Commvault Vulnerability

Commvault Addresses Critical Webserver Vulnerability

Ddos March 9, 2025

Commvault, a leading provider of data protection and management solutions, has recently addressed a critical webserver vulnerability...

Popular Python Logging Library Vulnerable to Remote Code Execution (CVE-2025-27607)

Ddos March 9, 2025

A critical vulnerability has been discovered in ‘python-json-logger’, a popular Python library used for generating JSON logs....

CVE-2024-50394: QNAP Helpdesk Vulnerability Could Allow Remote System Compromise QNAP Security Patches, NAS Vulnerabilities ASP.NET, QNAP CVE-2023-39296 PoC - CVE-2024-50394

QNAP Security Patches, NAS Vulnerabilities ASP.NET, QNAP CVE-2023-39296 PoC - CVE-2024-50394

CVE-2024-50394: QNAP Helpdesk Vulnerability Could Allow Remote System Compromise

Ddos March 8, 2025

QNAP has issued a security advisory regarding an improper certificate validation vulnerability in its Helpdesk app. The...

Smartwares Security Breach: Vulnerabilities Expose Cameras to Remote Takeover GNU libtasn1 Vulnerability CVE-2025-13151 Credit Card Skimmer Malware CVE-2024-13892

GNU libtasn1 Vulnerability CVE-2025-13151 Credit Card Skimmer Malware CVE-2024-13892

Smartwares Security Breach: Vulnerabilities Expose Cameras to Remote Takeover

Ddos March 8, 2025

CERT Polska, operating within the National Research Institute (NASK), has unveiled security vulnerabilities affecting Smartwares CIP-37210AT and...

Google Awards Nearly $12 Million in 2024 to Security Researchers through Its Vulnerability Reward Program

Ddos March 7, 2025

Google’s ongoing commitment to cybersecurity saw a significant boost in 2024, as the tech giant awarded nearly...

ServiceNow Addresses Authorization Bypass Vulnerability in Now Platform (CVE-2025-0337) ServiceNow AI Platform CVE-2026-0542 ServiceNow AI Vulnerability CVE-2025-12420 CVE-2025-0337

ServiceNow AI Platform CVE-2026-0542 ServiceNow AI Vulnerability CVE-2025-12420 CVE-2025-0337

ServiceNow Addresses Authorization Bypass Vulnerability in Now Platform (CVE-2025-0337)

Ddos March 7, 2025

ServiceNow’s Now Platform is a cornerstone for enterprise IT management, automation, and digital workflows. However, a recently...

Telegram’s EvilLoader: Hackers Exploit Video Flaw Again

Ddos March 7, 2025

In June 2024, a vulnerability was discovered in the instant messaging platform Telegram, specifically affecting Telegram for...

Critical Flaws Uncovered in DrayTek Routers: Backdoors, RCE, and Weak Authentication Exposed CVE-2024-41339 & CVE-2024-41334

Critical Flaws Uncovered in DrayTek Routers: Backdoors, RCE, and Weak Authentication Exposed

Ddos March 6, 2025

A comprehensive security audit by the Faraday Team has unveiled a series of critical vulnerabilities in DrayTek...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

CISA Warns of Critical Edimax IP Camera Flaw (CVE-2025-1316) with Public Exploits and No Vendor Fix

Ddos March 6, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical vulnerability affecting...

CVE-2025-20206: Cisco Secure Client Flaw Allows Code Execution with SYSTEM Privileges Cisco Phone DoS, CVE-2025-20350 Cisco SNMP Flaw CVE-2025-20352 CVE-2024-20398 & CVE-2024-20381 CVE-2025-20206

Cisco Phone DoS, CVE-2025-20350 Cisco SNMP Flaw CVE-2025-20352 CVE-2024-20398 & CVE-2024-20381 CVE-2025-20206

CVE-2025-20206: Cisco Secure Client Flaw Allows Code Execution with SYSTEM Privileges

Ddos March 6, 2025

Cisco has released a security advisory addressing a vulnerability in the Cisco Secure Client for Windows. The...

CSRF and Open Redirect: Jenkins Patches Major Vulnerabilities Jenkins Plugin RCE CI/CD Security Advisory Jenkins Vulnerability CVE-2026-33001 Jenkins CLI DoS, Coverage Plugin XSS Jenkins SAML Hijacking, Plaintext Secrets CVE-2023-43495 - Jenkins Vulnerability

Jenkins Plugin RCE CI/CD Security Advisory Jenkins Vulnerability CVE-2026-33001 Jenkins CLI DoS, Coverage Plugin XSS Jenkins SAML Hijacking, Plaintext Secrets CVE-2023-43495 - Jenkins Vulnerability

CSRF and Open Redirect: Jenkins Patches Major Vulnerabilities

Ddos March 6, 2025

Jenkins, the popular open-source automation server, has issued a security advisory addressing multiple vulnerabilities, including the exposure...

CVE-2025-25015 (CVSS 9.9): Critical Code Execution Vulnerability Patched in Elastic Kibana

Ddos March 5, 2025

Elastic has released a security update to address a critical vulnerability in Kibana, its popular data visualization...

CVE-2025-26776 (CVSS 10) in Chaty Pro Plugin Exposes Thousands of WordPress Sites to Takeover

Ddos March 5, 2025

A critical vulnerability has been discovered in the Chaty Pro plugin for WordPress, potentially allowing attackers to...

Cisco Webex for BroadWorks Vulnerability Exposes User Credentials CVE-2024-20419 - Cisco Webex Vulnerability Cisco ISE DoS, CVE-2025-20152

Cisco Webex for BroadWorks Vulnerability Exposes User Credentials

Ddos March 5, 2025

Cisco has addressed a vulnerability in its Webex for BroadWorks platform that could potentially expose user credentials....

CVE-2025-27507 (CVSS 9.0): ZITADEL Users at Risk of Account Takeover ZITADEL Vulnerability CVE-2026-29191 CVE-2025-27507 ZITADEL SSRF, Login UI Hijack

ZITADEL Vulnerability CVE-2026-29191 CVE-2025-27507 ZITADEL SSRF, Login UI Hijack

CVE-2025-27507 (CVSS 9.0): ZITADEL Users at Risk of Account Takeover

Ddos March 5, 2025

The ZITADEL project, an open-source identity and access management solution, has issued a critical security advisory regarding...

CVE-2025-1080: LibreOffice Patches Security Flaw Allowing Arbitrary Script Execution CVE-2024-7788 LibreOffice CVE-2025-1080

CVE-2025-1080: LibreOffice Patches Security Flaw Allowing Arbitrary Script Execution

Ddos March 5, 2025

The Document Foundation has released security updates for LibreOffice to address a vulnerability that could allow attackers...

CVE-2025-1393 (CVSS 9.8): Hard-Coded Credentials in Weidmüller PROCON-WIN Expose Industrial Systems to Attack Energy Meter RCE CVE-2025-41709 ICS Exposure, Power Grid Security CVE-2025-1393 & CVE-2024-23943

Energy Meter RCE CVE-2025-41709 ICS Exposure, Power Grid Security CVE-2025-1393 & CVE-2024-23943

CVE-2025-1393 (CVSS 9.8): Hard-Coded Credentials in Weidmüller PROCON-WIN Expose Industrial Systems to Attack

Ddos March 5, 2025

CERT@VDE, in coordination with Weidmüller, has issued a critical security advisory regarding a vulnerability in the PROCON-WIN...

HPE Insight RS Flaw: CVE-2024-53676 PoC Exploit Published, RCE Risk Looms

Ddos March 4, 2025

Security researcher Robin has published technical details and a proof-of-concept (PoC) exploit for CVE-2024-53676, a critical vulnerability...

CVE-2025-1723: Zoho Patches Account Takeover Vulnerability in ADSelfService Plus CVE-2025-1723 ManageEngine Vulnerability CVE-2025-11250

CVE-2025-1723: Zoho Patches Account Takeover Vulnerability in ADSelfService Plus

Ddos March 4, 2025

Zoho Corporation has released a security advisory addressing a critical account takeover vulnerability in its ADSelfService Plus...

Critical Alert 1 Active Exploit Detected Today