Vulnerability Archives • Page 35 of 190 • Daily CyberSecurity

CVE-2025-27154: Spotipy Vulnerability Exposes Spotify Auth Tokens Spotify data leak, Anna’s Archive CVE-2025-27154

CVE-2025-27154: Spotipy Vulnerability Exposes Spotify Auth Tokens

Do Son March 2, 2025

Spotipy, a popular Python library for interacting with the Spotify Web API, recently addressed a security vulnerability...

Extreme Networks Addresses Critical Security Vulnerabilities in HiveOS CVE-2025-27227

Extreme Networks Addresses Critical Security Vulnerabilities in HiveOS

Do Son March 2, 2025

Extreme Networks has recently released security advisories to address three critical vulnerabilities affecting its IQ Engine (HiveOS)...

Webmin Vulnerability Allows Bypassing of SSL Certificate Authentication webmin authentication vulnerability

Webmin Vulnerability Allows Bypassing of SSL Certificate Authentication

Do Son March 2, 2025

A security vulnerability has been discovered in Webmin, a widely used web-based system administration tool for Unix-like...

Arista EOS Devices Vulnerable to Unauthorized Data Access and Configuration Changes (CVE-2025-1259 & CVE-2025-1260)

Do Son March 2, 2025

Arista Networks, a leading provider of network switching solutions, has issued a security advisory warning of two...

CVE-2024-47051 (CVSS 9.1): Critical RCE and File Deletion Flaws Expose 200,000+ Organizations

Do Son March 2, 2025

The Mautic project has disclosed a severe security vulnerability, CVE-2024-47051, affecting versions before 5.2.3, with a CVSS...

Critical LDAP Injection Flaw in IBM TXSeries for Multiplatforms CVE-2022-46337

Critical LDAP Injection Flaw in IBM TXSeries for Multiplatforms

Do Son March 2, 2025

IBM has released a security bulletin addressing a vulnerability in the Apache Derby package shipped with IBM...

CVE-2025-27554 (CVSS 9.9): Critical Flaw Found in ToDesktop Electron App Bundler

Do Son March 1, 2025

A recently disclosed vulnerability in ToDesktop, an Electron app bundler service, could have allowed attackers to execute...

Cellebrite Spyware Bypasses Android Lock Screens with Zero-Day Flaws Donot APT Group - Android zero-day

Cellebrite Spyware Bypasses Android Lock Screens with Zero-Day Flaws

Do Son March 1, 2025

Israeli digital intelligence company Cellebrite offers intelligence gathering and forensic review services to its clients. Additionally, the...

CVE-2024-53675: PoC Exploit Released for HPE Insight RS XML Injection Flaw CVE-2024-53675 PoC exploit

CVE-2024-53675: PoC Exploit Released for HPE Insight RS XML Injection Flaw

Do Son March 1, 2025

Security researcher Robin recently disclosed details and a PoC exploit code of an XML external entity injection...

CVE-2025-27110: ModSecurity Vulnerability Leaves Web Applications Exposed libmodsecurity3 Denial of Service WAF Security Vulnerability CVE-2025-27110 ModSecurity vulnerability, JSON DoS

libmodsecurity3 Denial of Service WAF Security Vulnerability CVE-2025-27110 ModSecurity vulnerability, JSON DoS

CVE-2025-27110: ModSecurity Vulnerability Leaves Web Applications Exposed

Do Son February 28, 2025

A newly discovered vulnerability in ModSecurity, a popular open-source web application firewall (WAF), could leave countless web...

BeyondTrust Privilege Management for Windows Vulnerability Allows Local Privilege Escalation BeyondTrust Vulnerability CVE-2026-1731 CVE-2024-12356 - CVE-2025-0889 BeyondTrust Privilege Escalation, Windows Security

BeyondTrust Privilege Management for Windows Vulnerability Allows Local Privilege Escalation

Do Son February 28, 2025

BeyondTrust, a leading provider of privileged access management solutions, has issued a security advisory addressing a critical...

Gradle Build Automation Tool Vulnerable to Privilege Escalation (CVE-2025-27148)

Do Son February 27, 2025

A security vulnerability has been discovered in Gradle, a popular open-source build automation tool used for building,...

CVE-2024-38063 (CVSS 9.8): Windows RCE Vulnerability Found in Pepperl+Fuchs HMI Devices PEPPERL+FUCHS vulnerability

CVE-2024-38063 (CVSS 9.8): Windows RCE Vulnerability Found in Pepperl+Fuchs HMI Devices

Do Son February 27, 2025

CERT@VDE, in coordination with Pepperl+Fuchs, has issued a security advisory regarding a critical vulnerability affecting various Pepperl+Fuchs...

CVE-2025-20059 (CVSS 9.2): Urgent Action Needed to Patch PingAM Java Agent Vulnerability

Do Son February 27, 2025

Ping Identity has disclosed a critical security vulnerability in its PingAM Java Agent, a key component of...

Account Takeover Vulnerability Found in Better Auth Library Better Auth Bypass, rou3 Path Normalization Better Auth Bypass, CVE-2025-61928 Better Auth vulnerability

Better Auth Bypass, rou3 Path Normalization Better Auth Bypass, CVE-2025-61928 Better Auth vulnerability

Account Takeover Vulnerability Found in Better Auth Library

Do Son February 27, 2025

A critical security vulnerability has been discovered in the Better Auth library, a popular TypeScript authentication framework....

nRootTag: 1.5 Billion iPhones Used for Malicious Tracking

Do Son February 27, 2025

Apple’s Find My network leverages a crowdsourced Bluetooth system to enable remote tracking of compatible devices. For...

Cisco Warns of DoS Vulnerability in Nexus 3000 and 9000 Series Switches (CVE-2025-20111) Cisco CCX RCE and Java RMI Flaw CVE-2024-20458 - CVE-2025-20111 Cisco Smart Licensing Utility Flaw

Cisco CCX RCE and Java RMI Flaw CVE-2024-20458 - CVE-2025-20111 Cisco Smart Licensing Utility Flaw

Cisco Warns of DoS Vulnerability in Nexus 3000 and 9000 Series Switches (CVE-2025-20111)

Do Son February 26, 2025

Network administrators, take note! Cisco has issued a security advisory warning of a critical vulnerability affecting several...

CVE-2025-20029: Command Injection Flaw Discovered in F5 BIG-IP System, PoC Releases

Do Son February 26, 2025

A command injection vulnerability has been discovered in the F5 BIG-IP system, a popular network traffic management...

CVE-2025-0514: LibreOffice Flaw Could Allow Unintentional Execution of Malicious Files CVE-2023-0950 & CVE-2025-0514

CVE-2025-0514: LibreOffice Flaw Could Allow Unintentional Execution of Malicious Files

Do Son February 26, 2025

The Document Foundation has issued a security advisory addressing a vulnerability in LibreOffice that could allow attackers...

NVIDIA acquisition rumors NVIDIA AI Security AI Framework Vulnerabilities Nvidia 595.76 Hotfix NVIDIA Megatron Bridge vulnerability GPU vs ASIC AI battle NVIDIA Driver Vulnerability CVE-2025-33217 NVIDIA biggest TSMC customer 2026, NVIDIA vs Apple TSMC revenue share NVIDIA CUDA Toolkit CVE-2025-33228 Groq NVIDIA licensing deal, Jonathan Ross acquihire 2025 NeMo Code Injection, AI Framework RCE NVIDIA App Privilege Escalation, CVE-2025-23358 NVIDIA Security Update, DLS Vulnerability CVE-2025-23316 NVIDIA NVDebug, vulnerabilities NVIDIA Driver Vulnerabilities, vGPU Security Nvidia Jetson, UEFI Vulnerabilities CVE-2024-0130 - CVE-2024-0136 CVE-2024-0148 NVIDIA Driver Support, Windows 10 EOL

NVIDIA Issues Security Update for Jetson AGX Orin and IGX Orin to Patch UEFI Vulnerability – CVE-2024-0148

Do Son February 26, 2025

NVIDIA has issued a security update to address a high-severity vulnerability affecting its Jetson AGX Orin Series...