Vulnerability Archives • Page 35 of 190 • Daily CyberSecurity

CVE-2025-27554 (CVSS 9.9): Critical Flaw Found in ToDesktop Electron App Bundler

Ddos March 1, 2025

A recently disclosed vulnerability in ToDesktop, an Electron app bundler service, could have allowed attackers to execute...

Cellebrite Spyware Bypasses Android Lock Screens with Zero-Day Flaws Donot APT Group - Android zero-day

Cellebrite Spyware Bypasses Android Lock Screens with Zero-Day Flaws

Ddos March 1, 2025

Israeli digital intelligence company Cellebrite offers intelligence gathering and forensic review services to its clients. Additionally, the...

CVE-2024-53675: PoC Exploit Released for HPE Insight RS XML Injection Flaw CVE-2024-53675 PoC exploit

CVE-2024-53675: PoC Exploit Released for HPE Insight RS XML Injection Flaw

Ddos March 1, 2025

Security researcher Robin recently disclosed details and a PoC exploit code of an XML external entity injection...

CVE-2025-27110: ModSecurity Vulnerability Leaves Web Applications Exposed libmodsecurity3 Denial of Service WAF Security Vulnerability CVE-2025-27110 ModSecurity vulnerability, JSON DoS

libmodsecurity3 Denial of Service WAF Security Vulnerability CVE-2025-27110 ModSecurity vulnerability, JSON DoS

CVE-2025-27110: ModSecurity Vulnerability Leaves Web Applications Exposed

Ddos February 28, 2025

A newly discovered vulnerability in ModSecurity, a popular open-source web application firewall (WAF), could leave countless web...

BeyondTrust Privilege Management for Windows Vulnerability Allows Local Privilege Escalation BeyondTrust Vulnerability CVE-2026-1731 CVE-2024-12356 - CVE-2025-0889 BeyondTrust Privilege Escalation, Windows Security

BeyondTrust Privilege Management for Windows Vulnerability Allows Local Privilege Escalation

Ddos February 28, 2025

BeyondTrust, a leading provider of privileged access management solutions, has issued a security advisory addressing a critical...

Gradle Build Automation Tool Vulnerable to Privilege Escalation (CVE-2025-27148)

Ddos February 27, 2025

A security vulnerability has been discovered in Gradle, a popular open-source build automation tool used for building,...

CVE-2024-38063 (CVSS 9.8): Windows RCE Vulnerability Found in Pepperl+Fuchs HMI Devices PEPPERL+FUCHS vulnerability

CVE-2024-38063 (CVSS 9.8): Windows RCE Vulnerability Found in Pepperl+Fuchs HMI Devices

Ddos February 27, 2025

CERT@VDE, in coordination with Pepperl+Fuchs, has issued a security advisory regarding a critical vulnerability affecting various Pepperl+Fuchs...

CVE-2025-20059 (CVSS 9.2): Urgent Action Needed to Patch PingAM Java Agent Vulnerability

Ddos February 27, 2025

Ping Identity has disclosed a critical security vulnerability in its PingAM Java Agent, a key component of...

Account Takeover Vulnerability Found in Better Auth Library Better Auth Bypass, rou3 Path Normalization Better Auth Bypass, CVE-2025-61928 Better Auth vulnerability

Better Auth Bypass, rou3 Path Normalization Better Auth Bypass, CVE-2025-61928 Better Auth vulnerability

Account Takeover Vulnerability Found in Better Auth Library

Ddos February 27, 2025

A critical security vulnerability has been discovered in the Better Auth library, a popular TypeScript authentication framework....

nRootTag: 1.5 Billion iPhones Used for Malicious Tracking

Ddos February 27, 2025

Apple’s Find My network leverages a crowdsourced Bluetooth system to enable remote tracking of compatible devices. For...

Cisco Warns of DoS Vulnerability in Nexus 3000 and 9000 Series Switches (CVE-2025-20111) Cisco CCX RCE and Java RMI Flaw CVE-2024-20458 - CVE-2025-20111 Cisco Smart Licensing Utility Flaw

Cisco CCX RCE and Java RMI Flaw CVE-2024-20458 - CVE-2025-20111 Cisco Smart Licensing Utility Flaw

Cisco Warns of DoS Vulnerability in Nexus 3000 and 9000 Series Switches (CVE-2025-20111)

Ddos February 26, 2025

Network administrators, take note! Cisco has issued a security advisory warning of a critical vulnerability affecting several...

CVE-2025-20029: Command Injection Flaw Discovered in F5 BIG-IP System, PoC Releases

Ddos February 26, 2025

A command injection vulnerability has been discovered in the F5 BIG-IP system, a popular network traffic management...

CVE-2025-0514: LibreOffice Flaw Could Allow Unintentional Execution of Malicious Files CVE-2023-0950 & CVE-2025-0514

CVE-2025-0514: LibreOffice Flaw Could Allow Unintentional Execution of Malicious Files

Ddos February 26, 2025

The Document Foundation has issued a security advisory addressing a vulnerability in LibreOffice that could allow attackers...

NVIDIA acquisition rumors NVIDIA AI Security AI Framework Vulnerabilities Nvidia 595.76 Hotfix NVIDIA Megatron Bridge vulnerability GPU vs ASIC AI battle NVIDIA Driver Vulnerability CVE-2025-33217 NVIDIA biggest TSMC customer 2026, NVIDIA vs Apple TSMC revenue share NVIDIA CUDA Toolkit CVE-2025-33228 Groq NVIDIA licensing deal, Jonathan Ross acquihire 2025 NeMo Code Injection, AI Framework RCE NVIDIA App Privilege Escalation, CVE-2025-23358 NVIDIA Security Update, DLS Vulnerability CVE-2025-23316 NVIDIA NVDebug, vulnerabilities NVIDIA Driver Vulnerabilities, vGPU Security Nvidia Jetson, UEFI Vulnerabilities CVE-2024-0130 - CVE-2024-0136 CVE-2024-0148 NVIDIA Driver Support, Windows 10 EOL

NVIDIA Issues Security Update for Jetson AGX Orin and IGX Orin to Patch UEFI Vulnerability – CVE-2024-0148

Ddos February 26, 2025

NVIDIA has issued a security update to address a high-severity vulnerability affecting its Jetson AGX Orin Series...

CVE-2025-0475 & CVE-2025-0555: GitLab’s High-Risk Patch Now CVE-2024-4835 CVE-2025-0475 & CVE-2025-0555

CVE-2025-0475 & CVE-2025-0555: GitLab’s High-Risk Patch Now

Ddos February 26, 2025

GitLab has issued a security advisory, urging all self-managed GitLab installations to upgrade immediately to versions 17.9.1,...

Outdated and Unblocked: Legacy Driver Vulnerability Exploited in Widespread Attack

Ddos February 26, 2025

A large-scale cyberattack campaign leveraging legacy drivers to disable endpoint security solutions has been uncovered by Check...

CVE-2024-12084 & CVE-2024-12085: Rsync Flaws Allow Hackers to Take Over Servers, PoC Published Rsync Vulnerability Use-After-Free CVE-2022-29154 & CVE-2024-12084 CVE-2024-120845 PoC

Rsync Vulnerability Use-After-Free CVE-2022-29154 & CVE-2024-12084 CVE-2024-120845 PoC

CVE-2024-12084 & CVE-2024-12085: Rsync Flaws Allow Hackers to Take Over Servers, PoC Published

Ddos February 25, 2025

A set of high-risk vulnerabilities has been disclosed in Rsync, the widely used file synchronization and data...

CISA Flags Actively Exploited Zimbra (CVE-2023-34192) and Microsoft (CVE-2024-49035) Vulnerabilities CISA KEV Catalog Active Exploitation CVE-2023-33063 - CVE-2023-34192 and CVE-2024-49035

CISA KEV Catalog Active Exploitation CVE-2023-33063 - CVE-2023-34192 and CVE-2024-49035

CISA Flags Actively Exploited Zimbra (CVE-2023-34192) and Microsoft (CVE-2024-49035) Vulnerabilities

Ddos February 25, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning, adding two critical vulnerabilities to its...

CVE-2025-24752: Massive WordPress Plugin Vulnerability Exposes Millions to XSS Attacks

Ddos February 25, 2025

A high-severity security flaw has been discovered in the widely used WordPress plugin, Essential Addons for Elementor,...

OpenH264 Codec Vulnerability (CVE-2025-27091): Remote Code Execution Possible

Ddos February 25, 2025

Cisco has released a security advisory concerning a high-severity vulnerability in the OpenH264 codec library. Tracked as...

Critical Alert 1 Active Exploit Detected Today