Vulnerability Archives • Page 36 of 190 • Daily CyberSecurity

GRUB2 Bootloader Vulnerabilities Expose Millions of Systems to Attacks GRUB 2.14 release Y2038 fix, Linux bootloader Argon2 TPM2 GRUB2 Bootloader Vulnerabilities - CVE-2025-0624

GRUB 2.14 release Y2038 fix, Linux bootloader Argon2 TPM2 GRUB2 Bootloader Vulnerabilities - CVE-2025-0624

GRUB2 Bootloader Vulnerabilities Expose Millions of Systems to Attacks

Ddos February 25, 2025

A series of critical vulnerabilities have been discovered in GRUB2, the popular boot loader used by many...

PolarEdge Botnet: 2,000+ IoT Devices Infected PolarEdge IoT botnet

PolarEdge Botnet: 2,000+ IoT Devices Infected

Ddos February 25, 2025

The PolarEdge botnet, a sophisticated IoT-based malware campaign, has been discovered by Sekoia’s Threat Detection & Research...

CVE-2025-27364 (CVSS 10): Remote Code Execution Flaw Found in MITRE Caldera, PoC Releases

Ddos February 24, 2025

A newly discovered vulnerability in MITRE Caldera, tracked as CVE-2025-27364, has been assigned a critical CVSS score...

PoC Released: CVE-2024-13159 (CVSS 9.8) in Ivanti EPM Poses Severe Security Threat CVE-2024-13159 PoC exploit

PoC Released: CVE-2024-13159 (CVSS 9.8) in Ivanti EPM Poses Severe Security Threat

Ddos February 24, 2025

Security researcher Zach Hanley (@hacks_zach) of Horizon3.ai published the technical details and a proof-of-concept (PoC) exploit code...

CVE-2025-1128: Everest Forms Plugin Exposes 100,000+ WordPress Sites to Complete Takeover

Ddos February 24, 2025

A severe security vulnerability, tracked as CVE-2025-1128, has been uncovered in the popular WordPress plugin, Everest Forms,...

Critical Mattermost Flaws (CVE-2025-20051, CVE-2025-24490, CVE-2025-25279) Expose Systems to File Read and SQL Injection Attacks Mattermost Vulnerability, Remote Code Execution CVE-2025-20051, CVE-2025-24490, and CVE-2025-25279

Mattermost Vulnerability, Remote Code Execution CVE-2025-20051, CVE-2025-24490, and CVE-2025-25279

Critical Mattermost Flaws (CVE-2025-20051, CVE-2025-24490, CVE-2025-25279) Expose Systems to File Read and SQL Injection Attacks

Ddos February 24, 2025

Mattermost, an open-source platform for team communication and collaboration, has addressed three critical security vulnerabilities affecting its...

CISA Flags Actively Exploited Security Vulnerabilities in Adobe ColdFusion and Oracle Agile PLM ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA Flags Actively Exploited Security Vulnerabilities in Adobe ColdFusion and Oracle Agile PLM

Ddos February 24, 2025

Cybersecurity and Infrastructure Security Agency (CISA) has added two critical security vulnerabilities to its Known Exploited Vulnerabilities...

From Confluence Vulnerability (CVE-2023-22527) to LockBit Encryption: A Rapid Attack Chain

Ddos February 24, 2025

Security researchers at The DFIR Report have uncovered a highly coordinated attack that leveraged a critical remote...

0-Day in Parallels Desktop Allows Root Privilege Escalation, PoC Released Parallels Desktop 0-Day

0-Day in Parallels Desktop Allows Root Privilege Escalation, PoC Released

Ddos February 23, 2025

A newly disclosed 0-day vulnerability in Parallels Desktop has exposed a root privilege escalation flaw, bypassing the...

CVE-2024-56171 & CVE-2025-24928: Libxml2 Flaws Could Lead to Code Execution CVE-2024-56171, CVE-2025-24928, and CVE-2025-27113

CVE-2024-56171 & CVE-2025-24928: Libxml2 Flaws Could Lead to Code Execution

Ddos February 23, 2025

Libxml2,a widely used XML parsing library developed for the GNOME project but also utilized across various platforms,...

Moxa PT Switches Vulnerable to CVE-2024-9404 Denial-of-Service Attack Moxa Hard-Coded Credentials, Critical JWT Bypass CVE-2024-9137 and CVE-2024-9139 - CVE-2024-12297 CVE-2024-7695 CVE-2024-9404 CVE-2024-12297 CVE-2025-0415

Moxa Hard-Coded Credentials, Critical JWT Bypass CVE-2024-9137 and CVE-2024-9139 - CVE-2024-12297 CVE-2024-7695 CVE-2024-9404 CVE-2024-12297 CVE-2025-0415

Moxa PT Switches Vulnerable to CVE-2024-9404 Denial-of-Service Attack

Ddos February 23, 2025

Moxa, a leading provider of industrial networking solutions, has issued a security advisory regarding a critical denial-of-service...

Exim Mail Transfer Agent Vulnerable to Remote SQL Injection (CVE-2025-26794), PoC Published CVE-2025-26794 Exim SQL Injection, Heap Buffer Overflow

CVE-2025-26794 Exim SQL Injection, Heap Buffer Overflow

Exim Mail Transfer Agent Vulnerable to Remote SQL Injection (CVE-2025-26794), PoC Published

Ddos February 23, 2025

A new vulnerability has been discovered in Exim, a widely used mail transfer agent (MTA) for Unix-like...

CVE-2024-37361 (CVSS 9.9): Critical Vulnerability in Pentaho Business Analytics Server NTLM Vulnerabilities, CVE-2024-43451 CVE-2024-37361 - RESURGE Malware

NTLM Vulnerabilities, CVE-2024-43451 CVE-2024-37361 - RESURGE Malware

CVE-2024-37361 (CVSS 9.9): Critical Vulnerability in Pentaho Business Analytics Server

Ddos February 22, 2025

Hitachi Vantara has issued a security advisory addressing a vulnerability, designated as CVE-2024-37361, in its Pentaho Business...

CVE-2024-56000 (CVSS 9.8): Account Takeover Flaw in KLEO WordPress Theme

Ddos February 21, 2025

A critical vulnerability has been discovered in the KLEO WordPress theme, potentially allowing attackers to take over...

Publicly Disclosed Exploits Put D-Link DIR-823 Users in Danger – No Security Fixes D-Link DIR-823 vulnerabiity

Publicly Disclosed Exploits Put D-Link DIR-823 Users in Danger – No Security Fixes

Ddos February 21, 2025

D-Link has issued a security advisory concerning multiple vulnerabilities affecting the DIR-823 wireless router, revision A1, running...

Google Releases PoC for CVE-2025-0110 Command Injection in PAN-OS Firewalls CVE-2024-5921 - CVE-2025-0103 CVE-2025-0110 PoC

Google Releases PoC for CVE-2025-0110 Command Injection in PAN-OS Firewalls

Ddos February 20, 2025

A Google researcher has disclosed details and a proof-of-concept (PoC) exploit for a vulnerability (CVE-2025-0110) in Palo...

CVE-2025-23115 & CVE-2025-23116: Hackers Can Hijack Ubiquiti UniFi Protect Cameras

Ddos February 20, 2025

Ubiquiti, a leading provider of networking equipment, has issued a critical security advisory concerning multiple vulnerabilities discovered...

CVE-2025-0111 & CVE-2025-23209: Palo Alto Firewalls and Craft CMS Under Active Attack Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

CVE-2025-0111 & CVE-2025-23209: Palo Alto Firewalls and Craft CMS Under Active Attack

Ddos February 20, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical security vulnerabilities to its Known...

CVE-2024-39327 (CVSS 9.9): Critical IDPKI Flaw Could Allow Illegitimate Certificate Issuance Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538