Vulnerability Archives • Page 39 of 190 • Daily CyberSecurity

CVE-2025-1240: WinZip Vulnerability Opens Door to Remote Code Execution CVE-2024-8811 - CVE-2025-1240

CVE-2025-1240: WinZip Vulnerability Opens Door to Remote Code Execution

Do Son February 13, 2025

A concerning vulnerability has been discovered in WinZip, potentially allowing remote attackers to execute arbitrary code on...

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

Palo Alto Firewall Flaw (CVE-2025-0108): Active Exploits in the Wild, PoC Released

Do Son February 13, 2025

Palo Alto Networks has addressed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of...

CVE-2025-1126: Critical Lexmark Print Management Client Bug Puts Systems at Risk

Do Son February 13, 2025

Lexmark has issued a security advisory addressing a critical vulnerability in its Lexmark Print Management Client (LPMC)....

CVE-2024-32838 (CVSS 9.4): Critical SQL Injection Flaw Threatens Apache Fineract Users CVE-2024-32838 Apache Fineract IDOR, Core Banking Bypass

CVE-2024-32838 (CVSS 9.4): Critical SQL Injection Flaw Threatens Apache Fineract Users

Do Son February 13, 2025

A significant security vulnerability has been discovered in Apache Fineract, the popular open-source platform used to build...

AMD Ryzen Master Utility Vulnerable to DLL Hijacking (CVE-2024-21966)

Do Son February 13, 2025

A newly discovered vulnerability in the AMD Ryzen Master Utility could allow attackers to escalate privileges and...

Hackers Can Take Over 30,000 WordPress Sites Due to Critical CleanTalk Security Flaw (CVE-2024-13365)

Do Son February 13, 2025

A critical arbitrary file upload vulnerability has been discovered in the Security & Malware scan by CleanTalk...

CVE-2025-23359: NVIDIA Container Toolkit Flaw Could Lead to Code Execution and Denial of Service

Do Son February 13, 2025

NVIDIA has released a security update to address a high-severity vulnerability in its Container Toolkit for Linux...

XSS Flaw in Apache Atlas (CVE-2024-46910) Puts Data Governance at Risk CVE-2024-46910 Apache Atlas Vulnerability Gremlin Code Injection

XSS Flaw in Apache Atlas (CVE-2024-46910) Puts Data Governance at Risk

Do Son February 13, 2025

A serious security vulnerability has been uncovered in Apache Atlas, the open-source governance and metadata management tool...

macOS Security Breach: CVE-2024-54531 PoC Published, Attackers Can Bypass KASLR

Do Son February 12, 2025

Security researchers from Korea University have unveiled an attack that successfully bypasses Kernel Address Space Layout Randomization...

CVE-2025-0108 & CVE-2025-0110: Palo Alto Networks Fixes High-Severity PAN-OS Vulnerabilities PAN-OS IKEv2 Buffer Overflow CVE-2026-0263 Palo Alto Cortex XDR Privilege Escalation Palo Alto Networks Vulnerability CVE-2026-0229 PAN-OS Vulnerability CVE-2026-0227 CVE-2024-5914 - Palo Alto Networks - CVE-2025-0108 & CVE-2025-0110

CVE-2025-0108 & CVE-2025-0110: Palo Alto Networks Fixes High-Severity PAN-OS Vulnerabilities

Do Son February 12, 2025

Palo Alto Networks has released security advisories addressing two high-severity vulnerabilities in its PAN-OS network security operating...

CrowdStrike Addresses High-Severity TLS Vulnerability in Falcon Sensor for Linux (CVE-2025-1146) LogScale Vulnerability Path Traversal Falcon Sensor File Deletion, CVE-2025-42701 CrowdStrike update crashes - CVE 2025-1146

CrowdStrike Addresses High-Severity TLS Vulnerability in Falcon Sensor for Linux (CVE-2025-1146)

Do Son February 12, 2025

CrowdStrike has issued a security advisory regarding a high-severity Transport Layer Security (TLS) vulnerability in its Falcon...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Attackers Ramp Up Exploitation of CVE-2022-47945 and CVE-2023-49103 Vulnerabilities

Do Son February 12, 2025

A new report from GreyNoise reveals a significant spike in exploitation activity targeting two vulnerabilities: one in...

CVE-2024-0112: NVIDIA Patches High-Severity Vulnerability in Jetson and IGX Orin Platforms NemoClaw Prompt Injection AI Sandbox Security NVIDIA Physical AI CES 2026, Jetson T4000 robotics hardware NVIDIA AI Security, Isaac Lab RCE NVIDIA Driver RCE, CVE-2025-23309 NVIDIA Triton, AI Server Vulnerabilities CVE-2023-31029 & CVE-2023-31024 - CVE‑2024-0112

NemoClaw Prompt Injection AI Sandbox Security NVIDIA Physical AI CES 2026, Jetson T4000 robotics hardware NVIDIA AI Security, Isaac Lab RCE NVIDIA Driver RCE, CVE-2025-23309 NVIDIA Triton, AI Server Vulnerabilities CVE-2023-31029 & CVE-2023-31024 - CVE‑2024-0112

CVE-2024-0112: NVIDIA Patches High-Severity Vulnerability in Jetson and IGX Orin Platforms

Do Son February 12, 2025

NVIDIA has issued a security bulletin announcing a software update for its Jetson AGX Orin series, including...

GitLab Patches High-Severity XSS Flaw (CVE-2025-0376) and Other Security Flaws in Latest Release CVE-2024-9164 - CVE-2025-0376 GitLab Wiki XSS, Session Hijack Flaw

CVE-2024-9164 - CVE-2025-0376 GitLab Wiki XSS, Session Hijack Flaw

GitLab Patches High-Severity XSS Flaw (CVE-2025-0376) and Other Security Flaws in Latest Release

Do Son February 12, 2025

GitLab has issued a security advisory, urging users to update their installations immediately to address a range...

Chrome Patches Four High-Severity Vulnerabilities in Latest Stable Channel Update CVE-2025-0995

Chrome Patches Four High-Severity Vulnerabilities in Latest Stable Channel Update

Do Son February 12, 2025

In a update for desktop users, Google has released Chrome version 133.0.6943.98/.99 for Windows and Mac, and...

Chinese Hackers Suspected in Ivanti CSA Attacks: Webshells and Lateral Movement Detected Sources and related content Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Chinese Hackers Suspected in Ivanti CSA Attacks: Webshells and Lateral Movement Detected Sources and related content

Do Son February 12, 2025

A series of critical vulnerabilities affecting Ivanti Cloud Service Appliance (CSA) 4.6 have been actively exploited in...

CVE-2025-22467 (CVSS 9.9): Ivanti Connect Secure Vulnerability Allows Remote Code Execution CVE-2024-37404 - CVE-2025-22467

CVE-2025-22467 (CVSS 9.9): Ivanti Connect Secure Vulnerability Allows Remote Code Execution

Do Son February 11, 2025

Ivanti has disclosed multiple vulnerabilities affecting its Connect Secure, Policy Secure, and Secure Access Client products, with...

CVE-2025-24016 (CVSS 9.9): Critical RCE Vulnerability Discovered in Wazuh Server

Do Son February 11, 2025

Wazuh, a leading provider of open-source security solutions, has issued a critical security advisory regarding a remote...

CVE-2024-12366: Prompt Injection in PandasAI Enables Full System Compromise

Do Son February 11, 2025

A newly disclosed security vulnerability in PandasAI, an open-source AI-powered data analysis library by SinaptikAI, exposes users...

CVE-2025-24032, CVE-2025-24531, and More: Critical Flaws in PAM-PKCS#11 Expose Linux Authentication to Attackers

Do Son February 11, 2025

The PAM-PKCS#11 login module, a widely used tool for X.509 certificate-based user login on Linux systems, has...