Vulnerability Archives • Page 41 of 190 • Daily CyberSecurity

CVE-2025-24786 (CVSS 10) & CVE-2025-24787: Critical WhoDB Vulnerabilities CVE-2025-24786 & CVE-2025-24787

CVE-2025-24786 (CVSS 10) & CVE-2025-24787: Critical WhoDB Vulnerabilities

Do Son February 9, 2025

The widely used database management tool WhoDB has been found to contain two critical security vulnerabilities—a path...

CVE-2024-51547 (CVSS 9.8): Hard-Coded Credentials in ABB ASPECT

Do Son February 8, 2025

ABB has released a cybersecurity advisory warning about a critical hard-coded credentials vulnerability (CVE-2024-51547, CVSS 9.8) in...

IBM Security Verify Directory Vulnerable to Critical Security Flaw – CVE-2024-51450 (CVSS 9.1) IBM API Connect, CVE-2025-13915 IBM Privilege Escalation, CVE-2025-36356 IBM Power Systems - CVE-2024-45656 CVE-2024-49814 and CVE-2024-51450 CVE-2024-56346 and CVE-2024-56347 CVE-2025-1302

IBM API Connect, CVE-2025-13915 IBM Privilege Escalation, CVE-2025-36356 IBM Power Systems - CVE-2024-45656 CVE-2024-49814 and CVE-2024-51450 CVE-2024-56346 and CVE-2024-56347 CVE-2025-1302

IBM Security Verify Directory Vulnerable to Critical Security Flaw – CVE-2024-51450 (CVSS 9.1)

Do Son February 7, 2025

IBM has issued a security bulletin addressing two vulnerabilities in its Security Verify Directory Server Container that...

CVE-2025-0994: Critical Vulnerability in Trimble Cityworks Exploited in the Wild

Do Son February 7, 2025

Trimble, a leading provider of industrial technology solutions, has issued an urgent cybersecurity advisory regarding a critical...

CVE-2024-21413 (CVSS 9.8): Critical Outlook Flaw Under Active Attack, PoC Available CVE-2024-21413 exploit

CVE-2024-21413 (CVSS 9.8): Critical Outlook Flaw Under Active Attack, PoC Available

Do Son February 7, 2025

A critical vulnerability in Microsoft Outlook, tracked as CVE-2024-21413, is being actively exploited in the wild, posing...

NETGEAR Patches Critical Security Vulnerabilities in WiFi Routers (CVE-2025-25246) and Access Points CVE-2022-48196 NETGEAR Security Vulnerabilities

CVE-2022-48196 NETGEAR Security Vulnerabilities

NETGEAR Patches Critical Security Vulnerabilities in WiFi Routers (CVE-2025-25246) and Access Points

Do Son February 6, 2025

NETGEAR has recently issued security advisories addressing critical vulnerabilities in several of its WiFi router and access...

CVE-2024-9643 & CVE-2024-9644: Authentication Bypass in Four-Faith F3x36 Routers Puts Networks at Risk

Do Son February 6, 2025

Two newly discovered security vulnerabilities—CVE-2024-9643 and CVE-2024-9644—affecting the Four-Faith F3x36 router (firmware v2.0.0) could allow remote attackers...

Apache James Mail Server Hit by Double Denial-of-Service Vulnerabilities CVE-2024-45626 and CVE-2024-37358

Apache James Mail Server Hit by Double Denial-of-Service Vulnerabilities

Do Son February 6, 2025

The Apache James (Java Apache Mail Enterprise Server) mail server, a widely used open-source solution, has been...

HPE Aruba Networking Issues Security Updates for ClearPass Policy Manager CVE-2024-26305 _ CVE-2025-23058 Aruba 5G Core Open Redirect

HPE Aruba Networking Issues Security Updates for ClearPass Policy Manager

Do Son February 6, 2025

HPE Aruba Networking has released security updates to address multiple vulnerabilities in its ClearPass Policy Manager (CPPM)...

Vitest Vulnerability Exposes Developers to Remote Code Execution – CVE-2025-24964 (CVSS 9.7)

Do Son February 6, 2025

A critical security vulnerability (CVE-2025-24964) has been discovered in Vitest, a popular unit testing framework, which could...

Arch Linux on WSL 2: Microsoft Confirms Official Support Arch Linux WSL2

Arch Linux on WSL 2: Microsoft Confirms Official Support

Do Son February 5, 2025

The popular open-source operating system Arch Linux has recently entered into a collaboration with Microsoft, following discussions...

CVE-2025-20124 (CVSS 9.9) & CVE-2025-20125 (CVSS 9.1): Cisco Patches Critical Flaws in Identity Services Engine CVE-2025-20124 CVE-2025-20125

CVE-2025-20124 (CVSS 9.9) & CVE-2025-20125 (CVSS 9.1): Cisco Patches Critical Flaws in Identity Services Engine

Do Son February 5, 2025

Cisco has issued a security advisory addressing two critical vulnerabilities in its Identity Services Engine (ISE), a...

F5 Warns of TLS Session Resumption Vulnerability in NGINX (CVE-2025-23419) NGINX JavaScript Module Vulnerability CVE-2026-8711 NGINX 1.30.1 Security Update CVE-2026-42945 RCE NGINX Vulnerability CVE-2026-1642 NGINX Github - CVE-2025-23419

NGINX JavaScript Module Vulnerability CVE-2026-8711 NGINX 1.30.1 Security Update CVE-2026-42945 RCE NGINX Vulnerability CVE-2026-1642 NGINX Github - CVE-2025-23419

F5 Warns of TLS Session Resumption Vulnerability in NGINX (CVE-2025-23419)

Do Son February 5, 2025

F5 has issued a security advisory warning of a vulnerability in NGINX, a popular web server software....

XE Group Exploits Zero-Day Vulnerabilities in VeraCore – CVE-2024-57968 & CVE-2025-25181 Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

XE Group Exploits Zero-Day Vulnerabilities in VeraCore – CVE-2024-57968 & CVE-2025-25181

Do Son February 5, 2025

Cybersecurity researchers from Intezer and Solis Security have uncovered a dramatic shift in tactics by XE Group,...

Zyxel Routers Under Attack: Default Credentials (CVE-2025-0890) and Code Injection (CVE-2024-40891), No Patch!

Do Son February 5, 2025

Security researchers at VulnCheck have identified critical vulnerabilities in Zyxel Customer Premises Equipment (CPE), leaving countless users...

Kubernetes Policy Enforcement at Risk: OPA Gatekeeper Bypass Exposes Security Flaws Ingress-Nginx Vulnerability Kubernetes RCE Vulnerability CVE-2025-9708 Kubernetes Security, Image Builder Vulnerability CVE-2024-10220 - OPA Gatekeeper Bypass

Ingress-Nginx Vulnerability Kubernetes RCE Vulnerability CVE-2025-9708 Kubernetes Security, Image Builder Vulnerability CVE-2024-10220 - OPA Gatekeeper Bypass

Kubernetes Policy Enforcement at Risk: OPA Gatekeeper Bypass Exposes Security Flaws

Do Son February 5, 2025

A recent report from Aqua Security has uncovered significant security risks in Kubernetes policy enforcement, particularly in...

Google Security Team Uncovers AMD Microcode Vulnerability (CVE-2024-56161) AMD Microcode Vulnerability - CVE-2024-56161

Google Security Team Uncovers AMD Microcode Vulnerability (CVE-2024-56161)

Do Son February 5, 2025

A recent disclosure from the Google Security Team has revealed a high-severity vulnerability in AMD Zen-based CPUs...

Security Flaws Discovered in Apache Cassandra: Unauthorized Access, Privilege Escalation, and JMX Credential Theft

Do Son February 5, 2025

The popular open-source NoSQL database, Apache Cassandra, is facing a barrage of critical vulnerabilities, potentially exposing sensitive...

Symantec PAM Patches Critical Security Flaw – CVE-2025-24503 (CVSSv4 9.3)

Do Son February 5, 2025

Symantec has released version 4.2.1 of its Privileged Access Manager (PAM) to address multiple security vulnerabilities, including...

PoC Releases for Linux Kernel Flaw CVE-2024-36972: Double Free Flaw Enables Privilege Escalation and Container Escape

Do Son February 4, 2025

Security researchers have unveiled the technical details and a proof-of-concept (PoC) exploit for a high-severity vulnerability (CVE-2024-36972,...