Vulnerability Archives • Page 41 of 190 • Daily CyberSecurity

CVE-2024-9643 & CVE-2024-9644: Authentication Bypass in Four-Faith F3x36 Routers Puts Networks at Risk

Ddos February 6, 2025

Two newly discovered security vulnerabilities—CVE-2024-9643 and CVE-2024-9644—affecting the Four-Faith F3x36 router (firmware v2.0.0) could allow remote attackers...

Apache James Mail Server Hit by Double Denial-of-Service Vulnerabilities CVE-2024-45626 and CVE-2024-37358

Apache James Mail Server Hit by Double Denial-of-Service Vulnerabilities

Ddos February 6, 2025

The Apache James (Java Apache Mail Enterprise Server) mail server, a widely used open-source solution, has been...

HPE Aruba Networking Issues Security Updates for ClearPass Policy Manager CVE-2024-26305 _ CVE-2025-23058 Aruba 5G Core Open Redirect

HPE Aruba Networking Issues Security Updates for ClearPass Policy Manager

Ddos February 6, 2025

HPE Aruba Networking has released security updates to address multiple vulnerabilities in its ClearPass Policy Manager (CPPM)...

Vitest Vulnerability Exposes Developers to Remote Code Execution – CVE-2025-24964 (CVSS 9.7)

Ddos February 6, 2025

A critical security vulnerability (CVE-2025-24964) has been discovered in Vitest, a popular unit testing framework, which could...

Arch Linux on WSL 2: Microsoft Confirms Official Support Arch Linux WSL2

Arch Linux on WSL 2: Microsoft Confirms Official Support

Ddos February 5, 2025

The popular open-source operating system Arch Linux has recently entered into a collaboration with Microsoft, following discussions...

CVE-2025-20124 (CVSS 9.9) & CVE-2025-20125 (CVSS 9.1): Cisco Patches Critical Flaws in Identity Services Engine CVE-2025-20124 CVE-2025-20125

CVE-2025-20124 (CVSS 9.9) & CVE-2025-20125 (CVSS 9.1): Cisco Patches Critical Flaws in Identity Services Engine

Ddos February 5, 2025

Cisco has issued a security advisory addressing two critical vulnerabilities in its Identity Services Engine (ISE), a...

F5 Warns of TLS Session Resumption Vulnerability in NGINX (CVE-2025-23419) NGINX JavaScript Module Vulnerability CVE-2026-8711 NGINX 1.30.1 Security Update CVE-2026-42945 RCE NGINX Vulnerability CVE-2026-1642 NGINX Github - CVE-2025-23419

NGINX JavaScript Module Vulnerability CVE-2026-8711 NGINX 1.30.1 Security Update CVE-2026-42945 RCE NGINX Vulnerability CVE-2026-1642 NGINX Github - CVE-2025-23419

F5 Warns of TLS Session Resumption Vulnerability in NGINX (CVE-2025-23419)

Ddos February 5, 2025

F5 has issued a security advisory warning of a vulnerability in NGINX, a popular web server software....

XE Group Exploits Zero-Day Vulnerabilities in VeraCore – CVE-2024-57968 & CVE-2025-25181 Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

XE Group Exploits Zero-Day Vulnerabilities in VeraCore – CVE-2024-57968 & CVE-2025-25181

Ddos February 5, 2025

Cybersecurity researchers from Intezer and Solis Security have uncovered a dramatic shift in tactics by XE Group,...

Zyxel Routers Under Attack: Default Credentials (CVE-2025-0890) and Code Injection (CVE-2024-40891), No Patch!

Ddos February 5, 2025

Security researchers at VulnCheck have identified critical vulnerabilities in Zyxel Customer Premises Equipment (CPE), leaving countless users...

Kubernetes Policy Enforcement at Risk: OPA Gatekeeper Bypass Exposes Security Flaws Ingress-Nginx Vulnerability Kubernetes RCE Vulnerability CVE-2025-9708 Kubernetes Security, Image Builder Vulnerability CVE-2024-10220 - OPA Gatekeeper Bypass

Ingress-Nginx Vulnerability Kubernetes RCE Vulnerability CVE-2025-9708 Kubernetes Security, Image Builder Vulnerability CVE-2024-10220 - OPA Gatekeeper Bypass

Kubernetes Policy Enforcement at Risk: OPA Gatekeeper Bypass Exposes Security Flaws

Ddos February 5, 2025

A recent report from Aqua Security has uncovered significant security risks in Kubernetes policy enforcement, particularly in...

Google Security Team Uncovers AMD Microcode Vulnerability (CVE-2024-56161) AMD Microcode Vulnerability - CVE-2024-56161

Google Security Team Uncovers AMD Microcode Vulnerability (CVE-2024-56161)

Ddos February 5, 2025

A recent disclosure from the Google Security Team has revealed a high-severity vulnerability in AMD Zen-based CPUs...

Security Flaws Discovered in Apache Cassandra: Unauthorized Access, Privilege Escalation, and JMX Credential Theft

Ddos February 5, 2025

The popular open-source NoSQL database, Apache Cassandra, is facing a barrage of critical vulnerabilities, potentially exposing sensitive...

Symantec PAM Patches Critical Security Flaw – CVE-2025-24503 (CVSSv4 9.3)

Ddos February 5, 2025

Symantec has released version 4.2.1 of its Privileged Access Manager (PAM) to address multiple security vulnerabilities, including...

PoC Releases for Linux Kernel Flaw CVE-2024-36972: Double Free Flaw Enables Privilege Escalation and Container Escape

Ddos February 4, 2025

Security researchers have unveiled the technical details and a proof-of-concept (PoC) exploit for a high-severity vulnerability (CVE-2024-36972,...

CVE-2025-23114 (CVSS 9.0): Critical Veeam Backup Vulnerability Enables Remote Code Execution CVE-2024-29849 - CVE-2025-23114

CVE-2025-23114 (CVSS 9.0): Critical Veeam Backup Vulnerability Enables Remote Code Execution

Ddos February 4, 2025

A critical vulnerability (CVE-2025-23114, CVSS 9.0) has been discovered in the Veeam Updater component, a core part...

Google Fixes High-Severity Chrome Vulnerabilities (CVE-2025-0444 & CVE-2025-0445) Chrome 133 - CVE-2025-0444 & CVE-2025-0445

Google Fixes High-Severity Chrome Vulnerabilities (CVE-2025-0444 & CVE-2025-0445)

Ddos February 4, 2025

The Chrome team has just unleashed version 133 onto the stable channel for Windows, Mac, and Linux,...

CISA Flags Four Actively Exploited Security Vulnerabilities in KEV Catalog CISA KEV Update, Cisco Zero-Day KEV Vulnerabilities

CISA Flags Four Actively Exploited Security Vulnerabilities in KEV Catalog

Ddos February 4, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four critical security vulnerabilities to its Known...

Threat Actors Exploit CVE-2019-18935 to Gain Remote Access and Elevate Privileges

Ddos February 4, 2025

The eSentire Threat Response Unit (TRU) has reported that threat actors are actively exploiting a six-year-old vulnerability,...

CVE-2025-0411: 7-Zip Vulnerability Exploited in Attacks on Ukraine CVE-2025-0411 PoC exploit - Homoglyph Attacks

CVE-2025-0411: 7-Zip Vulnerability Exploited in Attacks on Ukraine

Ddos February 4, 2025

A new report from the Zero Day Initiative (ZDI) Threat Hunting team reveals that Ukrainian organizations have...

Privilege Escalation in Active Directory Domain Services: CVE-2025-21293 Exploit Revealed with PoC Code

Ddos February 3, 2025

A newly disclosed elevation of privilege vulnerability (CVE-2025-21293) in Active Directory Domain Services (AD DS) has been...

Critical Alert 1 Active Exploit Detected Today