Vulnerability Archives • Page 44 of 190 • Daily CyberSecurity

CVE-2025-24085: Apple Patches Actively Exploited Zero-Day Vulnerability Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

CVE-2025-24085: Apple Patches Actively Exploited Zero-Day Vulnerability

Ddos January 27, 2025

Apple has rushed out emergency security updates for iOS, iPadOS, macOS, tvOS, watchOS, and visionOS to address...

Apache Solr Vulnerabilities CVE-2024-52012 and CVE-2025-24814 Expose Systems to File Write and Code Execution Risks CVE-2025-24814 & CVE-2025-24814

Apache Solr Vulnerabilities CVE-2024-52012 and CVE-2025-24814 Expose Systems to File Write and Code Execution Risks

Ddos January 27, 2025

The Apache Solr project, known for its highly reliable and scalable search platform, has released a security...

PoC for 7-Zip CVE-2025-0411 Lets Attackers Bypass MotW and Run Malicious Code CVE-2025-0411 PoC exploit - Homoglyph Attacks

PoC for 7-Zip CVE-2025-0411 Lets Attackers Bypass MotW and Run Malicious Code

Ddos January 26, 2025

Security researcher Dhmos Funk has released a proof-of-concept (PoC) exploit for CVE-2025-0411 (CVSS 7.0), a high-severity vulnerability...

Podman and Buildah Vulnerable to Container Breakout – CVE-2024-11218

Ddos January 26, 2025

A high-severity vulnerability has been discovered in Podman and Buildah, popular containerization tools. The flaw, tracked as...

CVE-2024-52975 (CVSS 9.0): Fleet Server Update Patches Critical Information Exposure Vulnerability

Ddos January 26, 2025

Elastic has released a critical security update for Fleet Server, a key component of its Elastic Agent...

Zyxel Vulnerability Exploited by Helldown Ransomware Group

Ddos January 26, 2025

The YIR Team (Yarix Incident Response Team), led by incident responder Claudio Vozza, has detailed a recent...

Intel Trust Domain Extensions Vulnerability

Researchers Expose Critical Isolation Vulnerability in Intel Trust Domain Extensions (TDX)

Ddos January 26, 2025

A recent study conducted by a collaborative team of researchers from IIT Kharagpur and Intel Corporation has...

Palo Alto Networks Firewalls Exposed: BootHole and Other Critical Flaws Uncovered BootHole Vulnerability

Palo Alto Networks Firewalls Exposed: BootHole and Other Critical Flaws Uncovered

Ddos January 26, 2025

Eclypsium researchers have uncovered multiple critical vulnerabilities in several Palo Alto Networks (PAN) next-generation firewalls (NGFWs). This...

Subaru’s STARLINK Vulnerability: How Hackers Could Track and Control Vehicles Subaru STARLINK Vulnerability

Subaru’s STARLINK Vulnerability: How Hackers Could Track and Control Vehicles

Ddos January 26, 2025

Security researchers Sam Curry and Shubham Shah revealed a critical vulnerability in Subaru’s STARLINK connected vehicle service,...

CVE-2024-50050: Critical Security Flaw in Meta’s Llama-Stack Framework PoC-exploit

CVE-2024-50050: Critical Security Flaw in Meta’s Llama-Stack Framework

Ddos January 25, 2025

The Oligo Research team has identified a critical vulnerability, CVE-2024-50050, within Meta’s Llama-Stack, a popular open-source framework...

Critical Flaw CVE-2024-53299 in Apache Wicket: Memory Leak Flaw Exposes Web Apps to DoS Attacks

Ddos January 25, 2025

Apache Wicket, the popular Java-based web application framework, has been found vulnerable to a critical security flaw...

Popular WordPress Real Estate Theme Vulnerable to Complete Site Takeover, No Patch CVE-2024-32444 & CVE-2024-32555

Popular WordPress Real Estate Theme Vulnerable to Complete Site Takeover, No Patch

Ddos January 24, 2025

A popular WordPress theme used by real estate websites has been found to contain critical security vulnerabilities...

CVE-2024-43468 (CVSS 9.8): Microsoft Configuration Manager Exploit Revealed with PoC Code CVE-2024-43468 PoC exploit

CVE-2024-43468 (CVSS 9.8): Microsoft Configuration Manager Exploit Revealed with PoC Code

Ddos January 23, 2025

Security researcher Mehdi Elyassa from Synacktiv published the technical details and a proof-of-concept (PoC) exploit code for...

CVE-2025-21535 (CVSS 9.8): Vulnerability in Oracle WebLogic Server Could Lead to Remote Code Execution CVE-2025-21535 Oracle EBS RCE, CVE-2025-61882

CVE-2025-21535 (CVSS 9.8): Vulnerability in Oracle WebLogic Server Could Lead to Remote Code Execution

Ddos January 23, 2025

Oracle has issued a critical security advisory addressing a high-severity vulnerability in WebLogic Server, identified as CVE-2025-21535....

CVE-2024-43707: Kibana Patches High Severity Vulnerability Exposing Sensitive Information CVE-2024-43707 Kibana vulnerability Prototype pollution CVE-2025-25014

CVE-2024-43707 Kibana vulnerability Prototype pollution CVE-2025-25014

CVE-2024-43707: Kibana Patches High Severity Vulnerability Exposing Sensitive Information

Ddos January 23, 2025

Kibana, the popular open-source data visualization and exploration tool, has released a security update addressing two vulnerabilities,...

phpMyAdmin Patches XSS Vulnerabilities in Latest Release phpMyAdmin Vulnerabilities

phpMyAdmin Patches XSS Vulnerabilities in Latest Release

Ddos January 23, 2025

phpMyAdmin, a popular web-based tool for managing MySQL and MariaDB databases, has addressed two cross-site scripting (XSS)...

CVE-2024-7029 and CVE-2017-17215 Exploited in Latest Murdoc Botnet Attacks FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

CVE-2024-7029 and CVE-2017-17215 Exploited in Latest Murdoc Botnet Attacks

Ddos January 23, 2025

The Qualys Threat Research Unit has unveiled an extensive campaign involving a new variant of the infamous...

CVE-2025-23006 (CVSS 9.8): SonicWall Warns of Active Exploits, Issues Urgent Update for SMA1000 Users SonicWall Security Advisory SonicOS Patch 2026 CVE-2025-23006 SonicWall, SMA 100 Vulnerabilities

CVE-2025-23006 (CVSS 9.8): SonicWall Warns of Active Exploits, Issues Urgent Update for SMA1000 Users

Ddos January 23, 2025

SonicWall has issued an urgent security advisory warning of a critical vulnerability in its SMA1000 Appliance Management...

CVE-2025-0314: GitLab Releases Patch for XSS Exploit GitLab AI Gateway Vulnerability CVE-2026-1868 CVE-2025-0314 GitLab Security Update CVE-2025-9222

CVE-2025-0314: GitLab Releases Patch for XSS Exploit

Ddos January 23, 2025

GitLab has issued a important security update addressing several vulnerabilities, including a high severity cross-site scripting (XSS)...

CISA and FBI Warn of Exploited Ivanti CSA Vulnerabilities in Joint Security Advisory OCRFix Botnet EtherHiding CrowdStrike supply chain attack Ivanti CSA Vulnerabilities

OCRFix Botnet EtherHiding CrowdStrike supply chain attack Ivanti CSA Vulnerabilities

CISA and FBI Warn of Exploited Ivanti CSA Vulnerabilities in Joint Security Advisory

Ddos January 22, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a...

Critical Alert 1 Active Exploit Detected Today