Vulnerability Archives • Page 45 of 190 • Daily CyberSecurity

CVE-2024-43707: Kibana Patches High Severity Vulnerability Exposing Sensitive Information CVE-2024-43707 Kibana vulnerability Prototype pollution CVE-2025-25014

CVE-2024-43707 Kibana vulnerability Prototype pollution CVE-2025-25014

CVE-2024-43707: Kibana Patches High Severity Vulnerability Exposing Sensitive Information

Do Son January 23, 2025

Kibana, the popular open-source data visualization and exploration tool, has released a security update addressing two vulnerabilities,...

phpMyAdmin Patches XSS Vulnerabilities in Latest Release phpMyAdmin Vulnerabilities

phpMyAdmin Patches XSS Vulnerabilities in Latest Release

Do Son January 23, 2025

phpMyAdmin, a popular web-based tool for managing MySQL and MariaDB databases, has addressed two cross-site scripting (XSS)...

CVE-2024-7029 and CVE-2017-17215 Exploited in Latest Murdoc Botnet Attacks FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

CVE-2024-7029 and CVE-2017-17215 Exploited in Latest Murdoc Botnet Attacks

Do Son January 23, 2025

The Qualys Threat Research Unit has unveiled an extensive campaign involving a new variant of the infamous...

CVE-2025-23006 (CVSS 9.8): SonicWall Warns of Active Exploits, Issues Urgent Update for SMA1000 Users SonicWall Security Advisory SonicOS Patch 2026 CVE-2025-23006 SonicWall, SMA 100 Vulnerabilities

CVE-2025-23006 (CVSS 9.8): SonicWall Warns of Active Exploits, Issues Urgent Update for SMA1000 Users

Do Son January 23, 2025

SonicWall has issued an urgent security advisory warning of a critical vulnerability in its SMA1000 Appliance Management...

CVE-2025-0314: GitLab Releases Patch for XSS Exploit GitLab AI Gateway Vulnerability CVE-2026-1868 CVE-2025-0314 GitLab Security Update CVE-2025-9222

CVE-2025-0314: GitLab Releases Patch for XSS Exploit

Do Son January 23, 2025

GitLab has issued a important security update addressing several vulnerabilities, including a high severity cross-site scripting (XSS)...

CISA and FBI Warn of Exploited Ivanti CSA Vulnerabilities in Joint Security Advisory OCRFix Botnet EtherHiding CrowdStrike supply chain attack Ivanti CSA Vulnerabilities

OCRFix Botnet EtherHiding CrowdStrike supply chain attack Ivanti CSA Vulnerabilities

CISA and FBI Warn of Exploited Ivanti CSA Vulnerabilities in Joint Security Advisory

Do Son January 22, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a...

CVE-2025-20156 (CVSS 9.9): Cisco Meeting Management Flaw Allows for Privilege Escalation

Do Son January 22, 2025

Cisco has issued a security advisory addressing a critical privilege escalation vulnerability (CVE-2025-20156) in its Meeting Management...

Signal and Discord Vulnerabilities Exposed: 0-Click Deanonymization Attack Revealed deanonymization attack - cache geolocation attack

Signal and Discord Vulnerabilities Exposed: 0-Click Deanonymization Attack Revealed

Do Son January 22, 2025

Security researcher Daniel, also known as hackermondev, has revealed an 0-click deanonymization attack capable of exposing user...

Mercedes-Benz MBUX Vulnerabilities: User Data and Safety at Risk mercedes-benz-2692776_1280

Mercedes-Benz MBUX Vulnerabilities: User Data and Safety at Risk

Do Son January 22, 2025

Kaspersky Labs has unveiled critical vulnerabilities in the Mercedes-Benz User Experience (MBUX) infotainment system, shedding light on...

Proof-of-Concept Found for ClamAV DoS Flaw: CVE-2025-20128

Do Son January 22, 2025

Cisco has issued a security advisory detailing a vulnerability in the Object Linking and Embedding 2 (OLE2)...

Security Update for Chrome: Protect Against CVE-2025-0611 and CVE-2025-0612

Do Son January 22, 2025

Google has released a important security update for its Chrome web browser, addressing three vulnerabilities, two of...

CVE-2024-12857: Critical Flaw in AdForest Theme Allows Complete Account Takeover, Thousands of Sites at Risk

Do Son January 21, 2025

A severe security flaw (CVE-2024-12857) has been discovered in the AdForest WordPress theme, a popular premium classified...

CVE-2025-23083: Node.js Vulnerability Exposes Sensitive Data and Resources CVE-2025-23083 - Node.js EOL

CVE-2025-23083: Node.js Vulnerability Exposes Sensitive Data and Resources

Do Son January 21, 2025

The Node.js project has released updates to address several security vulnerabilities, including a high-severity flaw that could...

Critical Apache Ambari Security Vulnerabilities Discovered: What You Need to Know CVE-2025-23195, CVE-2025-23196, and CVE-2024-51941

Critical Apache Ambari Security Vulnerabilities Discovered: What You Need to Know

Do Son January 21, 2025

Critical flaws in the popular Hadoop management platform leave systems open to remote code execution and data...

CVE-2024-52320 and More: Planet Switches Expose Networks to Attack Screenshot 2025-01-20 161709

CVE-2024-52320 and More: Planet Switches Expose Networks to Attack

Do Son January 21, 2025

In a recent report from Claroty researcher Tomer Goldschmidt, three critical vulnerabilities were uncovered in the Planet...

NTLMv1 Group Policy Bypass Discovered: A Wake-Up Call for Active Directory Administrators Screenshot 2025-01-18 164933

NTLMv1 Group Policy Bypass Discovered: A Wake-Up Call for Active Directory Administrators

Do Son January 21, 2025

Research from Silverfort has revealed a significant flaw in the Group Policy mechanism used to disable the...

CVE-2025-0411: 7-Zip Security Vulnerability Enables Code Execution – Update Now 7-Zip heap buffer overflow CVE-2025-0411 7-Zip path traversal

CVE-2025-0411: 7-Zip Security Vulnerability Enables Code Execution – Update Now

Do Son January 20, 2025

Popular file archiver, 7-Zip, contained a flaw that could have allowed attackers to slip malware past Windows’...

TP-Link Vulnerability: PoC Exploit for CVE-2024-54887 Reveals Remote Code Execution Risks CVE-2024-54887 PoC exploit

TP-Link Vulnerability: PoC Exploit for CVE-2024-54887 Reveals Remote Code Execution Risks

Do Son January 20, 2025

Security researcher Joward has published an in-depth analysis and Proof of Concept (PoC) exploit for a critical...

CVE-2025-22146 (CVSS 9.1): Critical Sentry Vulnerability Allowed Account Takeovers

Do Son January 20, 2025

A recently patched vulnerability in popular error tracking and performance monitoring platform Sentry could have allowed attackers...

IBM Sterling Secure Proxy Faces Multiple Critical Vulnerabilities: A Call for Immediate Action CVE-2024-41783 & CVE-2024-38337

IBM Sterling Secure Proxy Faces Multiple Critical Vulnerabilities: A Call for Immediate Action

Do Son January 20, 2025

IBM has disclosed multiple critical vulnerabilities affecting its Sterling Secure Proxy (SSP), a critical solution for secure...