Vulnerability Archives • Page 46 of 190 • Daily CyberSecurity

OWASP Unveils Top 10 Smart Contract Vulnerabilities for 2025

OWASP Unveils Top 10 Smart Contract Vulnerabilities for 2025

Do Son January 20, 2025

The Open Web Application Security Project (OWASP) has released its updated list of the top 10 vulnerabilities...

Oracle’s January 2025 Critical Patch Update: Addressing 320 Security Vulnerabilities Oracle Critical Patch Update 2025

Oracle’s January 2025 Critical Patch Update: Addressing 320 Security Vulnerabilities

Do Son January 20, 2025

Oracle has released its Critical Patch Update Pre-Release Announcement for January 2025, providing advance notice of the...

ChatGPT Crawler Vulnerability: DDoS Attacks via HTTP Requests

Do Son January 20, 2025

The behavior of ChatGPT’s web crawler can be exploited through a discovered vulnerability: under specific query conditions,...

Zero-Day Vulnerability in Windows Exploited: CVE-2024-49138 PoC Code Released

Do Son January 19, 2025

Security researcher MrAle_98 recently published a proof-of-concept (PoC) exploit for a zero-day vulnerability, CVE-2024-49138. This flaw, which...

CVE-2025-2306 (CVSS 9.0): Mongoose Flaw Leaves Millions of Downloads Exposed to Search Injection

Do Son January 19, 2025

A newly discovered vulnerability in Mongoose, a popular MongoDB object modeling tool, could leave millions of users...

Critical Vulnerabilities in QNX Software Development Platform Image Codecs Expose Systems to Attacks

Do Son January 19, 2025

BlackBerry’s QNX Software Development Platform (SDP), a widely used real-time operating system in safety-critical industries, is the...

CVE-2024-12297 (CVSS 9.2): Critical Authorization Vulnerability in Moxa EDS-508A Series Moxa Hard-Coded Credentials, Critical JWT Bypass CVE-2024-9137 and CVE-2024-9139 - CVE-2024-12297 CVE-2024-7695 CVE-2024-9404 CVE-2024-12297 CVE-2025-0415

Moxa Hard-Coded Credentials, Critical JWT Bypass CVE-2024-9137 and CVE-2024-9139 - CVE-2024-12297 CVE-2024-7695 CVE-2024-9404 CVE-2024-12297 CVE-2025-0415

CVE-2024-12297 (CVSS 9.2): Critical Authorization Vulnerability in Moxa EDS-508A Series

Do Son January 18, 2025

Moxa has issued a security advisory detailing CVE-2024-12297 (CVSS 9.2), a critical vulnerability in its EDS-508A Series...

CL-UNK-0979 Exploit Zero-Day Flaw in Ivanti Connect Secure to Gain Access to Networks PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

CL-UNK-0979 Exploit Zero-Day Flaw in Ivanti Connect Secure to Gain Access to Networks

Do Son January 18, 2025

Palo Alto Networks has issued a detailed threat briefing on two critical vulnerabilities in Ivanti products—CVE-2025-0282 and...

CVE-2025-0107: PoC Exploit Code Released for Palo Alto Expedition RCE Flaw Undertow Vulnerability CVE-2025-12543 CVE-2025-0107: PoC Exploit Code Undersea Cable Security, China Tech Ban

Undertow Vulnerability CVE-2025-12543 CVE-2025-0107: PoC Exploit Code Undersea Cable Security, China Tech Ban

CVE-2025-0107: PoC Exploit Code Released for Palo Alto Expedition RCE Flaw

Do Son January 17, 2025

Security researchers published the technical details and a proof-of-concept (PoC) exploit code for CVE-2025-0107, a vulnerability in...

CVE-2024-53691: PoC Exploit Released for Severe QNAP RCE Flaw CVE-2024-53691 PoC exploit

CVE-2024-53691: PoC Exploit Released for Severe QNAP RCE Flaw

Do Son January 16, 2025

Security researcher c411e published a proof-of-concept (PoC) exploit code for a severe vulnerability in QNAP NAS devices,...

Yubico Addresses Authentication Bypass Vulnerability CVE-2025-23013 in pam-u2f Package

Do Son January 16, 2025

Yubico, a leading provider of security keys and authentication solutions, has issued a security advisory to address...

HPE Aruba Networking Addresses Security Vulnerabilities in AOS Systems CVE-2024-26305 _ CVE-2025-23058 Aruba 5G Core Open Redirect

HPE Aruba Networking Addresses Security Vulnerabilities in AOS Systems

Do Son January 16, 2025

HPE Aruba Networking has issued a security advisory addressing multiple vulnerabilities in its ArubaOS (AOS) systems, which...

AWS Patches Vulnerabilities in WorkSpaces, AppStream 2.0, and DCV Clients WorkSpaces Token Leak, Local Privilege Escalation CVE-2025-0500 & CVE-2025-0501

WorkSpaces Token Leak, Local Privilege Escalation CVE-2025-0500 & CVE-2025-0501

AWS Patches Vulnerabilities in WorkSpaces, AppStream 2.0, and DCV Clients

Do Son January 16, 2025

Amazon recently issued a security advisory regarding two vulnerabilities affecting specific versions of its native clients for...

CVE-2024-52281: Rancher Vulnerability Exposes Users to Stored XSS Attacks CVE-2024-52281 Rancher CLI Vulnerability CVE-2025-67601

CVE-2024-52281: Rancher Vulnerability Exposes Users to Stored XSS Attacks

Do Son January 16, 2025

A severe vulnerability (CVE-2024-52281) has been discovered in Rancher, an open-source container management platform widely used for...

NVIDIA acquisition rumors NVIDIA AI Security AI Framework Vulnerabilities Nvidia 595.76 Hotfix NVIDIA Megatron Bridge vulnerability GPU vs ASIC AI battle NVIDIA Driver Vulnerability CVE-2025-33217 NVIDIA biggest TSMC customer 2026, NVIDIA vs Apple TSMC revenue share NVIDIA CUDA Toolkit CVE-2025-33228 Groq NVIDIA licensing deal, Jonathan Ross acquihire 2025 NeMo Code Injection, AI Framework RCE NVIDIA App Privilege Escalation, CVE-2025-23358 NVIDIA Security Update, DLS Vulnerability CVE-2025-23316 NVIDIA NVDebug, vulnerabilities NVIDIA Driver Vulnerabilities, vGPU Security Nvidia Jetson, UEFI Vulnerabilities CVE-2024-0130 - CVE-2024-0136 CVE-2024-0148 NVIDIA Driver Support, Windows 10 EOL

NVIDIA Releases Security Update for Container Toolkit and GPU Operator

Do Son January 16, 2025

NVIDIA has released a security update to address multiple vulnerabilities in its Container Toolkit and GPU Operator...

CVE-2024-9636: Popular WordPress Plugin ComboBlocks Exposes Thousands of Sites to Complete Takeover

Do Son January 16, 2025

A critical vulnerability in the popular WordPress plugin, formerly known as Post Grid and now ComboBlocks, has...

PoC Exploit Released for Ivanti Connect Secure Flaw CVE-2025-0282 Used in Attacks Salt Typhoon Teleco Hack, Cisco Academy Link CVE-2025-0282 PoC exploit

Salt Typhoon Teleco Hack, Cisco Academy Link CVE-2025-0282 PoC exploit

PoC Exploit Released for Ivanti Connect Secure Flaw CVE-2025-0282 Used in Attacks

Do Son January 16, 2025

watchTowr Labs published a detailed analysis of the vulnerability and a proof-of-concept (PoC) exploit for CVE-2025-0282, a...

New Tunneling Protocol Vulnerabilities Expose 4.2 Million Hosts to Cyberattacks

Do Son January 16, 2025

A report by security researcher Mathy Vanhoef, in collaboration with Top10VPN, has revealed critical vulnerabilities in widely-used...

Microsoft Patches Outlook Zero-Click: CVE-2025-21298 Exploits RCE via Emails Smart App Control blocking Armoury Crate, ROG Ally Defender false positive 2026 Microsoft Zero-Day, Cloud Files UAF Microsoft Access end of life CVE-2025-21298 Azure Vulnerabilities

Smart App Control blocking Armoury Crate, ROG Ally Defender false positive 2026 Microsoft Zero-Day, Cloud Files UAF Microsoft Access end of life CVE-2025-21298 Azure Vulnerabilities

Microsoft Patches Outlook Zero-Click: CVE-2025-21298 Exploits RCE via Emails

Do Son January 15, 2025

Microsoft has addressed a critical vulnerability (CVE-2025-21298) in its latest 2025 Patch Tuesday update. This flaw, rated...

ECOVACS Patches Critical WiFi RCE Vulnerability CVE-2024-42911 in Deebot Robot Vacuums

Do Son January 15, 2025

ECOVACS Robotics has addressed a critical remote code execution (RCE) vulnerability affecting its Deebot series robot vacuums....