Vulnerability Archives • Page 47 of 190 • Daily CyberSecurity

Critical Vulnerability in Rasa Framework Enables Remote Code Execution (CVE-2024-49375)

Do Son January 15, 2025

A critical-severity vulnerability (CVE-2024-49375) has been identified in the popular open-source Rasa framework. This flaw, which carries...

CVE-2025-23042 (CVSS 9.1): Gradio Patches Critical ACL Bypass Flaw in Popular Machine Learning Platform

Do Son January 15, 2025

Gradio, a popular open-source Python library for creating machine learning demos and web applications, has recently patched...

CVE-2024-9042: Code Execution Vulnerability Found in Kubernetes Windows Nodes CVE-2024-9042 ingress-nginx Vulnerability CVE-2026-4342

CVE-2024-9042: Code Execution Vulnerability Found in Kubernetes Windows Nodes

Do Son January 15, 2025

A recently discovered security vulnerability, CVE-2024-9042, poses a significant risk to Kubernetes clusters running Windows worker nodes....

CVE-2024-7344: Howyar Reloader Vulnerability Exposes UEFI Systems to Unsigned Software Threats

Do Son January 15, 2025

A recent vulnerability note from CERT/CC has exposed a significant security flaw in the Howyar Reloader UEFI...

13,000 MikroTik Routers Hijacked for Global Malspam Operation CloudComputating - QSC framework

13,000 MikroTik Routers Hijacked for Global Malspam Operation

Do Son January 15, 2025

A recent report from Infoblox Threat Intel highlights a sophisticated botnet operation leveraging a simple DNS misconfiguration...

CVE-2025-20055 (CVSS 9.8): Critical Vulnerability Threatens STEALTHONE Storage

Do Son January 15, 2025

JPCERT/CC has issued a warning regarding multiple vulnerabilities affecting STEALTHONE D220, D340, and D440 network storage servers,...

CVE-2024-12365: Popular WordPress Caching Plugin Exposes Millions of Sites to Attack

Do Son January 15, 2025

Over a million WordPress websites are at risk due to a high-severity vulnerability discovered in the popular...

Unveiling Zero-Day Behavior in PDF Samples: The Risk of NTLM Information Leaks

Do Son January 15, 2025

In a recent revelation, EXPMON has reported a previously unknown “zero-day behavior” in certain PDF samples, leading...

Veeam Releases Patch for High-Risk SSRF Vulnerability CVE-2025-23082 in Azure Backup Solution CVE-2024-29212 - CVE-2025-23082 Veeam Backup & Replication CVE-2025-59470

Veeam Releases Patch for High-Risk SSRF Vulnerability CVE-2025-23082 in Azure Backup Solution

Do Son January 15, 2025

Veeam, a prominent player in data management and backup solutions, has recently disclosed a critical vulnerability in...

CVE-2023-37936 (CVSS 9.6): Urgent Patch Needed for FortiSwitch Vulnerability FortiSandbox Vulnerability Unauthenticated RCE FortiClient EMS Vulnerability CVE-2026-21643 FortiClient EMS Vulnerability CVE-2026-21643 CVE-2023-34992 - CVE-2023-37936 Fortinet Vulnerabilities CVE-2025-64155

FortiSandbox Vulnerability Unauthenticated RCE FortiClient EMS Vulnerability CVE-2026-21643 FortiClient EMS Vulnerability CVE-2026-21643 CVE-2023-34992 - CVE-2023-37936 Fortinet Vulnerabilities CVE-2025-64155

CVE-2023-37936 (CVSS 9.6): Urgent Patch Needed for FortiSwitch Vulnerability

Do Son January 15, 2025

Fortinet has issued patches to address a critical security vulnerability (CVE-2023-37936, CVSS 9.6) affecting its FortiSwitch product...

CVE-2024-12084 (CVSS 9.8) – Code Execution Risk: Rsync Vulnerability Demands Immediate Patching

Do Son January 14, 2025

Rsync, a widely-used file synchronization tool, has been found to harbor six vulnerabilities affecting versions 3.3.0 and...

“PlugX” Malware Deleted from Thousands of Computers in Global Operation Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

“PlugX” Malware Deleted from Thousands of Computers in Global Operation

Do Son January 14, 2025

In a decisive move against Chinese state-sponsored cyber espionage, the U.S. Department of Justice (DOJ) and FBI,...

Ivanti Endpoint Manager Patches Critical Security Vulnerabilities CVE-2023-38036 - CVE-2024-10811

Ivanti Endpoint Manager Patches Critical Security Vulnerabilities

Do Son January 14, 2025

Ivanti has issued a security advisory addressing multiple critical and high-severity vulnerabilities in its Endpoint Manager (EPM)...

CVE-2025-0147: Zoom Fixes High-Severity Security Flaw

Do Son January 14, 2025

Zoom has released six security bulletin addressing several vulnerabilities across its product ecosystem, ranging in severity from...

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

Fortinet FortiGate Firewalls Targeted in Sophisticated Campaign Exploiting Management Interfaces

Do Son January 14, 2025

A new report from Arctic Wolf Labs reveals a concerning campaign targeting publicly exposed management interfaces on...

Chrome 132 Arrives: 16 Security Fixes in Latest Stable Release

Do Son January 14, 2025

The Chrome team has rolled out Chrome 132 to the stable channel, offering critical updates for Windows,...

Microsoft’s January 2025 Patch Tuesday Fixes 159 Vulnerabilities, Including 10 Critical and 8 Zero-Days Driver Cleanup CVE-2024-49138 - December Patch Tuesday Windows update errors, Windows update troubleshooting

Driver Cleanup CVE-2024-49138 - December Patch Tuesday Windows update errors, Windows update troubleshooting

Microsoft’s January 2025 Patch Tuesday Fixes 159 Vulnerabilities, Including 10 Critical and 8 Zero-Days

Do Son January 14, 2025

Microsoft delivers its first Patch Tuesday of 2025 with a robust security update addressing a wide range...

SimpleHelp Urgents to Patch Critical Security Vulnerabilities Screenshot 2025-01-14 222456

SimpleHelp Urgents to Patch Critical Security Vulnerabilities

Do Son January 14, 2025

Security researcher Naveen Sunkavally of Horizon3.ai has identified critical vulnerabilities in SimpleHelp, a popular remote support software...

Active Exploitation of CVE-2024-55591 (CVSS 9.6): FortiOS and FortiProxy Under Threat BeyondTrust Vulnerability CVE-2026-1731 UPBIT $369M Hack CVE-2024-55591 Ivanti VPN vulnerability, cyber espionage