Vulnerability Archives • Page 50 of 190 • Daily CyberSecurity

Vulnerability Overload: 40,000+ CVEs in 2024 CVE 2024

Vulnerability Overload: 40,000+ CVEs in 2024

Do Son January 6, 2025

Security researcher Jerry Gamblin has released his annual CVE data review. 2024 saw an unprecedented surge in...

CVE-2024-43452: PoC Exploit Released for Windows Elevation of Privilege Bug CVE-2024-43452 PoC exploit

CVE-2024-43452: PoC Exploit Released for Windows Elevation of Privilege Bug

Do Son January 5, 2025

Security researchers published the technical details and a proof-of-concept (PoC) exploit code for CVE-2024-43452 (CVSS 7.5), a...

CVE-2024-9138 and CVE-2024-9140 (CVSS 9.8): Moxa Calls for Immediate Security Action Moxa Linux kernel vulnerabilities Moxa Vulnerability CVE-2024-12297 Moxa OpenSSH Vulnerability CVE-2023-38408 CVE-2023-5961 - CVE-2024-9138 and CVE-2024-9140

Moxa Linux kernel vulnerabilities Moxa Vulnerability CVE-2024-12297 Moxa OpenSSH Vulnerability CVE-2023-38408 CVE-2023-5961 - CVE-2024-9138 and CVE-2024-9140

CVE-2024-9138 and CVE-2024-9140 (CVSS 9.8): Moxa Calls for Immediate Security Action

Do Son January 5, 2025

Moxa, a leading provider of industrial networking and communication solutions, has issued a security advisory warning of...

GoCD Patches Critical Vulnerability Allowing User Privilege Escalation GoCD vulnerability

GoCD Patches Critical Vulnerability Allowing User Privilege Escalation

Do Son January 5, 2025

Open-source CI/CD platform GoCD has released an urgent security update to address a critical vulnerability, CVE-2024-56320 (CVSS...

CVE-2024-10957 Exposes Over 3 Million WordPress Sites to Unauthenticated PHP Object Injection Exploits WordPress POP chain attack - CVE-2024-10957

WordPress POP chain attack - CVE-2024-10957

CVE-2024-10957 Exposes Over 3 Million WordPress Sites to Unauthenticated PHP Object Injection Exploits

Do Son January 4, 2025

A newly discovered vulnerability in the UpdraftPlus Backup & Migration Plugin, used by over 3 million WordPress...

Next.js Patches Denial-of-Service Vulnerability (CVE-2024-56332) in Server Actions CVE-2024-56332 - CVE-2025-29927 Next.js, Cache Poisoning

Next.js Patches Denial-of-Service Vulnerability (CVE-2024-56332) in Server Actions

Do Son January 3, 2025

The popular React framework, Next.js, has addressed a security vulnerability that could have allowed attackers to launch...

CVE-2024-56513: Karmada Vulnerability Grants Attackers Control of Kubernetes Systems

Do Son January 3, 2025

A high-severity vulnerability (CVE-2024-56513) has been identified in Karmada (Kubernetes Armada), a management platform designed to facilitate...

CVE-2025-22275 (CVSS 9.3): iTerm2 Patches Critical Security Flaw Exposing User Input and Output iTerm2 vulnerability

CVE-2025-22275 (CVSS 9.3): iTerm2 Patches Critical Security Flaw Exposing User Input and Output

Do Son January 2, 2025

A critical security vulnerability, tracked as CVE-2025-22275 (CVSS 9.3) has been discovered and patched in iTerm2, a...

SysBumps: Breaking Kernel Address Space Layout Randomization on macOS for Apple Silicon DarkSword exploit kit iOS 18.7.7 security update CVE-2024-44308 & CVE-2024-44309 Apple appeal, Epic Games lawsuit

DarkSword exploit kit iOS 18.7.7 security update CVE-2024-44308 & CVE-2024-44309 Apple appeal, Epic Games lawsuit

SysBumps: Breaking Kernel Address Space Layout Randomization on macOS for Apple Silicon

Do Son January 2, 2025

In a recent study, researchers from Korea University have unveiled “SysBumps,” the first successful Kernel Address Space...

Patched But Still Vulnerable: Windows BitLocker Encryption Bypassed Again Bypass Windows BitLocker - CVE-2023-21563

Patched But Still Vulnerable: Windows BitLocker Encryption Bypassed Again

Do Son January 2, 2025

A revelation emerged from the Chaos Communication Congress (CCC) last week, shaking the foundations of Windows’ trusted...

CVE-2024-12912 & CVE-2024-13062: ASUS Routers at Risk ASUS CVE-2025-13348 File Shredder Removal ASUS LPE Flaw CVE-2025-59373 ASUS Armoury Crate vulnerability Asus CVE Numbering Authority - CVE-2024-12912 and CVE-2024-13062 AMI BMC vulnerability, CVE-2024-54085

CVE-2024-12912 & CVE-2024-13062: ASUS Routers at Risk

Do Son January 2, 2025

ASUS has issued a security advisory warning users of critical vulnerabilities affecting several router models. Two flaws,...

PoC Exploit Released for Zero-Click Vulnerability CVE-2024-49113 in Windows CVE-2024-49112 PoC exploit

PoC Exploit Released for Zero-Click Vulnerability CVE-2024-49113 in Windows

Do Son January 1, 2025

SafeBreach Labs revealed a zero-click vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service, dubbed “LDAP...

CVE-2024-12108 (CVSS 9.6) and Beyond: Progress Issues Critical Patch for WhatsUp Gold Network Monitoring Software CVE-2024-1800, CVE-2024-12108 & CVE-2024-12106

CVE-2024-1800, CVE-2024-12108 & CVE-2024-12106

CVE-2024-12108 (CVSS 9.6) and Beyond: Progress Issues Critical Patch for WhatsUp Gold Network Monitoring Software

Do Son January 1, 2025

Progress Software Corporation, a global provider of products to develop, deploy, and manage high-impact business applications, has...

New Research Reveals a Novel “Bad Likert Judge” Technique to Jailbreak LLMs Bad Likert Judge - Artificial Intelligence Diffusion

New Research Reveals a Novel “Bad Likert Judge” Technique to Jailbreak LLMs

Do Son January 1, 2025

Researchers at Unit 42 have discovered a new technique, dubbed “Bad Likert Judge,” that can bypass the...

D-Link Issues Warning on End-of-Life Routers Vulnerable to Botnet Exploits D-Link Vulnerability - End-of-Life Routers

D-Link Issues Warning on End-of-Life Routers Vulnerable to Botnet Exploits

Do Son January 1, 2025

D-Link has issued a critical advisory urging users to retire and replace several legacy router models, including...

CVE-2024-21182: PoC Exploit Code Published for Severe WebLogic Flaw IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884

IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884

CVE-2024-21182: PoC Exploit Code Published for Severe WebLogic Flaw

Do Son December 31, 2024

A security researcher published a proof-of-concept (PoC) exploit for CVE-2024-21182, a critical vulnerability in Oracle WebLogic Server....

Is Your Network at Risk? New Report Highlights Network File System Vulnerabilities

Do Son December 31, 2024

HvS-Consulting GmbH has released an insightful report shedding light on the often-overlooked vulnerabilities of the Network File...

CISA Warns of Actively Exploited Palo Alto Firewall Flaw (CVE-2024-3393) CVE-2024-3393 vulnerability

CISA Warns of Actively Exploited Palo Alto Firewall Flaw (CVE-2024-3393)

Do Son December 30, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about an actively exploited vulnerability...

CVE-2024-11944: TrueNAS CORE Vulnerability Allows Unauthenticated Attacks

Do Son December 30, 2024

A critical vulnerability has been uncovered in TrueNAS CORE, the popular open-source network-attached storage (NAS) operating system....

66,000 DrayTek Gateways Vulnerable to Remote Command Injection (CVE-2024-12987), PoC Published BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

66,000 DrayTek Gateways Vulnerable to Remote Command Injection (CVE-2024-12987), PoC Published

Do Son December 30, 2024

Security researcher Netsecfish has discovered a command injection vulnerability, tracked as CVE-2024-12987, in the web management interface...

Critical Alert 1 Active Exploit Detected Today