Vulnerability Archives • Page 52 of 190 • Daily CyberSecurity

CVE-2024-53552 (CVSS 9.8): CrushFTP Flaw Exposes Users to Account Takeover CVE-2024-53552 CrushFTP vulnerability, SSRF

CVE-2024-53552 (CVSS 9.8): CrushFTP Flaw Exposes Users to Account Takeover

Ddos December 23, 2024

CrushFTP, a popular file transfer server known for its robust features and user-friendly interface, has issued an...

PoC Exploit Emerges for Adobe ColdFusion CVE-2024-53961—Apply Security Updates Now

Ddos December 23, 2024

Adobe has released urgent security updates to address a critical vulnerability in ColdFusion versions 2023 and 2021....

CVE-2021-44207: Vulnerability in Acclaim USAHERDS Actively Exploited, CISA Warns FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

CVE-2021-44207: Vulnerability in Acclaim USAHERDS Actively Exploited, CISA Warns

Ddos December 23, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has raised the alarm on a critical security flaw...

CVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability Tomcat Security Update CVE-2026-24733 CVE-2023-41081 -CVE-2024-56337

CVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability

Ddos December 22, 2024

The Apache Software Foundation recently released a critical security update to address a remote code execution (RCE)...

CVE-2024-56145 (CVSS 9.3): Remote Code Execution Vulnerability in Craft CMS, PoC Published CVE-2024-56145 PoC

CVE-2024-56145 (CVSS 9.3): Remote Code Execution Vulnerability in Craft CMS, PoC Published

Ddos December 22, 2024

Security researchers at Assetnote have disclosed a critical vulnerability (CVE-2024-56145) in Craft CMS, a widely-used PHP-based content...

DigiEver DVR Vulnerability Under Attack by Hail Cock Botnet

Ddos December 22, 2024

Akamai Security Intelligence Research Team (SIRT) has uncovered a vulnerability in DigiEver DS-2105 Pro DVRs is being...

CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics CVE-2024-51466 and CVE-2024-40695

CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics

Ddos December 21, 2024

IBM has disclosed two severe vulnerabilities in its Cognos Analytics platform that could compromise sensitive data and...

Critical Flaws in Rockwell Automation PowerMonitor 1000 Devices: CVSS Scores Hit 9.8/10 Rockwell Automation ThinManager ThinServer CVE-2024-7988 CVE-2025-1449

Rockwell Automation ThinManager ThinServer CVE-2024-7988 CVE-2025-1449

Critical Flaws in Rockwell Automation PowerMonitor 1000 Devices: CVSS Scores Hit 9.8/10

Ddos December 20, 2024

Rockwell Automation has issued a critical security advisory highlighting three severe vulnerabilities affecting its PowerMonitor 1000 devices....

CVE-2024-12727 and More: Sophos Issues Urgent Firewall Security Update CVE-2024-12727 CVE-2024-12728 CVE-2024-12729

CVE-2024-12727 and More: Sophos Issues Urgent Firewall Security Update

Ddos December 19, 2024

Sophos has announced the resolution of three critical security vulnerabilities affecting its Sophos Firewall product, a widely...

PoC Exploit Released for Databricks Remote Code Execution Vulnerability CVE-2024-49194 CVE-2024-49194 PoC

PoC Exploit Released for Databricks Remote Code Execution Vulnerability CVE-2024-49194

Ddos December 19, 2024

A newly discovered vulnerability in the Databricks JDBC Driver (CVE-2024-49194) could allow attackers to remotely execute code...

CVE-2024-49576 and CVE-2024-47810: Foxit Addresses Remote Code Execution Flaws

Ddos December 19, 2024

Foxit has released a crucial security update for its widely used Foxit PDF Reader and Foxit PDF...

CVE-2024-49775 (CVSS 9.8): Critical Vulnerability in Siemens UMC Exposes Systems to Remote Exploitation ROS# Path Traversal CVE-2026-41551 Siemens SIMATIC Auth Bypass, CVE-2025-40771 CVE-2024-22039 & CVE-2024-49775 CVE-2024-56336

ROS# Path Traversal CVE-2026-41551 Siemens SIMATIC Auth Bypass, CVE-2025-40771 CVE-2024-22039 & CVE-2024-49775 CVE-2024-56336

CVE-2024-49775 (CVSS 9.8): Critical Vulnerability in Siemens UMC Exposes Systems to Remote Exploitation

Ddos December 19, 2024

Siemens has disclosed a critical heap-based buffer overflow vulnerability (CVE-2024-49775) in its User Management Component (UMC), a...

Kaspersky Uncovers Active Exploitation of Fortinet Vulnerability CVE-2023-48788 FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

Kaspersky Uncovers Active Exploitation of Fortinet Vulnerability CVE-2023-48788

Ddos December 19, 2024

In a recent investigation, Kaspersky’s Global Emergency Response Team (GERT) uncovered active exploitation of a patched vulnerability...

CVE-2023-34990 (CVSS 9.8): Critical Security Flaw Found in Fortinet FortiWLM CVE-2023-45590

CVE-2023-34990 (CVSS 9.8): Critical Security Flaw Found in Fortinet FortiWLM

Ddos December 18, 2024

Fortinet, a leading cybersecurity vendor, has issued urgent advisories regarding several critical vulnerabilities affecting its popular products,...

CVE-2024-51479: Next.js Authorization Bypass Vulnerability Affects Millions of Developers

Ddos December 18, 2024

A recently disclosed security vulnerability in Next.js, a popular React framework used by millions of developers worldwide,...

VIPKeyLogger: A New Infostealer Targeting Sensitive Data via Phishing Campaigns UAT-8099 BadIIS Malware Pacific Islands Forum Cyberattack

VIPKeyLogger: A New Infostealer Targeting Sensitive Data via Phishing Campaigns

Ddos December 18, 2024

Forcepoint researchers have uncovered an alarming rise in activity involving a new infostealer malware named VIPKeyLogger. Distributed...

Azure Key Vault Vulnerability: Exploiting Role Misconfigurations for Privilege Escalation Azure outage, Front Door Microsoft Azure Surveillance, Gaza Call Records Red Sea cables, Azure outage MFA enforcement Azure outage, Red Sea cables Azure Key Vault Azure, Surveillance

Azure outage, Front Door Microsoft Azure Surveillance, Gaza Call Records Red Sea cables, Azure outage MFA enforcement Azure outage, Red Sea cables Azure Key Vault Azure, Surveillance

Azure Key Vault Vulnerability: Exploiting Role Misconfigurations for Privilege Escalation

Ddos December 18, 2024

Datadog Security Labs has uncovered a potential privilege escalation method in Azure Key Vault that could grant...

CVE-2024-10205: Critical Authentication Bypass Flaw Found in Hitachi Infrastructure Analytics Advisor and Ops Center Analyzer

Ddos December 18, 2024

Hitachi Vantara has disclosed a critical authentication bypass vulnerability (CVE-2024-10205) affecting its Infrastructure Analytics Advisor and Ops...

CVE-2024-12356 (CVSS 9.8): Critical Vulnerability in BeyondTrust PRA and RS Enables Remote Code Execution BeyondTrust Vulnerability CVE-2026-1731 CVE-2024-12356 - CVE-2025-0889 BeyondTrust Privilege Escalation, Windows Security

CVE-2024-12356 (CVSS 9.8): Critical Vulnerability in BeyondTrust PRA and RS Enables Remote Code Execution

Ddos December 18, 2024

A critical command injection vulnerability (CVE-2024-12356) has been discovered in BeyondTrust’s Privileged Remote Access (PRA) and Remote...

Data Exfiltration and RCE Risks Found in Azure Data Factory’s Airflow Integration Azure Data Factory Apache Airflow - Dirty DAG vulnerabilities

Azure Data Factory Apache Airflow - Dirty DAG vulnerabilities

Data Exfiltration and RCE Risks Found in Azure Data Factory’s Airflow Integration

Ddos December 18, 2024

Unit 42 researchers have uncovered multiple vulnerabilities in Azure Data Factory’s managed Apache Airflow integration, potentially enabling...

Critical Alert 1 Active Exploit Detected Today