Vulnerability Archives • Page 52 of 190 • Daily CyberSecurity

Weaponizing Windows Defender: New Attack Bypasses EDR killing Endpoint Detection and Response

Weaponizing Windows Defender: New Attack Bypasses EDR

Do Son December 24, 2024

Researchers Jonathan Beierle and Logan Goins have uncovered a novel offensive tactic leveraging Microsoft’s Windows Defender Application...

CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor Discovered in Palo Alto Devices Cisco VPN Zero-Day, ASA Vulnerability Ivanti Vulnerabilities Wing FTP Server, RCE Exploit CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor

Cisco VPN Zero-Day, ASA Vulnerability Ivanti Vulnerabilities Wing FTP Server, RCE Exploit CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor

CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor Discovered in Palo Alto Devices

Do Son December 24, 2024

Northwave Cyber Security has identified a sophisticated backdoor, LITTLELAMB.WOOLTEA, targeting Palo Alto Networks firewalls. The backdoor was...

CVE-2024-23945: Serious Vulnerability in Apache Hive and Spark Could Lead to Exploitation

Do Son December 24, 2024

A newly disclosed vulnerability, CVE-2024-23945, with a CVSS score of 8.7, has been identified in Apache Hive...

PoC Exploit Released for CVE-2024-30085: Windows Elevation of Privilege Vulnerability CVE-2024-30085 PoC exploit

PoC Exploit Released for CVE-2024-30085: Windows Elevation of Privilege Vulnerability

Do Son December 23, 2024

Security researcher Alex Birnberg with SSD Secure Disclosure published the technical details and a proof-of-concept (PoC) exploit...

CVE-2024-12828 (CVSS 9.9): Webmin Vulnerability Leaves a Million Servers Exposed to RCE CVE-2024-12828 CVE-2025-2774 Webmin vulnerability

CVE-2024-12828 (CVSS 9.9): Webmin Vulnerability Leaves a Million Servers Exposed to RCE

Do Son December 23, 2024

The popular web-based system administration tool, Webmin, has been found to harbor a critical security vulnerability (CVE-2024-12828)...

CVE-2024-56334: Command Injection Flaw Exposes Millions of Node.js Systems to Attack

Do Son December 23, 2024

A severe command injection vulnerability (CVE-2024-56334) has been identified in the widely used Node.js system information package,...

CVE-2024-53552 (CVSS 9.8): CrushFTP Flaw Exposes Users to Account Takeover CVE-2024-53552 CrushFTP vulnerability, SSRF

CVE-2024-53552 (CVSS 9.8): CrushFTP Flaw Exposes Users to Account Takeover

Do Son December 23, 2024

CrushFTP, a popular file transfer server known for its robust features and user-friendly interface, has issued an...

PoC Exploit Emerges for Adobe ColdFusion CVE-2024-53961—Apply Security Updates Now

Do Son December 23, 2024

Adobe has released urgent security updates to address a critical vulnerability in ColdFusion versions 2023 and 2021....

CVE-2021-44207: Vulnerability in Acclaim USAHERDS Actively Exploited, CISA Warns FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

CVE-2021-44207: Vulnerability in Acclaim USAHERDS Actively Exploited, CISA Warns

Do Son December 23, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has raised the alarm on a critical security flaw...

CVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability Tomcat Security Update CVE-2026-24733 CVE-2023-41081 -CVE-2024-56337

CVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability

Do Son December 22, 2024

The Apache Software Foundation recently released a critical security update to address a remote code execution (RCE)...

CVE-2024-56145 (CVSS 9.3): Remote Code Execution Vulnerability in Craft CMS, PoC Published CVE-2024-56145 PoC

CVE-2024-56145 (CVSS 9.3): Remote Code Execution Vulnerability in Craft CMS, PoC Published

Do Son December 22, 2024

Security researchers at Assetnote have disclosed a critical vulnerability (CVE-2024-56145) in Craft CMS, a widely-used PHP-based content...

DigiEver DVR Vulnerability Under Attack by Hail Cock Botnet

Do Son December 22, 2024

Akamai Security Intelligence Research Team (SIRT) has uncovered a vulnerability in DigiEver DS-2105 Pro DVRs is being...

CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics CVE-2024-51466 and CVE-2024-40695

CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics

Do Son December 21, 2024

IBM has disclosed two severe vulnerabilities in its Cognos Analytics platform that could compromise sensitive data and...

Critical Flaws in Rockwell Automation PowerMonitor 1000 Devices: CVSS Scores Hit 9.8/10 Rockwell Automation ThinManager ThinServer CVE-2024-7988 CVE-2025-1449

Rockwell Automation ThinManager ThinServer CVE-2024-7988 CVE-2025-1449

Critical Flaws in Rockwell Automation PowerMonitor 1000 Devices: CVSS Scores Hit 9.8/10

Do Son December 20, 2024

Rockwell Automation has issued a critical security advisory highlighting three severe vulnerabilities affecting its PowerMonitor 1000 devices....

CVE-2024-12727 and More: Sophos Issues Urgent Firewall Security Update CVE-2024-12727 CVE-2024-12728 CVE-2024-12729

CVE-2024-12727 and More: Sophos Issues Urgent Firewall Security Update

Do Son December 19, 2024

Sophos has announced the resolution of three critical security vulnerabilities affecting its Sophos Firewall product, a widely...

PoC Exploit Released for Databricks Remote Code Execution Vulnerability CVE-2024-49194 CVE-2024-49194 PoC

PoC Exploit Released for Databricks Remote Code Execution Vulnerability CVE-2024-49194

Do Son December 19, 2024

A newly discovered vulnerability in the Databricks JDBC Driver (CVE-2024-49194) could allow attackers to remotely execute code...

CVE-2024-49576 and CVE-2024-47810: Foxit Addresses Remote Code Execution Flaws

Do Son December 19, 2024

Foxit has released a crucial security update for its widely used Foxit PDF Reader and Foxit PDF...

CVE-2024-49775 (CVSS 9.8): Critical Vulnerability in Siemens UMC Exposes Systems to Remote Exploitation ROS# Path Traversal CVE-2026-41551 Siemens SIMATIC Auth Bypass, CVE-2025-40771 CVE-2024-22039 & CVE-2024-49775 CVE-2024-56336

ROS# Path Traversal CVE-2026-41551 Siemens SIMATIC Auth Bypass, CVE-2025-40771 CVE-2024-22039 & CVE-2024-49775 CVE-2024-56336

CVE-2024-49775 (CVSS 9.8): Critical Vulnerability in Siemens UMC Exposes Systems to Remote Exploitation

Do Son December 19, 2024

Siemens has disclosed a critical heap-based buffer overflow vulnerability (CVE-2024-49775) in its User Management Component (UMC), a...

Kaspersky Uncovers Active Exploitation of Fortinet Vulnerability CVE-2023-48788 FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207