Vulnerability Archives • Page 55 of 190 • Daily CyberSecurity

CVE-2024-11274: GitLab Vulnerability Exposes User Accounts GitLab Security Update CVE-2025-7659 CVE-2024-5655 GitLab Vulnerabilities, XSS & Data Exposure

GitLab Security Update CVE-2025-7659 CVE-2024-5655 GitLab Vulnerabilities, XSS & Data Exposure

CVE-2024-11274: GitLab Vulnerability Exposes User Accounts

Do Son December 11, 2024

GitLab has issued an important security update addressing a range of vulnerabilities affecting multiple versions of its...

CVE-2024-53247: Splunk Secure Gateway App Vulnerability Allows Remote Code Execution

Do Son December 11, 2024

A critical vulnerability has been discovered in the Splunk Secure Gateway app that could allow a low-privileged...

CVE-2020-12271 Exploited: FBI Seeks Chinese Hacker Behind 81,000 Device Breach CVE 2020-12271 - Guan Tianfeng

CVE-2020-12271 Exploited: FBI Seeks Chinese Hacker Behind 81,000 Device Breach

Do Son December 11, 2024

The US Department of Justice announced the unsealing of an indictment against Guan Tianfeng, a Chinese national...

CVE-2024-11639 (CVSS 10) – Critical Flaw in Ivanti Cloud Services Application: Immediate Patch Recommended CVE-2023-35081 & CVE-2024-11639

CVE-2024-11639 (CVSS 10) – Critical Flaw in Ivanti Cloud Services Application: Immediate Patch Recommended

Do Son December 10, 2024

Ivanti, a leading provider of IT management and security solutions, has released critical security updates for the...

Ivanti Connect Secure and Policy Secure Updates Address Critical Vulnerabilities Ivanti EPMM security updates Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Ivanti EPMM security updates Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Ivanti Connect Secure and Policy Secure Updates Address Critical Vulnerabilities

Do Son December 10, 2024

Ivanti, a leader in unified endpoint and enterprise service management, has issued patches for several high and...

Researcher Details CVE-2024-44131 – A Critical TCC Bypass in macOS and iOS Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

Researcher Details CVE-2024-44131 – A Critical TCC Bypass in macOS and iOS

Do Son December 10, 2024

Jamf Threat Labs has identified a vulnerability in Apple’s Transparency, Consent, and Control (TCC) security framework. Designated...

CVE-2024-52335 (CVSS 9.8): Siemens Healthineers Addresses Critical Flaw in Medical Imaging Software CVE-2024-52335 HylaFAX, AvantFAX vulnerability

CVE-2024-52335 HylaFAX, AvantFAX vulnerability

CVE-2024-52335 (CVSS 9.8): Siemens Healthineers Addresses Critical Flaw in Medical Imaging Software

Do Son December 10, 2024

Siemens Healthineers has released a critical security update to address an unauthenticated SQL injection vulnerability in its...

Exploiting CDN Integrations: A WAF Bypass Threatening Global Web Applications Foomuuri Vulnerability CVE-2025-67603 bypass WAF protections

Exploiting CDN Integrations: A WAF Bypass Threatening Global Web Applications

Do Son December 10, 2024

In a recently disclosed analysis, Zafran’s research team has unveiled a pervasive misconfiguration vulnerability affecting some of...

Apache Superset Patches Multi Security Flaws in Latest Release CVE-2024-53947, CVE-2024-53948, and CVE-2024-53949

Apache Superset Patches Multi Security Flaws in Latest Release

Do Son December 10, 2024

The Apache Software Foundation has announced the release of Apache Superset 4.1.0, an important update that addresses...

Schneider Electric Warns of Critical Flaw in Modicon Controllers – CVE-2024-11737 (CVSS 9.8) CVE-2024-8884 & CVE-2024-11737 Schneider Electric, Critical Vulnerabilities

CVE-2024-8884 & CVE-2024-11737 Schneider Electric, Critical Vulnerabilities

Schneider Electric Warns of Critical Flaw in Modicon Controllers – CVE-2024-11737 (CVSS 9.8)

Do Son December 10, 2024

Schneider Electric has issued a security notification warning of a critical vulnerability affecting its Modicon M241, M251,...

Microsoft Addresses Critical Zero-Day CVE-2024-49138 & 72 Additional Flaws in December Patch Tuesday Driver Cleanup CVE-2024-49138 - December Patch Tuesday Windows update errors, Windows update troubleshooting

Driver Cleanup CVE-2024-49138 - December Patch Tuesday Windows update errors, Windows update troubleshooting

Microsoft Addresses Critical Zero-Day CVE-2024-49138 & 72 Additional Flaws in December Patch Tuesday

Do Son December 10, 2024

Microsoft has released its December 2024 Patch Tuesday security update, addressing a total of 73 vulnerabilities across...

Google Chrome Patches High-Severity Vulnerabilities – CVE-2024-12381 & CVE-2024-12382

Do Son December 10, 2024

Google has announced its Chrome browser’s latest stable channel update, addressing several security vulnerabilities, including two classified...

CVE-2024-47578 (CVSS 9.1): SAP Issues Critical Patch for NetWeaver AS for JAVA SAP Security Patches CVE-2026-27685 SAP Security Update CVE-2026-0488 CVE-2024-47578 - CVE-2025-0070 and CVE-2025-0066

SAP Security Patches CVE-2026-27685 SAP Security Update CVE-2026-0488 CVE-2024-47578 - CVE-2025-0070 and CVE-2025-0066

CVE-2024-47578 (CVSS 9.1): SAP Issues Critical Patch for NetWeaver AS for JAVA

Do Son December 10, 2024

SAP’s latest Security Patch Day, released today, detailed 10 new Security Notes alongside updates to three previously...

CVE-2024-50623: Critical Vulnerability in Cleo Software Actively Exploited in the Wild PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

CVE-2024-50623: Critical Vulnerability in Cleo Software Actively Exploited in the Wild

Do Son December 10, 2024

Huntress Labs has raised the alarm over the active exploitation of a critical vulnerability (CVE-2024-50623) in Cleo’s...

CVE-2024-54143: Critical Vulnerability in OpenWrt’s Attended SysUpgrade Server Allows for Firmware Poisoning SysUpgrade Server - CVE-2024-54143

CVE-2024-54143: Critical Vulnerability in OpenWrt’s Attended SysUpgrade Server Allows for Firmware Poisoning

Do Son December 9, 2024

OpenWrt, a popular open-source operating system for embedded devices, has disclosed a critical vulnerability (CVE-2024-54143) that could...

CVE-2024-11205: WPForms Plugin Vulnerability Impacts 6 Million WordPress Sites

Do Son December 9, 2024

A critical vulnerability (CVE-2024-11205) discovered in WPForms, a prevalent WordPress form builder plugin with over 6 million...

CVE-2024-12254: CPython Flaw Could Lead to Memory Exhaustion in asyncio Applications Python Security Memory Safety PLY Vulnerability CVE-2025-56005 Python Software Foundation, NSF DEI CVE-2024-12254

Python Security Memory Safety PLY Vulnerability CVE-2025-56005 Python Software Foundation, NSF DEI CVE-2024-12254

CVE-2024-12254: CPython Flaw Could Lead to Memory Exhaustion in asyncio Applications

Do Son December 9, 2024

A high-severity vulnerability (CVE-2024-12254) has been discovered in CPython, the reference implementation of the Python programming language....

CVE-2024-55579 & CVE-2024-55580: Qlik Sense Users Face Serious Security Risk

Do Son December 8, 2024

Qlik, a leading provider of business intelligence and data analytics platforms, has disclosed two vulnerabilities affecting Qlik...

CVE-2024-55563: Transaction-Relay Jamming Vulnerability Poses Threat to Bitcoin Lightning Network CVE-2024-55563 - transaction-relay jamming attack

CVE-2024-55563 - transaction-relay jamming attack

CVE-2024-55563: Transaction-Relay Jamming Vulnerability Poses Threat to Bitcoin Lightning Network

Do Son December 8, 2024

A recently disclosed vulnerability, identified as CVE-2024-55563, has revealed a critical security risk within the Bitcoin network’s...

Windows Zero-Day Vulnerability CVE-2024-38193 Exploited in the Wild: PoC Published

Do Son December 8, 2024

A critical use-after-free vulnerability, identified as CVE-2024-38193, has been discovered in the afd.sys Windows driver. This vulnerability,...

Critical Alert 2 Active Exploits Detected Today