Vulnerability Archives • Page 59 of 190 • Daily CyberSecurity

Keycloak Patches Multiple Vulnerabilities in Latest Update Keycloak vulnerabilities Keycloak Security MFA Bypass

Keycloak Patches Multiple Vulnerabilities in Latest Update

Do Son November 26, 2024

Open-source identity and access management platform Keycloak has released important security updates to address multiple vulnerabilities, including...

Palo Alto Networks Warns of GlobalProtect App Flaw with Public Exploit Code (CVE-2024-5921) CVE-2024-5921 - CVE-2025-0103 CVE-2025-0110 PoC

Palo Alto Networks Warns of GlobalProtect App Flaw with Public Exploit Code (CVE-2024-5921)

Do Son November 25, 2024

Palo Alto Networks has issued a security advisory warning of a vulnerability in its GlobalProtect app that...

PHP Patches Multi Flaws, Including CVE-2024-8932 (CVSS 9.8), Urges Immediate Update PHP Vulnerabilities, SQLi DoS CVE-2024-8932 & CVE-2024-8929

PHP Patches Multi Flaws, Including CVE-2024-8932 (CVSS 9.8), Urges Immediate Update

Do Son November 25, 2024

The PHP development team has released urgent security updates to address multiple vulnerabilities affecting versions prior to...

Critical Vulnerabilities in QNAP Notes Station 3: Update Now to Protect Your Data CVE-2024-38643 - CVE-2024-38645 & Notes Station 3

Critical Vulnerabilities in QNAP Notes Station 3: Update Now to Protect Your Data

Do Son November 25, 2024

QNAP has issued a security advisory regarding multiple critical vulnerabilities in Notes Station 3, a popular application...

CVE-2024-10542 & CVE-2024-10781: Critical WordPress Plugin Flaw Exposes 200,000 Sites CVE-2024-10542 and CVE-2024-10781

CVE-2024-10542 & CVE-2024-10781: Critical WordPress Plugin Flaw Exposes 200,000 Sites

Do Son November 25, 2024

A recent report from the Wordfence Threat Intelligence Team has revealed two critical vulnerabilities in the Anti-Spam...

CVE-2023-28461 (CVSS 9.8): Critical Array Networks Vulnerability Added to KEV Catalog

Do Son November 25, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-28461, a high-severity security flaw impacting Array...

Made by Google, Pixel 10 Pixel 10, Qi2 Baseband Security - CVE-2024-39343 Google Tensor TSMC Pixel 10 processor

7 Android & Pixel Vulnerabilities Exposed: Researcher Publishes PoC Exploits

Do Son November 25, 2024

Oversecured, a renowned cybersecurity firm, has unearthed seven vulnerabilities within the Android operating system and Google Pixel...

CVE-2024-48860 (CVSS 9.5): Critical Flaw in QNAP QuRouter, Immediate Update Recommended QNAP QVR Pro Vulnerability CVE-2026-22898 CVE-2022-27595 - CVE-2024-48860 & CVE-2024-48861

QNAP QVR Pro Vulnerability CVE-2026-22898 CVE-2022-27595 - CVE-2024-48860 & CVE-2024-48861

CVE-2024-48860 (CVSS 9.5): Critical Flaw in QNAP QuRouter, Immediate Update Recommended

Do Son November 25, 2024

QNAP has issued a security advisory urging users of its QuRouter network appliance to update their devices...

CVE-2024-11477: 7-Zip Vulnerability Allows Remote Code Execution, Update Now!

Do Son November 24, 2024

A high-severity vulnerability (CVE-2024-11477) has been discovered in the popular file archiver 7-Zip, potentially allowing attackers to...

Fortune 1000’s Hidden Threat: 30,000 Exposed APIs and 100,000 API Vulnerabilities Unveiled API Vulnerabilities - API Exposure

Fortune 1000’s Hidden Threat: 30,000 Exposed APIs and 100,000 API Vulnerabilities Unveiled

Do Son November 24, 2024

The State of API Exposure 2024 report from the Escape team has unveiled a staggering number of...

CVE-2024-9511 (CVSS 9.8): Critical Flaw in FluentSMTP Plugin Exposes Over 300,000 WordPress Sites to Potential Takeover

Do Son November 23, 2024

A critical-severity vulnerability has been discovered in FluentSMTP, a widely used WordPress plugin designed to optimize email...

CVE-2024-8811: WinZip Flaw Allows Malicious Code Execution CVE-2024-8811 - CVE-2025-1240

CVE-2024-8811: WinZip Flaw Allows Malicious Code Execution

Do Son November 22, 2024

Security researchers have uncovered a critical vulnerability in WinZip, a widely-used file archiving tool, that could allow...

Wowza Streaming Engine Vulnerabilities Expose Thousands of Servers to Attack Wowza Streaming Engine - CVE-2024-52052

Wowza Streaming Engine Vulnerabilities Expose Thousands of Servers to Attack

Do Son November 22, 2024

Ryan Emmons, Lead Security Researcher at Rapid7, has discovered multiple vulnerabilities in Wowza Streaming Engine, a popular...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

CISA Sounds the Alarm on Actively Exploited Apple and Oracle Zero-Days

Do Son November 22, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about three actively exploited vulnerabilities...

NVIDIA Base Command Manager Update Patches CVE-2024-0138 (CVSS 9.8) NVIDIA GPU Security CUDA-Q Vulnerability NVIDIA Apex Vulnerability AI Infrastructure Security NVIDIA Cumulus Linux CVE-2025-33179 NVIDIA Arm divestment NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

NVIDIA GPU Security CUDA-Q Vulnerability NVIDIA Apex Vulnerability AI Infrastructure Security NVIDIA Cumulus Linux CVE-2025-33179 NVIDIA Arm divestment NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

NVIDIA Base Command Manager Update Patches CVE-2024-0138 (CVSS 9.8)

Do Son November 21, 2024

NVIDIA has issued a critical security update for its Base Command Manager software, addressing a vulnerability that...

CVE-2024-10126 & CVE-2024-10127: M-Files Addresses File Inclusion and Authentication Bypass Flaws

Do Son November 21, 2024

M-Files, a leading provider of information management solutions, has released security updates to address two vulnerabilities in...

Raspberry Robin’s Stealth Tactics: USB Infections, Exploits, and Advanced Obfuscation Unveiled GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

Raspberry Robin’s Stealth Tactics: USB Infections, Exploits, and Advanced Obfuscation Unveiled

Do Son November 21, 2024

Raspberry Robin, also known as Roshtyak, stands out as a highly advanced malicious downloader. Discovered in 2021,...

CVE-2024-9478 & CVE-2024-9479: upKeeper IPA Flaws Rated CVSSv4 10 Now Resolved WD Discovery Vulnerability CVE-2025-30248 binary-parser Vulnerability CVE-2026-1245 H3C RCE Vulnerability CVE-2025-60262 Telenium RCE, CVE-2025-10659 Fuel station security, ICS vulnerabilities FreePBX vulnerability CVE-2024-9478 & CVE-2024-9479 SysTrack Vulnerability, Privilege Escalation

WD Discovery Vulnerability CVE-2025-30248 binary-parser Vulnerability CVE-2026-1245 H3C RCE Vulnerability CVE-2025-60262 Telenium RCE, CVE-2025-10659 Fuel station security, ICS vulnerabilities FreePBX vulnerability CVE-2024-9478 & CVE-2024-9479 SysTrack Vulnerability, Privilege Escalation

CVE-2024-9478 & CVE-2024-9479: upKeeper IPA Flaws Rated CVSSv4 10 Now Resolved

Do Son November 21, 2024

upKeeper, a provider of privileged access management solutions, has recently addressed two critical vulnerabilities in their Instant...

Volt Typhoon: Chinese State-Sponsored APT Targets U.S. Critical Infrastructure Volt Typhoon APT group

Volt Typhoon: Chinese State-Sponsored APT Targets U.S. Critical Infrastructure

Do Son November 21, 2024

The Tenable Security Response Team has uncovered critical details about Volt Typhoon, a state-sponsored Advanced Persistent Threat...

CVE-2024-52067: Sensitive Data Exposed in Apache NiFi Debug Logs Apache NiFi RCE CVE-2026-39816 Apache NiFi Vulnerability CVE-2026-25903 Apache NiFi Deserialization, GetAsanaObject Vulnerability CVE-2024-52067 - CVE-2024-56512 CVE-2025-27017

Apache NiFi RCE CVE-2026-39816 Apache NiFi Vulnerability CVE-2026-25903 Apache NiFi Deserialization, GetAsanaObject Vulnerability CVE-2024-52067 - CVE-2024-56512 CVE-2025-27017

CVE-2024-52067: Sensitive Data Exposed in Apache NiFi Debug Logs

Do Son November 21, 2024

A newly discovered vulnerability in Apache NiFi could inadvertently expose sensitive parameter values in debug logs, potentially...

Critical Alert 2 Active Exploits Detected Today