Vulnerability Archives • Page 70 of 190 • Daily CyberSecurity

CVE-2024-9137 (CVSS 9.4) in Moxa’s Cellular Routers and Security Appliances: Immediate Patching Required Moxa Hard-Coded Credentials, Critical JWT Bypass CVE-2024-9137 and CVE-2024-9139 - CVE-2024-12297 CVE-2024-7695 CVE-2024-9404 CVE-2024-12297 CVE-2025-0415

Moxa Hard-Coded Credentials, Critical JWT Bypass CVE-2024-9137 and CVE-2024-9139 - CVE-2024-12297 CVE-2024-7695 CVE-2024-9404 CVE-2024-12297 CVE-2025-0415

CVE-2024-9137 (CVSS 9.4) in Moxa’s Cellular Routers and Security Appliances: Immediate Patching Required

Do Son October 14, 2024

In a recently disclosed security advisory, Moxa has revealed two critical vulnerabilities affecting its cellular routers, secure...

CVE-2024-9921 (CVSS 9.8): Critical Flaw Found in Popular Business Collaboration Tool Team+ CVE-2024-9921 - Team+

CVE-2024-9921 (CVSS 9.8): Critical Flaw Found in Popular Business Collaboration Tool Team+

Do Son October 14, 2024

In a recent vulnerability note issued by TWCERT/CC (Taiwan Computer Emergency Response Team / Coordination Center), three...

Popular Java Security Framework ‘pac4j’ Vulnerable to RCE (CVE-2023-25581) CVE-2023-25581 - pac4j

Popular Java Security Framework ‘pac4j’ Vulnerable to RCE (CVE-2023-25581)

Do Son October 13, 2024

A new analysis by security researcher Michael Stepankin (@artsploit) of the GitHub Security Lab (GHSL) has uncovered...

$50,000 Bounty: Researcher Reveals Critical Zendesk Email Spoofing Flaw (CVE-2024-49193)

Do Son October 13, 2024

In a detailed analysis by security researcher Daniel, a serious vulnerability in Zendesk’s email management system, tracked...

Bitcoin Core Vulnerability (CVE-2024-35202) Enables Remote Node Crashes Bitcoin Core Node Crash CVE-2024-52911 CVE-2024-35202 - Bitcoin Core

Bitcoin Core Vulnerability (CVE-2024-35202) Enables Remote Node Crashes

Do Son October 13, 2024

A high-severity vulnerability, tracked as CVE-2024-35202 and assigned a CVSS v3.0 base score of 7.5, has been...

GitHub Enterprise Server Patches Critical Security Flaw – CVE-2024-9487 (CVSS 9.5) CVE-2024-9487 - CVE-2025-23369 PoC

GitHub Enterprise Server Patches Critical Security Flaw – CVE-2024-9487 (CVSS 9.5)

Do Son October 13, 2024

GitHub has released security updates to address two vulnerabilities in GitHub Enterprise Server, one of which could...

Thousands of Fortinet Devices Remain Exposed to RCE CVE-2024-23113 Vulnerability

Do Son October 13, 2024

A recent report from the Shadowserver Foundation has revealed a concerning number of Fortinet devices remain vulnerable...

Apache Roller Patches CSRF Flaw CVE-2024-46911 in Latest Update Apache Roller - CVE-2024-46911

Apache Roller Patches CSRF Flaw CVE-2024-46911 in Latest Update

Do Son October 13, 2024

The Apache Software Foundation has released a security update for Apache Roller, a popular Java-based blogging platform....

Plane Project Management Tool Patches Critical SSRF Flaw – CVE-2024-47830 (CVSS 9.3) project management tool - CVE-2024-47830

Plane Project Management Tool Patches Critical SSRF Flaw – CVE-2024-47830 (CVSS 9.3)

Do Son October 13, 2024

A critical security vulnerability has been discovered and patched in Plane, a popular open-source project management tool....

Suspected Nation-State Adversary Exploits Ivanti CSA in a Series of Sophisticated Attacks hackerbot-claw campaign Cisco RCE Exploit CVE-2026-20045 SonicWall VPN, Akira Ransomware Nobelium Apache Tomcat, Apache Camel

hackerbot-claw campaign Cisco RCE Exploit CVE-2026-20045 SonicWall VPN, Akira Ransomware Nobelium Apache Tomcat, Apache Camel

Suspected Nation-State Adversary Exploits Ivanti CSA in a Series of Sophisticated Attacks

Do Son October 12, 2024

Fortinet’s FortiGuard Labs recently released a detailed analysis of a sophisticated cyberattack targeting the Ivanti Cloud Services...

CVE-2024-9180: HashiCorp Vault Vulnerability Could Lead to Privilege Escalation Vault LDAP Bypass, Terraform Insecure Default Vault Community Edition - CVE-2024-9180

Vault LDAP Bypass, Terraform Insecure Default Vault Community Edition - CVE-2024-9180

CVE-2024-9180: HashiCorp Vault Vulnerability Could Lead to Privilege Escalation

Do Son October 12, 2024

HashiCorp has issued a security bulletin disclosing a vulnerability in its Vault secret management platform that could...

Mozilla Confirms Active Attacks on Tor Browser via Firefox Vulnerability Firefox Vulnerability Tor CGO Encryption Tor1 Protocol Vulnerability

Firefox Vulnerability Tor CGO Encryption Tor1 Protocol Vulnerability

Mozilla Confirms Active Attacks on Tor Browser via Firefox Vulnerability

Do Son October 11, 2024

Mozilla has issued an urgent security update for its Firefox browser to address a critical vulnerability that...

NSA, FBI, and Allies Expose Ongoing Russian Cyber Espionage Operations Cyber Operations Messaging App Security State-Sponsored Hijacking

NSA, FBI, and Allies Expose Ongoing Russian Cyber Espionage Operations

Do Son October 11, 2024

Recently, the National Security Agency (NSA), Federal Bureau of Investigation (FBI), the United States Cyber Command’s Cyber...

CISA Warns of F5 BIG-IP Cookie Exploitation F5 BIG-IP Hunt Electronic DVR, Critical Vulnerability

CISA Warns of F5 BIG-IP Cookie Exploitation

Do Son October 11, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert warning organizations about a vulnerability...

Fog & Akira Ransomware Exploit Critical Veeam RCE Flaw CVE-2024-40711 After PoC Release

Do Son October 10, 2024

In a recent alert, Sophos X-Ops MDR and Incident Response revealed a surge in ransomware attacks exploiting...

Multiple Vulnerabilities Found in SonicWall SSL-VPN SMA1000 and Connect Tunnel Windows Client SonicWall SSL-VPN SMA1000 - CVE-2024-45316

Multiple Vulnerabilities Found in SonicWall SSL-VPN SMA1000 and Connect Tunnel Windows Client

Do Son October 10, 2024

SonicWall has released security updates to address multiple vulnerabilities affecting its SMA 1000 series SSL-VPN appliances and...

CVE-2024-9465 (CVSS 9.2) SQLi Flaw in Palo Alto Expedition Revealed: Full Exploit & PoC Published CVE-2024-9465 PoC exploit

CVE-2024-9465 (CVSS 9.2) SQLi Flaw in Palo Alto Expedition Revealed: Full Exploit & PoC Published

Do Son October 10, 2024

A critical vulnerability, CVE-2024-9465, has been discovered in Palo Alto Networks’ Expedition tool by security researcher Zach...

Zyxel Devices Targeted by Malicious Actors: Urgent Firmware Update Required Zyxel security - Mitel MiCollab Vulnerability

Zyxel Devices Targeted by Malicious Actors: Urgent Firmware Update Required

Do Son October 10, 2024

A recent security announcement from security researcher Serhii Boiarynov at the Zyxel EMEA team has uncovered malicious...

CVE-2024-41713 (CVSS 9.8): Unpatched MiCollab Vulnerability Allows Unauthorized Access Mitel MiCollab SQL Injection MiCollab software - CVE-2024-47223 & CVE-2024-41713

Mitel MiCollab SQL Injection MiCollab software - CVE-2024-47223 & CVE-2024-41713

CVE-2024-41713 (CVSS 9.8): Unpatched MiCollab Vulnerability Allows Unauthorized Access

Do Son October 10, 2024

Mitel has issued a critical security advisory addressing a newly discovered vulnerability, CVE-2024-41713, in the MiCollab platform....

Progress Patches Critical Security Flaw CVE-2024-8015 (CVSS 9.1) in Telerik Report Server CVE-2023-42659 & CVE-2024-8015 MOVEit AS2 DoS, Uncontrolled Resource Consumption

CVE-2023-42659 & CVE-2024-8015 MOVEit AS2 DoS, Uncontrolled Resource Consumption

Progress Patches Critical Security Flaw CVE-2024-8015 (CVSS 9.1) in Telerik Report Server

Do Son October 10, 2024

Progress Software has released an important security advisory addressing four newly discovered vulnerabilities in their powerful Telerik...

Critical Alert 2 Active Exploits Detected Today