Vulnerability Archives • Page 9 of 190 • Daily CyberSecurity

Unauthenticated RCE in Mitel SIP Phones (CVSS 9.8) Detailed with PoC Exploit

Do Son June 16, 2025

In a recent disclosure, InfoGuard Labs researcher Marc Bollhalder has detailed a critical unauthenticated remote command injection...

libxml2 Flaws Exposed: Memory Corruption, RCE, & DoS Threats Uncovered libxml2 Vulnerabilities, XML Parsing

libxml2 Flaws Exposed: Memory Corruption, RCE, & DoS Threats Uncovered

Do Son June 16, 2025

The researchers disclosured four security vulnerabilities in libxml2, a widely used XML parsing library embedded in web...

Critical Ricoh Streamline NX Flaw (CVSS 9.8) Allows SYSTEM-Level Code Execution Ricoh Streamline NX, Remote Code Execution

Critical Ricoh Streamline NX Flaw (CVSS 9.8) Allows SYSTEM-Level Code Execution

Do Son June 13, 2025

Ricoh has issued three security advisories addressing multiple serious vulnerabilities in its Streamline NX V3 PC Client,...

Critical Path Traversal Vulnerability (CVSS 9.8) Exposes Mitel MiCollab Servers to Unauthorized Access Mitel MiCollab, Critical Vulnerability

Critical Path Traversal Vulnerability (CVSS 9.8) Exposes Mitel MiCollab Servers to Unauthorized Access

Do Son June 13, 2025

Mitel has issued a critical security advisory warning of a newly discovered path traversal vulnerability affecting its...

Urgent Bosch Alert: Critical RCE Flaw (CVSS 10.0) Exposes Dispatch & Matrix Software to Attack Bosch RCE, Critical Vulnerability

Urgent Bosch Alert: Critical RCE Flaw (CVSS 10.0) Exposes Dispatch & Matrix Software to Attack

Do Son June 13, 2025

Bosch has issued a critical security advisory addressing a severe remote code execution (RCE) vulnerability affecting its...

Critical CI/CD Cache Poisoning Threatens Supply Chain: Undetectable Code Injection Possible! CI/CD Security, Cache Poisoning

Critical CI/CD Cache Poisoning Threatens Supply Chain: Undetectable Code Injection Possible!

Do Son June 13, 2025

A newly disclosed vulnerability tracked as CVE-2025-36852 has shaken the foundation of modern CI/CD systems and supply...

Critical Trend Micro Apex Central Flaws: Pre-Auth RCE (CVSS 9.8) Threatens Your Security Trend Micro, RCE Vulnerability

Critical Trend Micro Apex Central Flaws: Pre-Auth RCE (CVSS 9.8) Threatens Your Security

Do Son June 12, 2025

Trend Micro has issued an urgent Critical Patch (CP B7007) for its Apex Central platform, addressing two...

Root Access Unlocked: Public PoC Exposes GlobalProtect macOS Privilege Escalation Flaw GlobalProtect, macOS Root

Root Access Unlocked: Public PoC Exposes GlobalProtect macOS Privilege Escalation Flaw

Do Son June 12, 2025

Palo Alto Networks has disclosed a security vulnerability in its GlobalProtect VPN client for macOS that could...

Zero-Day Alert: Remotely Escalate Privileges to SYSTEM via Kerberos Relay – PoC Available Windows Zero-Day Kerberos relay

Zero-Day Alert: Remotely Escalate Privileges to SYSTEM via Kerberos Relay – PoC Available

Do Son June 12, 2025

A newly disclosed vulnerability, CVE-2025-33073, revealed by RedTeam Pentesting GmbH, exposes a critical flaw in Microsoft Windows’...

OpenPGP.js Flaw Allows Signature Spoofing, Breaking Message Trust – PoC Available! OpenPGP.js, Signature Spoofing

OpenPGP.js Flaw Allows Signature Spoofing, Breaking Message Trust – PoC Available!

Do Son June 12, 2025

In a recent technical write-up, researchers at Codean Labs unveiled a critical vulnerability in the OpenPGP.js library—an...

Critical Apache CloudStack Flaws Expose Kubernetes & Admin Accounts! CVE-2024-50386 Apache CloudStack, Critical Vulnerabilities

Critical Apache CloudStack Flaws Expose Kubernetes & Admin Accounts!

Do Son June 11, 2025

The Apache CloudStack project has released new Long-Term Support (LTS) versions—4.19.3.0 and 4.20.1.0—to address five security vulnerabilities,...

Critical Command Injection Flaw in KDE Konsole Exposes Users to Arbitrary Code Execution Konsole Vulnerability, Linux Security

Critical Command Injection Flaw in KDE Konsole Exposes Users to Arbitrary Code Execution

Do Son June 11, 2025

A newly disclosed critical vulnerability in Konsole, KDE’s popular terminal emulator, has raised serious concerns for Linux...

Windows Kernel Flaws Revealed: SYSTEM-Level Privilege Escalation & PoC Exploits Available Now! Windows Kernel, Privilege Escalation

Windows Kernel Flaws Revealed: SYSTEM-Level Privilege Escalation & PoC Exploits Available Now!

Do Son June 11, 2025

Security researcher Jael Koh of PixiePoint Security has unveiled the technical details and working proof-of-concept exploits for...

Avaya CMS Exposed to Unauthorized Remote Command Attacks: CVSS 9.9 Vulnerability Demands Urgent Fix Avaya CMS, Remote Command Execution

Avaya CMS Exposed to Unauthorized Remote Command Attacks: CVSS 9.9 Vulnerability Demands Urgent Fix

Do Son June 10, 2025

Avaya has issued a critical security advisory for its widely deployed Call Management System (CMS), warning customers...

CVSS 9.9: Critical XXE Flaw in GeoTools Exposes Geospatial Data Systems XXE Vulnerability

CVSS 9.9: Critical XXE Flaw in GeoTools Exposes Geospatial Data Systems

Do Son June 10, 2025

The GeoTools project, a popular open-source Java library used for geospatial data processing, has issued a critical...

Apache Kafka Clients at Risk: File Reads, SSRF, and RCE Exploits Trigger Urgent Security Fixes Kafka RCE JAAS vulnerability

Apache Kafka Clients at Risk: File Reads, SSRF, and RCE Exploits Trigger Urgent Security Fixes

Do Son June 9, 2025

The Apache Kafka Project has released security advisories addressing three important vulnerabilities affecting various versions of the...

Critical 9.6 CVSS RCE: ManageEngine Exchange Reporter Plus Vulnerability Discovered! CVE-2025-3835, Exchange Reporter Plus

Critical 9.6 CVSS RCE: ManageEngine Exchange Reporter Plus Vulnerability Discovered!

Do Son June 9, 2025

ManageEngine’s Exchange Reporter Plus, a widely-used web-based monitoring and reporting tool for Microsoft Exchange, has been found...

Microsoft BFS Flaws Expose Windows to Privilege Escalation – PoC Code Released Race Condition Exploit

Microsoft BFS Flaws Expose Windows to Privilege Escalation – PoC Code Released

Do Son June 9, 2025

Security researchers at ht3labs published the technical details and proof-of-concept exploit code for a trio of critical...

Legacy vBulletin 4.x Patch Backfires: RCE via Signed Base64 Payloads and a Full PoC vBulletin RCE

Legacy vBulletin 4.x Patch Backfires: RCE via Signed Base64 Payloads and a Full PoC

Do Son June 7, 2025

Security researcher Egidio Romano (EgiX) uncovers a fascinating PHP Object Injection (POI) vulnerability in legacy versions of...

Critical Flaws in Acronis Cyber Protect Expose Sensitive Data: CVSS 10 Vulnerabilities Patched Acronis Vulnerabilities, Cybersecurity Advisory

Acronis Vulnerabilities, Cybersecurity Advisory

Critical Flaws in Acronis Cyber Protect Expose Sensitive Data: CVSS 10 Vulnerabilities Patched

Do Son June 6, 2025

Acronis International GmbH has issued a critical security advisory addressing a series of high-severity vulnerabilities in its...

Critical Alert 1 Active Exploit Detected Today