dos Archives • Page 3 of 6 • Daily CyberSecurity

CVSS 10.0 RCE in Popular Python Library (36M+ Monthly Downloads), PoC Available

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

CVSS 10.0 RCE in Popular Python Library (36M+ Monthly Downloads), PoC Available

Ddos September 4, 2025

The widely used Python library DeepDiff, downloaded over 36 million times per month, has been found vulnerable...

Envoy Project Patches Two Flaws: DoS (CVE-2025-54588) and Session Hijacking (CVE-2025-55162) Risks Envoy Project, vulnerability

Envoy Project Patches Two Flaws: DoS (CVE-2025-54588) and Session Hijacking (CVE-2025-55162) Risks

Ddos September 3, 2025

The Envoy Project has issued a new security advisory addressing two significant vulnerabilities impacting its popular L7...

Linux Kernel 7.1 i486 support Linux 7.0 HIPPI support removal, legacy networking protocol retirement Linus Torvalds AI slop Linux kernel, Lorenzo Stoakes AI tool debate Linux Kernel Rust CVE-2025-68260, Android Binder Rust Race Condition TSEM Security Module Controversy, Linus Torvalds LSM Dispute Kernel Panic, PoC released Linux Kernel 6.16, File System Fixes CVE-2023-42753 - Linux Kernel Developers

Linux Kernel Panic Triggered by Race Condition, PoC Released

Ddos September 2, 2025

A new Linux kernel vulnerability, tracked as CVE-2025-38617, has been analyzed by security researcher Pumpkin (@u1f383) from...

CVE-2025-6203: DoS Flaw in HashiCorp Vault Allows Attackers to Crash Servers HashiCorp Vault, vulnerability CVE-2024-7594 - Vault Community Edition

HashiCorp Vault, vulnerability CVE-2024-7594 - Vault Community Edition

CVE-2025-6203: DoS Flaw in HashiCorp Vault Allows Attackers to Crash Servers

Ddos September 2, 2025

HashiCorp has issued a security advisory for a newly disclosed vulnerability in Vault, its widely used secrets...

CVE-2024-58259: DoS Flaw in Rancher Manager Allows Unauthenticated Attackers to Crash Servers Rancher Path Traversal CVE-2026-25705 Rancher Vulnerabilities, SAML Phishing CVE-2024-22036 Rancher, vulnerability

Rancher Path Traversal CVE-2026-25705 Rancher Vulnerabilities, SAML Phishing CVE-2024-22036 Rancher, vulnerability

CVE-2024-58259: DoS Flaw in Rancher Manager Allows Unauthenticated Attackers to Crash Servers

Ddos September 1, 2025

The SUSE Rancher Security Team has issued a security advisory addressing a high-severity vulnerability in Rancher Manager,...

A Single URL Can Crash Your Website: Critical DoS Flaw (CVE-2025-58047) Found in Volto CMS Volto, vulnerability

A Single URL Can Crash Your Website: Critical DoS Flaw (CVE-2025-58047) Found in Volto CMS

Ddos August 31, 2025

The Plone Zope Security Team has released an advisory addressing a denial-of-service (DoS) vulnerability in Volto, the...

Cisco Warns of High-Severity DoS Flaw (CVE-2025-20241) in Nexus Switches Cisco Secure FMC CVE-2026-20079 Cisco RCE, Firewall Vulnerability Cisco Nexus, vulnerability CVE-2024-20412 - Cisco data breach

Cisco Secure FMC CVE-2026-20079 Cisco RCE, Firewall Vulnerability Cisco Nexus, vulnerability CVE-2024-20412 - Cisco data breach

Cisco Warns of High-Severity DoS Flaw (CVE-2025-20241) in Nexus Switches

Ddos August 28, 2025

Cisco Systems has published a security advisory detailing a high-severity denial-of-service (DoS) vulnerability affecting Cisco Nexus 3000...

A Single Packet Can Crash a DHCP Server: High-Severity Flaw CVE-2025-40779 Found in Kea critical BIND 9 flaws Kea DHCP Vulnerability CVE-2026-3608 CVE-2022-1183 CVE-2025-40779 Kea DHCP, vulnerability

critical BIND 9 flaws Kea DHCP Vulnerability CVE-2026-3608 CVE-2022-1183 CVE-2025-40779 Kea DHCP, vulnerability

A Single Packet Can Crash a DHCP Server: High-Severity Flaw CVE-2025-40779 Found in Kea

Ddos August 28, 2025

The Internet Systems Consortium (ISC) has released a security advisory addressing a high-severity vulnerability in its widely...

URGENT: NetScaler Zero-Day CVE-2025-7775 Under Active Attack NetScaler, CVE-2025-7775

URGENT: NetScaler Zero-Day CVE-2025-7775 Under Active Attack

Ddos August 26, 2025

The Cloud Software Group (CSG) has released urgent security updates to address three high-severity vulnerabilities affecting NetScaler...

Patch Now: Apache Tomcat Fixes Session Fixation and ‘MadeYouReset’ Flaws CVE-2024-50379 & CVE-2024-54677 Apache Tomcat Vulnerabilities

Patch Now: Apache Tomcat Fixes Session Fixation and ‘MadeYouReset’ Flaws

Ddos August 15, 2025

The Apache Tomcat Project has issued important updates addressing two significant vulnerabilities affecting multiple supported versions of...

The Win-DDoS Epidemic: New Flaws Weaponize Windows Domain Controllers for Massive DoS Attacks, PoC Releases

Ddos August 12, 2025

SafeBreach Labs researchers have uncovered a new class of denial-of-service (DoS) vulnerabilities in Microsoft Windows that could...

Apache bRPC Flaw (CVE-2025-54472) Allows Remote Denial-of-Service Attack Apache bRPC Vulnerability CVE-2025-60021 Apache bRPC, CVE-2025-59789 Apache bRPC, Redis Vulnerability

Apache bRPC Vulnerability CVE-2025-60021 Apache bRPC, CVE-2025-59789 Apache bRPC, Redis Vulnerability

Apache bRPC Flaw (CVE-2025-54472) Allows Remote Denial-of-Service Attack

Ddos August 12, 2025

The Apache bRPC project has issued an important security advisory addressing a critical flaw in its Redis...

SonicWall Alert: Critical SSL VPN Flaw (CVE-2025-40600) Allows Remote DoS Attack on Firewalls CVE-2024-40766 exploited SonicOS Vulnerability, DoS Attack

CVE-2024-40766 exploited SonicOS Vulnerability, DoS Attack

SonicWall Alert: Critical SSL VPN Flaw (CVE-2025-40600) Allows Remote DoS Attack on Firewalls

Ddos July 30, 2025

SonicWall, a prominent provider of cybersecurity solutions, has disclosed a critical vulnerability—CVE-2025-40600—affecting the SSL VPN interface of...

Python Tarfile Vulnerability (CVE-2025-8194) Allows DoS via Malicious Archives Python Vulnerability, Tarfile DoS

Python Tarfile Vulnerability (CVE-2025-8194) Allows DoS via Malicious Archives

Ddos July 29, 2025

A newly discovered vulnerability in Python’s tarfile module, identified as CVE-2025-8194, threatens to hang applications that process...

Buffer Overflows & XSS in SonicWall SMA 100 Expose Devices to RCE – Patch Immediately! SonicWall Firewall CVE-2024-40766 SonicWall SMA Vulnerabilities, Web Interface Flaws

SonicWall Firewall CVE-2024-40766 SonicWall SMA Vulnerabilities, Web Interface Flaws

Buffer Overflows & XSS in SonicWall SMA 100 Expose Devices to RCE – Patch Immediately!

Ddos July 24, 2025

SonicWall has released a security updates for its Secure Mobile Access (SMA) 100 series appliances, addressing three...

CVE-2025-31700 & CVE-2025-31701: Buffer Overflow Flaws in Dahua IP Cameras Expose Devices to RCE Dahua IP Camera, Buffer Overflow Dahua IP cameras vulnerability

Dahua IP Camera, Buffer Overflow Dahua IP cameras vulnerability

CVE-2025-31700 & CVE-2025-31701: Buffer Overflow Flaws in Dahua IP Cameras Expose Devices to RCE

Ddos July 24, 2025

Dahua Technology has issued a security advisory addressing two high-severity vulnerabilities in its IP camera product line,...

RCEs in Schneider Electric EcoStruxure Power Operation: Actively Exploited, Public PoCs Available FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

RCEs in Schneider Electric EcoStruxure Power Operation: Actively Exploited, Public PoCs Available

Ddos July 23, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with Schneider Electric, has issued a security advisory...

Two Vulnerabilities in 7-Zip Could Trigger Denial of Service 7-Zip Vulnerabilities, File Archiver Security

Two Vulnerabilities in 7-Zip Could Trigger Denial of Service

Ddos July 21, 2025

Researchers have disclosed two newly identified vulnerabilities in 7-Zip, one of the world’s most widely used open-source...

ISC Warns of Cache Poisoning and Crash Risks in BIND: What You Need to Know About CVE-2025-40776 and CVE-2025-40777 BIND 9 Vulnerability CVE-2025-13878 BIND Cache Poisoning, DNS RCE BIND Vulnerabilities, DNS Security BIND 9 vulnerabilities BIND vulnerability, DNS server crash