privilege escalation Archives • Page 14 of 15 • Daily CyberSecurity

Microsoft May 2025 Patch Tuesday Fixes 83 Vulnerabilities, Including 5 Exploited in the Wild Patch Tuesday, Zero-Day Exploits

Microsoft May 2025 Patch Tuesday Fixes 83 Vulnerabilities, Including 5 Exploited in the Wild

Do Son May 13, 2025

Microsoft’s May 2025 Patch Tuesday has addressed a total of 83 vulnerabilities across its product ecosystem, including...

Multiple CVEs in GNU Screen: Local Root Exploit and TTY Hijacking Discovered GNU Screen vulnerabilities setuid-root exploit

Multiple CVEs in GNU Screen: Local Root Exploit and TTY Hijacking Discovered

Do Son May 13, 2025

A comprehensive security audit by the SUSE Security Team has uncovered a collection of serious flaws in...

Arista Patches Critical Vulnerability in CloudVision ZTP With CVSS 10 Score CloudVision ZTP, CVE-2025-0505

Arista Patches Critical Vulnerability in CloudVision ZTP With CVSS 10 Score

Do Son May 10, 2025

Arista Networks has issued a critical security advisory for a newly discovered vulnerability – CVE-2025-0505—rated with a...

Arista Fixes Critical CloudVision Portal Vulnerability with CVSS 10 Score Arista CloudVision, CVE-2024-11186

Arista Fixes Critical CloudVision Portal Vulnerability with CVSS 10 Score

Do Son May 9, 2025

Arista Networks has released a critical security advisory detailing a severe vulnerability in its CloudVision Portal (CVP)...

Microsoft Patches Four Critical Azure and Power Apps Vulnerabilities, Including CVSS 10 Privilege Escalation Smart App Control blocking Armoury Crate, ROG Ally Defender false positive 2026 Microsoft Zero-Day, Cloud Files UAF Microsoft Access end of life CVE-2025-21298 Azure Vulnerabilities

Smart App Control blocking Armoury Crate, ROG Ally Defender false positive 2026 Microsoft Zero-Day, Cloud Files UAF Microsoft Access end of life CVE-2025-21298 Azure Vulnerabilities

Microsoft Patches Four Critical Azure and Power Apps Vulnerabilities, Including CVSS 10 Privilege Escalation

Do Son May 9, 2025

Microsoft has addressed a cluster of critical vulnerabilities affecting several of its core cloud services—including Azure Automation,...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Zero-Day CLFS Vulnerability (CVE-2025-29824) Exploited in Ransomware Attacks

Do Son May 7, 2025

Symantec’s Threat Hunter Team has uncovered a sophisticated attack involving a zero-day privilege escalation vulnerability in Microsoft’s...

MediaTek May 2025 Security Bulletin: Chipset Vulnerabilities Disclosed MediaTek, modem vulnerabilities

MediaTek May 2025 Security Bulletin: Chipset Vulnerabilities Disclosed

Do Son May 5, 2025

The MediaTek Product Security Bulletin for May 2025 highlights multiple security vulnerabilities affecting a wide range of...

CVE-2025-2774: Webmin Vulnerability Allows Root-Level Privilege Escalation CVE-2024-12828 CVE-2025-2774 Webmin vulnerability

CVE-2025-2774: Webmin Vulnerability Allows Root-Level Privilege Escalation

Do Son May 4, 2025

Webmin, a popular web-based system administration tool used to manage Unix-like servers and various services with approximately...

Rancher Releases Patch for CVE-2024-22031 Privilege Escalation Vulnerability Rancher CVE-2024-22031 Privilege Escalation

Rancher Releases Patch for CVE-2024-22031 Privilege Escalation Vulnerability

Do Son April 30, 2025

The SUSE Rancher Security Team has issued a security advisory regarding a newly disclosed vulnerability affecting multiple...

CVE-2025-21756: How a Tiny Linux Kernel Bug Led to a Full Root Exploit, PoC Releases

Do Son April 29, 2025

In a recently analysis, security researcher Michael Hoefler has exposed the full depth of CVE-2025-21756, a Use-After-Free...

Microsoft’s Patch for Symlink Exploit Introduces New Windows Update DoS Flaw inetpub vulnerability, Windows Update

Microsoft’s Patch for Symlink Exploit Introduces New Windows Update DoS Flaw

Do Son April 25, 2025

Previously, in an effort to patch security vulnerability (CVE-2025–21204) within the Windows operating system, Microsoft began creating...

IBM HMC Vulnerable to Privilege Escalation Attacks IBM HMC Privilege Escalation

IBM HMC Vulnerable to Privilege Escalation Attacks

Do Son April 23, 2025

Two security vulnerabilities have been disclosed in the IBM Hardware Management Console (HMC) for Power Systems, both...

“ConfusedComposer”: GCP Composer Vulnerability Allows Privilege Escalation GCP Composer Privilege Escalation

“ConfusedComposer”: GCP Composer Vulnerability Allows Privilege Escalation

Do Son April 23, 2025

Tenable Research has identified a now-patched privilege-escalation vulnerability in Google Cloud Platform (GCP) dubbed “Confused Composer”. The...

CVE-2025-21204: SYSTEM-Level Privilege Escalation in Windows Update Stack Exposed, PoC Released CVE-2025-21204, Windows Update Stack

CVE-2025-21204: SYSTEM-Level Privilege Escalation in Windows Update Stack Exposed, PoC Released

Do Son April 22, 2025

Security researcher Elli Shlomo published the technical details and a proof-of-concept exploit code for CVE-2025-21204, a severe...

FOG Ransomware Campaign Targets Multiple Sectors with Phishing and Payload Obfuscation FOG ransomware, phishing

FOG Ransomware Campaign Targets Multiple Sectors with Phishing and Payload Obfuscation

Do Son April 22, 2025

Trend Micro has identified a recent campaign involving FOG ransomware, demonstrating the adaptability of cybercriminals in their...

Critical CVE-2025-1976 Vulnerability in Brocade Fabric OS Actively Exploited Brocade Fabric OS, CVE-2025-1976

Critical CVE-2025-1976 Vulnerability in Brocade Fabric OS Actively Exploited

Do Son April 22, 2025

A critical security vulnerability has been identified in Brocade Fabric OS, posing a significant risk to affected...

CVE-2024-53141: Linux Kernel Flaw Enables Privilege Escalation, PoC Releases CVE-2024-53141, Linux Kernel

CVE-2024-53141: Linux Kernel Flaw Enables Privilege Escalation, PoC Releases

Do Son April 18, 2025

Security researcher published the technical details and a proof-of-concept exploit for a vulnerability in Linux kernel—CVE-2024-53141, having...

Windows 11 Privilege Escalation Flaws Uncovered: CVE-2025-24076 and CVE-2025-24994 DLL Hijacking, CVE-2025-24076

Windows 11 Privilege Escalation Flaws Uncovered: CVE-2025-24076 and CVE-2025-24994

Do Son April 16, 2025

In a revealing security analysis, Compass Security researcher John Ostrowski has disclosed two privilege escalation vulnerabilities in...

PyPI Swiftly Patches Privilege Escalation Flaw in Organizations Feature Project Quarantine PyPI Security Privilege Escalation

PyPI Swiftly Patches Privilege Escalation Flaw in Organizations Feature

Do Son April 15, 2025

On April 14, 2025, the Python Package Index (PyPI) team swiftly addressed a security concern involving persisting...

Windows CLFS Zero-Day Exploited to Deploy Ransomware CLFS zero-day Ransomware attack

Windows CLFS Zero-Day Exploited to Deploy Ransomware

Do Son April 9, 2025

Microsoft Threat Intelligence has disclosed active exploitation of a zero-day vulnerability in the Windows Common Log File...

Critical Alert