rce Archives • Page 18 of 30 • Daily CyberSecurity

From Simple Bug to RCE: A Flaw (CVE-2025-21692) in the Linux Kernel, PoC Published Linux Kernel vulnerability CVE-2025-21692

From Simple Bug to RCE: A Flaw (CVE-2025-21692) in the Linux Kernel, PoC Published

Do Son September 18, 2025

Security researcher Volticks has published a deep technical writeup on CVE-2025-21692, a vulnerability in the Linux kernel’s...

NVIDIA acquisition rumors NVIDIA AI Security AI Framework Vulnerabilities Nvidia 595.76 Hotfix NVIDIA Megatron Bridge vulnerability GPU vs ASIC AI battle NVIDIA Driver Vulnerability CVE-2025-33217 NVIDIA biggest TSMC customer 2026, NVIDIA vs Apple TSMC revenue share NVIDIA CUDA Toolkit CVE-2025-33228 Groq NVIDIA licensing deal, Jonathan Ross acquihire 2025 NeMo Code Injection, AI Framework RCE NVIDIA App Privilege Escalation, CVE-2025-23358 NVIDIA Security Update, DLS Vulnerability CVE-2025-23316 NVIDIA NVDebug, vulnerabilities NVIDIA Driver Vulnerabilities, vGPU Security Nvidia Jetson, UEFI Vulnerabilities CVE-2024-0130 - CVE-2024-0136 CVE-2024-0148 NVIDIA Driver Support, Windows 10 EOL

NVIDIA Patches Critical RCE Flaw (CVE-2025-23316, CVSS 9.8) in Triton Inference Server

Do Son September 17, 2025

NVIDIA has released a software update addressing multiple high- and critical-severity vulnerabilities in its Triton Inference Server,...

PoC Published: Linux Kernel 0-Click RCE Vulnerability Found in ksmbd Linux kernel, SMB vulnerability

PoC Published: Linux Kernel 0-Click RCE Vulnerability Found in ksmbd

Do Son September 16, 2025

In a recent deep-dive analysis, security researcher BitsByWill examined two critical Linux kernel vulnerabilities—CVE-2023-52440 and CVE-2023-4130—both impacting...

Samsung Zero-Day Exploit CVE-2025-21043 Patched After Active Attacks on Android Devices Samsung zero-day Samsung Galaxy S25 Edge, Sales Performance Samsung Account, Inactive Accounts One UI 7 Samsung Update

Samsung zero-day Samsung Galaxy S25 Edge, Sales Performance Samsung Account, Inactive Accounts One UI 7 Samsung Update

Samsung Zero-Day Exploit CVE-2025-21043 Patched After Active Attacks on Android Devices

Do Son September 15, 2025

Samsung has released security updates to patch a critical zero-day vulnerability actively exploited against Android devices. Tracked...

CISA Urges Immediate Patching: Critical Dassault Systèmes Flaw (CVE-2025-5086) Actively Exploited Known Exploited Vulnerabilities CISA KEV

CISA Urges Immediate Patching: Critical Dassault Systèmes Flaw (CVE-2025-5086) Actively Exploited

Do Son September 12, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw in Dassault Systèmes DELMIA Apriso...

Patch Tuesday: Microsoft Fixes 86 Flaws, Including 9 Critical and 2 Zero-Days (CVE-2025-55234 & CVE-2024-21907) Microsoft Patch Tuesday fixes disclosed zero day vulnerabilities Windows Wormable Exploit April 2026 Patch Tuesday Microsoft Patch Tuesday Zero-Day Vulnerabilities Microsoft, Patch Tuesday CVE-2025-55234 CVE-2024-43573 and CVE-2024-43572 Microsoft Patch Tuesday Security Vulnerabilities

Microsoft Patch Tuesday fixes disclosed zero day vulnerabilities Windows Wormable Exploit April 2026 Patch Tuesday Microsoft Patch Tuesday Zero-Day Vulnerabilities Microsoft, Patch Tuesday CVE-2025-55234 CVE-2024-43573 and CVE-2024-43572 Microsoft Patch Tuesday Security Vulnerabilities

Patch Tuesday: Microsoft Fixes 86 Flaws, Including 9 Critical and 2 Zero-Days (CVE-2025-55234 & CVE-2024-21907)

Do Son September 10, 2025

Microsoft’s September 2025 Patch Tuesday addresses 86 vulnerabilities across its product ecosystem, including two zero-days and nine...

Critical Flaws in Hiawatha Web Server Could Allow Authentication Bypass and RCE Hiawatha vulnerability

Critical Flaws in Hiawatha Web Server Could Allow Authentication Bypass and RCE

Do Son September 10, 2025

The CERT Coordination Center (CERT/CC) has issued a vulnerability note highlighting three serious flaws in the Hiawatha...

Ivanti Patches Two High-Severity RCE Flaws in Endpoint Manager Ivanti EPMM security updates Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Ivanti EPMM security updates Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Ivanti Patches Two High-Severity RCE Flaws in Endpoint Manager

Do Son September 9, 2025

Ivanti has released important security updates for Ivanti Endpoint Manager (EPM), addressing two high-severity vulnerabilities that could...

CVE-2025-7350: Critical RCE Flaw in Rockwell Stratix Switches Scores CVSS 9.6 CVE-2024-21915 Rockwell Stratix switch CVE-2025-7350

CVE-2025-7350: Critical RCE Flaw in Rockwell Stratix Switches Scores CVSS 9.6

Do Son September 9, 2025

Rockwell Automation has issued a security advisory for a critical vulnerability in its Stratix industrial Ethernet switches,...

SAP Security Patch Day Fixes Four Critical Flaws, Including a CVSS 10.0 RCE (CVE-2025-42944) SAP security patch day critical security vulnerabilities SAP SQL Injection April 2026 Patch Day SAP Security, Critical Vulnerabilities Security Patch Day CVE-2025-42944

SAP security patch day critical security vulnerabilities SAP SQL Injection April 2026 Patch Day SAP Security, Critical Vulnerabilities Security Patch Day CVE-2025-42944

SAP Security Patch Day Fixes Four Critical Flaws, Including a CVSS 10.0 RCE (CVE-2025-42944)

Do Son September 9, 2025

Today, SAP released 21 new Security Notes and 4 updates as part of its monthly Security Patch...

Progress Patches Remote Command Execution Flaw in OpenEdge AdminServer (CVE-2025-7388) CVE-2024-46909 & CVE-2024-8785 OpenEdge, Remote Command Execution

CVE-2024-46909 & CVE-2024-8785 OpenEdge, Remote Command Execution

Progress Patches Remote Command Execution Flaw in OpenEdge AdminServer (CVE-2025-7388)

Do Son September 8, 2025

Progress Software has released patches for a high-severity vulnerability in the OpenEdge AdminServer component, tracked as CVE-2025-7388...

CVE-2025-57052: Critical JSON Parsing Flaw in cJSON With CVSS 9.8, PoC Available cJSON vulnerability

CVE-2025-57052: Critical JSON Parsing Flaw in cJSON With CVSS 9.8, PoC Available

Do Son September 8, 2025

Security researcher Salah Chafai, an Exploit Development & Security specialist, has disclosed a critical flaw in the...

CVE-2025-53187: Critical RCE in ABB ASPECT BMS with CVSS 9.8, No Prior Authentication ABB T-MAC Plus vulnerabilities terminal system flaws ABB OPTIMAX Vulnerability CVE-2025-14510 ABB Edgenius Auth Bypass, Critical RCE ABB, ASPECT BMS CVE-2024-48841, CVE-2024-48849, and CVE-2024-48852 CVE-2024-48510

CVE-2025-53187: Critical RCE in ABB ASPECT BMS with CVSS 9.8, No Prior Authentication

Do Son September 5, 2025

ABB has issued a cybersecurity advisory disclosing multiple vulnerabilities affecting its ASPECT Building Management System (BMS), including...

CVE-2025-5086 (CVSS 9.0): A Critical RCE in DELMIA Apriso with Exploit Attempts Seen in the Wild DELMIA Apriso, deserialization flaw

CVE-2025-5086 (CVSS 9.0): A Critical RCE in DELMIA Apriso with Exploit Attempts Seen in the Wild

Do Son September 4, 2025

Manufacturing operations are increasingly threatened not just by IoT weaknesses, but also by vulnerabilities in the complex...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

CVSS 10.0 RCE in Popular Python Library (36M+ Monthly Downloads), PoC Available

Do Son September 4, 2025

The widely used Python library DeepDiff, downloaded over 36 million times per month, has been found vulnerable...

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

CVE-2025-53690: Mandiant and Sitecore Warn of Active Exploitation in ASP.NET Machine Key Configurations

Do Son September 4, 2025

A coordinated disclosure by Mandiant and Sitecore has revealed the active exploitation of a critical configuration vulnerability...

CISA Warns: Actively Exploited TP-Link Router Flaws Added to KEV Catalog TP-Link, CISA CVE-2023-32315 CISA KEV Catalog Active Exploitation

CISA Warns: Actively Exploited TP-Link Router Flaws Added to KEV Catalog

Do Son September 4, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added two TP-Link router vulnerabilities to its Known Exploited...

Chrome 140 Patches Six Vulnerabilities, Including High-Severity V8 Flaw (CVE-2025-9864) Chrome, Antitrust Browser Security, Local Network Access CVE-2022-3075 history-sniffing vulnerability

Chrome, Antitrust Browser Security, Local Network Access CVE-2022-3075 history-sniffing vulnerability

Chrome 140 Patches Six Vulnerabilities, Including High-Severity V8 Flaw (CVE-2025-9864)

Do Son September 3, 2025

Google has announced the Chrome 140 stable channel release for Windows, macOS, and Linux. The rollout, with...

A Single Click Can Hijack Your PC: CVE-2025-58176 RCE Flaw Found in Dive Desktop App Dive desktop app, remote code execution

A Single Click Can Hijack Your PC: CVE-2025-58176 RCE Flaw Found in Dive Desktop App

Do Son September 3, 2025

The Open Agent Platform has issued a security advisory warning of a critical vulnerability in its Dive...

PoC Published for Remote Code Execution Flaw in Microsoft IIS Web Deploy Remote code execution, IIS Web Deploy

PoC Published for Remote Code Execution Flaw in Microsoft IIS Web Deploy

Do Son September 3, 2025

Security researcher Batuhan Er of HawkTrace has been credited by Microsoft for uncovering CVE-2025-53772, a critical remote...