rce

SureForms WordPress Plugin Flaw (CVE-2025-6691): Unauthenticated Arbitrary File Deletion Leads to Site Takeover, 200K Sites at Risks

• Vulnerability Report

SureForms WordPress Plugin Flaw (CVE-2025-6691): Unauthenticated Arbitrary File Deletion Leads to Site Takeover, 200K Sites at Risks

Ddos July 10, 2025 0

A critical vulnerability in the SureForms WordPress plugin—which has over 200,000 active installations—has exposed websites to a...

Read More Read more about SureForms WordPress Plugin Flaw (CVE-2025-6691): Unauthenticated Arbitrary File Deletion Leads to Site Takeover, 200K Sites at Risks

Critical D-Link DIR-825 Router Flaw (CVE-2025-7206, CVSS 9.8): Remote Crash Via Buffer Overflow

• Vulnerability Report

Critical D-Link DIR-825 Router Flaw (CVE-2025-7206, CVSS 9.8): Remote Crash Via Buffer Overflow

Ddos July 10, 2025 0

A newly discovered critical vulnerability (CVE-2025-7206) in the D-Link DIR-825 router running firmware version 2.10 poses a...

Read More Read more about Critical D-Link DIR-825 Router Flaw (CVE-2025-7206, CVSS 9.8): Remote Crash Via Buffer Overflow

Ruckus Wireless Exposed: 9 Critical Vulnerabilities Leave Wi-Fi Management Systems Wide Open, No Patch!

• Vulnerability Report

Ruckus Wireless Exposed: 9 Critical Vulnerabilities Leave Wi-Fi Management Systems Wide Open, No Patch!

Ddos July 10, 2025 0

Multiple critical vulnerabilities have been discovered in Ruckus Wireless’ Virtual SmartZone (vSZ) and Network Director (RND), posing...

Read More Read more about Ruckus Wireless Exposed: 9 Critical Vulnerabilities Leave Wi-Fi Management Systems Wide Open, No Patch!

Critical Vulnerabilities Found in Schneider Electric’s EcoStruxure IT Data Center Expert

• Vulnerability Report

Critical Vulnerabilities Found in Schneider Electric’s EcoStruxure IT Data Center Expert

Ddos July 10, 2025 0

Schneider Electric has issued a high-severity security advisory disclosing multiple vulnerabilities affecting its flagship infrastructure management platform,...

Read More Read more about Critical Vulnerabilities Found in Schneider Electric’s EcoStruxure IT Data Center Expert

Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

• Malware
• Vulnerability Report

Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

Ddos July 10, 2025 0

The AhnLab Security Intelligence Center (ASEC) has issued a fresh warning on the ongoing exploitation of a...

Read More Read more about Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

Gold Melody’s Stealthy Campaign: Leaked ASP.NET Machine Keys Fuel In-Memory RCE & Privilege Escalation

• Cybercriminals

Gold Melody’s Stealthy Campaign: Leaked ASP.NET Machine Keys Fuel In-Memory RCE & Privilege Escalation

Ddos July 10, 2025 0

In a significant revelation from Unit 42, Palo Alto Networks’ threat intelligence team, researchers have uncovered a...

Read More Read more about Gold Melody’s Stealthy Campaign: Leaked ASP.NET Machine Keys Fuel In-Memory RCE & Privilege Escalation

Git Project Patches 3 Flaws: RCE, Arbitrary File Writes & Buffer Overflow

• Vulnerability Report

Git Project Patches 3 Flaws: RCE, Arbitrary File Writes & Buffer Overflow

Ddos July 9, 2025 0

The Git Project has released updates addressing three significant vulnerabilities impacting Git versions up to v2.50.0, including...

Read More Read more about Git Project Patches 3 Flaws: RCE, Arbitrary File Writes & Buffer Overflow

Critical Flaws Found in Siemens SINEC NMS: Privilege Escalation and Remote Code Execution Risks

• Vulnerability Report

Critical Flaws Found in Siemens SINEC NMS: Privilege Escalation and Remote Code Execution Risks

Ddos July 9, 2025 0

iemens has released a critical security advisory detailing multiple high-severity vulnerabilities affecting SINEC NMS, its flagship network...

Read More Read more about Critical Flaws Found in Siemens SINEC NMS: Privilege Escalation and Remote Code Execution Risks

Microsoft’s July 2025 Patch Tuesday: 140 Flaws Fixed, Including Zero-Day, RCEs & AMD CPU Threats

• Vulnerability Report

Microsoft’s July 2025 Patch Tuesday: 140 Flaws Fixed, Including Zero-Day, RCEs & AMD CPU Threats

Ddos July 9, 2025 0

Microsoft’s July 2025 Patch Tuesday arrives with a hefty load: a total of 140 vulnerabilities patched, including...

Read More Read more about Microsoft’s July 2025 Patch Tuesday: 140 Flaws Fixed, Including Zero-Day, RCEs & AMD CPU Threats

Fortinet Fixes Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257, CVSS 9.6)

• Vulnerability Report

Fortinet Fixes Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257, CVSS 9.6)

Ddos July 9, 2025 0

Fortinet has released a critical patch to address a serious vulnerability in its FortiWeb product — a...

Read More Read more about Fortinet Fixes Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257, CVSS 9.6)

Critical Flaws in Phoenix Contact EV Charging Controllers Expose Infrastructure to Remote Code Execution and Unauthorized Access

• Vulnerability Report

Critical Flaws in Phoenix Contact EV Charging Controllers Expose Infrastructure to Remote Code Execution and Unauthorized Access

Ddos July 9, 2025 0

In a coordinated disclosure with CERT@VDE, Phoenix Contact GmbH & Co. KG has issued an urgent advisory...

Read More Read more about Critical Flaws in Phoenix Contact EV Charging Controllers Expose Infrastructure to Remote Code Execution and Unauthorized Access

MediaTek July 2025 Security Bulletin: Heap Overflows, WLAN Flaws, and Bluetooth Risks Threaten Billions of Devices

• Vulnerability Report

MediaTek July 2025 Security Bulletin: Heap Overflows, WLAN Flaws, and Bluetooth Risks Threaten Billions of Devices

Ddos July 8, 2025 0

MediaTek’s July 2025 Product Security Bulletin exposes a series of critical and high-severity vulnerabilities affecting a wide...

Read More Read more about MediaTek July 2025 Security Bulletin: Heap Overflows, WLAN Flaws, and Bluetooth Risks Threaten Billions of Devices

SAP’s July 2025 Patch Day Brings 27 New Notes, Multiple Critical RCE & Deserialization Flaws (CVSS 10.0)

• Vulnerability Report

SAP’s July 2025 Patch Day Brings 27 New Notes, Multiple Critical RCE & Deserialization Flaws (CVSS 10.0)

Ddos July 8, 2025 0

SAP’s July 2025 Security Patch Day delivered a total of 27 new security notes and 3 updates...

Read More Read more about SAP’s July 2025 Patch Day Brings 27 New Notes, Multiple Critical RCE & Deserialization Flaws (CVSS 10.0)

Critical Vulnerabilities Found in Nimesa Backup and Recovery Software

• Vulnerability Report

Critical Vulnerabilities Found in Nimesa Backup and Recovery Software

Ddos July 8, 2025 0

JPCERT/CC has issued a warning about two serious vulnerabilities in the Nimesa Backup and Recovery solution, a...

Read More Read more about Critical Vulnerabilities Found in Nimesa Backup and Recovery Software

Redis Vulnerability Opens Door to Remote Code Execution, PoC Releases

• Vulnerability

Redis Vulnerability Opens Door to Remote Code Execution, PoC Releases

Ddos July 7, 2025 0

Redis, the beloved in-memory data store powering millions of real-time applications, has just patched a critical vulnerability...

Read More Read more about Redis Vulnerability Opens Door to Remote Code Execution, PoC Releases

ScriptCase Flaws (CVE-2025-47227/47228): Pre-Auth RCE & Admin Takeover Risk for Web Servers, PoC Published

• Vulnerability Report

ScriptCase Flaws (CVE-2025-47227/47228): Pre-Auth RCE & Admin Takeover Risk for Web Servers, PoC Published

Ddos July 7, 2025 0

In a recent security advisory, researchers from Synacktiv revealed two chained vulnerabilities in ScriptCase’s Production Environment module—known...

Read More Read more about ScriptCase Flaws (CVE-2025-47227/47228): Pre-Auth RCE & Admin Takeover Risk for Web Servers, PoC Published

IBM X-Force Uncovers Azure Arc Flaws: Hybrid-Cloud Tool Becomes Stealthy RCE & Privilege Escalation Vector

• Vulnerability Report

IBM X-Force Uncovers Azure Arc Flaws: Hybrid-Cloud Tool Becomes Stealthy RCE & Privilege Escalation Vector

Ddos July 7, 2025 0

IBM X-Force has peeled back the layers on Microsoft Azure Arc, uncovering how the hybrid-cloud management tool—meant...

Read More Read more about IBM X-Force Uncovers Azure Arc Flaws: Hybrid-Cloud Tool Becomes Stealthy RCE & Privilege Escalation Vector

CVE-2025-53367: DjVuLibre Vulnerability Opens Path to Linux Desktop Code Execution, PoC Available!

• Vulnerability Report

CVE-2025-53367: DjVuLibre Vulnerability Opens Path to Linux Desktop Code Execution, PoC Available!

Ddos July 5, 2025 0

A newly discovered critical vulnerability in DjVuLibre, the open-source decoder for DjVu document files, has opened the...

Read More Read more about CVE-2025-53367: DjVuLibre Vulnerability Opens Path to Linux Desktop Code Execution, PoC Available!

Microsoft Edge Alert: Two High-Severity Flaws (CVE-2025-6554, CVE-2025-49713) Allow Remote Code Execution, One Actively Exploited

• Vulnerability Report

Microsoft Edge Alert: Two High-Severity Flaws (CVE-2025-6554, CVE-2025-49713) Allow Remote Code Execution, One Actively Exploited

Ddos July 4, 2025 0

Microsoft has released Edge Stable Channel Version 138.0.3351.65, an update that addresses critical browser vulnerabilities impacting Chromium-based...

Read More Read more about Microsoft Edge Alert: Two High-Severity Flaws (CVE-2025-6554, CVE-2025-49713) Allow Remote Code Execution, One Actively Exploited

Apache Under Attack: Critical RCE Flaws in Tomcat & Camel Spark Thousands of Exploit Attempts

• Vulnerability Report

Apache Under Attack: Critical RCE Flaws in Tomcat & Camel Spark Thousands of Exploit Attempts

Ddos July 4, 2025 0

In a recent deep-dive analysis, Palo Alto Networks’ Unit 42 revealed disturbing insights into a surge of...

Read More Read more about Apache Under Attack: Critical RCE Flaws in Tomcat & Camel Spark Thousands of Exploit Attempts