rce Archives • Page 27 of 30 • Daily CyberSecurity

Urgent Firefox Alert: Critical Memory Corruption Flaws (CVSS 9.8) Allow Remote Code Execution Firefox Vulnerabilities

Urgent Firefox Alert: Critical Memory Corruption Flaws (CVSS 9.8) Allow Remote Code Execution

Do Son June 12, 2025

The Mozilla Foundation has issued an urgent security update for the Firefox web browser, addressing two critical...

Critical Trend Micro Apex Central Flaws: Pre-Auth RCE (CVSS 9.8) Threatens Your Security Trend Micro, RCE Vulnerability

Critical Trend Micro Apex Central Flaws: Pre-Auth RCE (CVSS 9.8) Threatens Your Security

Do Son June 12, 2025

Trend Micro has issued an urgent Critical Patch (CP B7007) for its Apex Central platform, addressing two...

Flaws in Weidmueller IE-SR-2TX Routers Allow Remote Root Access! Weidmueller, Critical Vulnerabilities

Flaws in Weidmueller IE-SR-2TX Routers Allow Remote Root Access!

Do Son June 12, 2025

A recent coordinated security advisory issued by CERT@VDE and Weidmueller has disclosed three critical vulnerabilities affecting the...

Critical RCE Flaw (CVSS 9.8) in QNX SDP Exposes Automotive & IoT Systems to Attack! QNX Vulnerability, Remote Code Execution CVE-2025-2474

Critical RCE Flaw (CVSS 9.8) in QNX SDP Exposes Automotive & IoT Systems to Attack!

Do Son June 12, 2025

The QNX Software Development Platform (SDP)—a foundation of many embedded and real-time systems—has been found vulnerable to...

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched! Patch Tuesday, Microsoft Security

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched!

Do Son June 10, 2025

Microsoft’s June 2025 Patch Tuesday rollout has addressed a substantial 69 vulnerabilities, including 10 critical and 57...

CISA Flags Active Exploits in Erlang/OTP SSH and Roundcube Webmail: Critical RCE and XSS Flaws Under Attack CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA Flags Active Exploits in Erlang/OTP SSH and Roundcube Webmail: Critical RCE and XSS Flaws Under Attack

Do Son June 10, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited...

Critical Wazuh RCE (CVE-2025-24016) Actively Exploited by Mirai Botnets Wazuh RCE, Mirai Botnets

Critical Wazuh RCE (CVE-2025-24016) Actively Exploited by Mirai Botnets

Do Son June 9, 2025

Akamai’s Security Intelligence and Response Team (SIRT) has uncovered active exploitation of CVE-2025-24016, a critical remote code...

Critical 9.6 CVSS RCE: ManageEngine Exchange Reporter Plus Vulnerability Discovered! CVE-2025-3835, Exchange Reporter Plus

Critical 9.6 CVSS RCE: ManageEngine Exchange Reporter Plus Vulnerability Discovered!

Do Son June 9, 2025

ManageEngine’s Exchange Reporter Plus, a widely-used web-based monitoring and reporting tool for Microsoft Exchange, has been found...

Critical CVSS 10.0 Flaws in B. Braun OnlineSuite Threaten Healthcare Infrastructure Medical Devices Vulnerabilities

Critical CVSS 10.0 Flaws in B. Braun OnlineSuite Threaten Healthcare Infrastructure

Do Son June 9, 2025

B. Braun Melsungen AG has issued a high-priority security advisory warning of three severe vulnerabilities affecting its...

Legacy vBulletin 4.x Patch Backfires: RCE via Signed Base64 Payloads and a Full PoC vBulletin RCE

Legacy vBulletin 4.x Patch Backfires: RCE via Signed Base64 Payloads and a Full PoC

Do Son June 7, 2025

Security researcher Egidio Romano (EgiX) uncovers a fascinating PHP Object Injection (POI) vulnerability in legacy versions of...

CVE-2025-48951: Critical Deserialization Flaw in Auth0 PHP SDK Threatens Millions of Applications Auth0 PHP SDK, Critical Vulnerability

CVE-2025-48951: Critical Deserialization Flaw in Auth0 PHP SDK Threatens Millions of Applications

Do Son June 5, 2025

A newly disclosed vulnerability in the Auth0 PHP SDK—a widely-used authentication toolkit with over 16 million downloads—poses...

Unpatched Telecom Flaws (CVSS 9.8) Enable Remote Code Execution: Critical Buffer Overflows Expose Core Infrastructure Buffer Overflow Telecom Vulnerabilities

Unpatched Telecom Flaws (CVSS 9.8) Enable Remote Code Execution: Critical Buffer Overflows Expose Core Infrastructure

Do Son June 4, 2025

Two newly disclosed vulnerabilities in popular telecommunications devices expose critical infrastructure to unauthenticated remote code execution and...

Critical 9.8 CVSS Authentication Bypass in HPE StoreOnce Software HPE StoreOnce, Authentication Bypass

Critical 9.8 CVSS Authentication Bypass in HPE StoreOnce Software

Do Son June 3, 2025

Hewlett Packard Enterprise (HPE) has issued a security bulletin detailing multiple severe vulnerabilities in its StoreOnce Software,...

FiberGateway Router Hacked: Portugal’s 1.6M Homes at Risk Router Exploit, FiberGateway

FiberGateway Router Hacked: Portugal’s 1.6M Homes at Risk

Do Son June 3, 2025

Security researcher João Domingos has published a comprehensive breakdown of a full exploit chain affecting the FiberGateway...

MediaTek’s June 2025 Security Bulletin: High-Severity Flaw & Multiple Medium Risks Uncovered MediaTek Vulnerabilities, Chipset Security

MediaTek’s June 2025 Security Bulletin: High-Severity Flaw & Multiple Medium Risks Uncovered

Do Son June 2, 2025

MediaTek, a leading global chipset manufacturer, has published its June 2025 Product Security Bulletin, disclosing one high-severity...

Critical RCE Flaw Patched in Roundcube Webmail: Update Immediately! Roundcube, RCE Vulnerability CVE-2025-49113

Critical RCE Flaw Patched in Roundcube Webmail: Update Immediately!

Do Son June 2, 2025

Roundcube Webmail, a widely-used browser-based IMAP client, has patched a critical security vulnerability, tracked as CVE-2025-49113 (CVSS...

PoC Reveals Apple Audio Zero-Day Enabling Remote Code Execution via Malicious Media Files CoreAudio Vulnerability, Apple Zero-Day

PoC Reveals Apple Audio Zero-Day Enabling Remote Code Execution via Malicious Media Files

Do Son June 2, 2025

Apple has patched a high-severity zero-day vulnerability in CoreAudio, the framework responsible for audio playback and processing...

Critical Flaws in Veritas DLO Expose Systems to Remote Code Execution Veritas DLO, Critical Vulnerabilities

Critical Flaws in Veritas DLO Expose Systems to Remote Code Execution

Do Son June 2, 2025

Veritas has issued a security advisory warning users of its Desktop Laptop Option (DLO) platform about two...

Critical RCE Flaws in MICI NetFax Server Unpatched, Vendor Refuses Fix NetFax Vulnerabilities, RCE

Critical RCE Flaws in MICI NetFax Server Unpatched, Vendor Refuses Fix

Do Son June 2, 2025

Security researchers at Rapid7 have uncovered a troubling trio of vulnerabilities in MICI Network Co., Ltd.’s NetFax...

Horizon3 Details Critical File Upload Vulnerability in Cisco IOS XE WLC (CVE-2025-20188, CVSS 10) Cisco IOS XE vulnerability Remote code execution

Cisco IOS XE vulnerability Remote code execution

Horizon3 Details Critical File Upload Vulnerability in Cisco IOS XE WLC (CVE-2025-20188, CVSS 10)

Do Son May 30, 2025

A critical vulnerability—CVE-2025-20188—has been disclosed in Cisco IOS XE Wireless LAN Controller (WLC) software, allowing unauthenticated attackers...