Remote Code Execution Archives • Daily CyberSecurity

Ivanti EPMM Flaws Exploited in the Wild: Chained RCE and Auth Bypass Threaten Mobile Device Management UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Ivanti EPMM Flaws Exploited in the Wild: Chained RCE and Auth Bypass Threaten Mobile Device Management

Ddos May 13, 2025

Ivanti has released a security updates addressing two vulnerabilities in Endpoint Manager Mobile (EPMM)—CVE-2025-4427 and CVE-2025-4428—that, when...

Fortinet CVE-2025-32756 Exploited in the Wild: Critical RCE Flaw Hits FortiVoice and More

Ddos May 13, 2025

Fortinet has disclosed a critical stack-based buffer overflow vulnerability, tracked as CVE-2025-32756, affecting a wide range of...

From Web Shell to Full Control: APT-Style Exploits Surge Against SAP NetWeaver

Ddos May 11, 2025

In a report issued by Unit 42, researchers disclosed that the vulnerability CVE-2025-31324, affecting SAP NetWeaver’s Visual...

CVE-2025-24977: Critical RCE Flaw in OpenCTI Platform Exposes Infrastructure to Root-Level Attacks

Ddos May 7, 2025

A critical security vulnerability has been identified in the OpenCTI Platform, an open-source solution used by organizations...

Android Security Bulletin CVE-2025-27363

Android Security Bulletin May 2025: Multi Vulnerabilities Including Actively Exploited CVE-2025-27363

Ddos May 5, 2025

Google has released its Android Security Bulletin for May 2025, highlighting a range of high-severity vulnerabilities affecting...

Langflow Under Attack: CISA Warns of Active Exploitation of CVE-2025-3248 CVE-2025-3248 Langflow Vulnerability Remote Code Execution

Langflow Under Attack: CISA Warns of Active Exploitation of CVE-2025-3248

Ddos May 5, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2025-3248 to its Known Exploited Vulnerabilities...

CVE-2024-7399: Samsung MagicINFO Vulnerability Now Actively Exploited in the Wild Samsung MagicINFO, remote code execution

CVE-2024-7399: Samsung MagicINFO Vulnerability Now Actively Exploited in the Wild

Ddos May 5, 2025

A critical security vulnerability, CVE-2024-7399, is being actively exploited in the wild in Samsung MagicINFO 9 Server,...

CVE-2025-46762: Apache Parquet Java Flaw Allows Potential RCE via Avro Schema CVE-2025-30065 Apache Parquet, CVE-2025-46762

CVE-2025-46762: Apache Parquet Java Flaw Allows Potential RCE via Avro Schema

Ddos May 5, 2025

A critical security flaw has been identified in Apache Parquet Java, a popular open-source columnar storage format...

CVE-2024-10442 (CVSS 10): Zero-Click RCE in Synology DiskStation, PoC Publishes Synology vulnerability CVE-2024-10442 PoC

CVE-2024-10442 (CVSS 10): Zero-Click RCE in Synology DiskStation, PoC Publishes

Ddos May 1, 2025

A critical remote code execution (RCE) vulnerability has been disclosed in Synology’s DiskStation DS1823xs+, a popular NAS...

CVE-2025-32444 (CVSS 10): Critical RCE Flaw in vLLM’s Mooncake Integration Exposes AI Infrastructure CVE-2025-29783 CVE-2025-32444 vLLM vulnerability

CVE-2025-29783 CVE-2025-32444 vLLM vulnerability

CVE-2025-32444 (CVSS 10): Critical RCE Flaw in vLLM’s Mooncake Integration Exposes AI Infrastructure

Ddos May 1, 2025

A critical security vulnerability has been disclosed in vLLM, a popular open-source library used for high-performance inference...

CISA Adds SAP NetWeaver Zero-Day CVE-2025-31324 to KEV Database SAP NetWeaver, CVE-2025-31324

CISA Adds SAP NetWeaver Zero-Day CVE-2025-31324 to KEV Database

Ddos April 30, 2025

A critical security vulnerability in SAP NetWeaver is under active exploitation, posing a significant threat to organizations...

Quantum Issues Critical Patch for StorNext GUI RCE Vulnerabilities (CVE-2025-46616, CVE-2025-46617) StorNext Vulnerabilities, Remote Code Execution

StorNext Vulnerabilities, Remote Code Execution

Quantum Issues Critical Patch for StorNext GUI RCE Vulnerabilities (CVE-2025-46616, CVE-2025-46617)

Ddos April 29, 2025

Quantum has issued a critical security advisory warning users of two high-severity vulnerabilities in the StorNext GUI...

Critical Vulnerabilities in Quick Agent Software Expose Ricoh MFPs to Remote Attacks Quick Agent Vulnerability, Ricoh MFP Security

Critical Vulnerabilities in Quick Agent Software Expose Ricoh MFPs to Remote Attacks

Ddos April 29, 2025

The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has issued an alert regarding multiple critical vulnerabilities...

ConnectWise Patches Critical ViewState RCE Vulnerability in ScreenConnect ScreenConnect vulnerability ViewState RCE

ConnectWise Patches Critical ViewState RCE Vulnerability in ScreenConnect

Ddos April 26, 2025

ConnectWise has issued an important security bulletin addressing a critical code injection vulnerability in ScreenConnect versions 25.2.3...

CVE-2025-32432 (CVSS 10): Craft CMS Hit by Critical RCE Flaw Exploited in the Wild CVE-2023-41892 Craft CMS CVE-2025-32432

CVE-2025-32432 (CVSS 10): Craft CMS Hit by Critical RCE Flaw Exploited in the Wild

Ddos April 25, 2025

Craft CMS, a widely used content management system for developers and agencies, has disclosed a critical vulnerability...