Vulnerability Archives • Page 28 of 45 • Daily CyberSecurity

Flaws in Weidmueller IE-SR-2TX Routers Allow Remote Root Access! Weidmueller, Critical Vulnerabilities

Flaws in Weidmueller IE-SR-2TX Routers Allow Remote Root Access!

Do Son June 12, 2025

A recent coordinated security advisory issued by CERT@VDE and Weidmueller has disclosed three critical vulnerabilities affecting the...

IGEL OS 10 Flaw (CVE-2025-47827): Full Secure Boot Bypass Allows Untrusted Kernel & Rootkits, PoC Available IGEL OS, Secure Boot Bypass

IGEL OS 10 Flaw (CVE-2025-47827): Full Secure Boot Bypass Allows Untrusted Kernel & Rootkits, PoC Available

Do Son June 12, 2025

Researcher Zack Didcott has disclosed a critical vulnerability affecting IGEL OS 10. Tracked as CVE-2025-47827, the flaw...

Urgent Siemens Energy Alert: Critical Flaw (CVSS 9.9) in Private 5G Core Exposes Sensitive Data! Siemens Energy, Critical Vulnerability CVE-2025-40585

Siemens Energy, Critical Vulnerability CVE-2025-40585

Urgent Siemens Energy Alert: Critical Flaw (CVSS 9.9) in Private 5G Core Exposes Sensitive Data!

Do Son June 12, 2025

Siemens has issued a critical security advisory regarding its Energy Services platform—formerly known as Managed Applications and...

Critical RCE Flaw (CVSS 9.8) in QNX SDP Exposes Automotive & IoT Systems to Attack! QNX Vulnerability, Remote Code Execution CVE-2025-2474

Critical RCE Flaw (CVSS 9.8) in QNX SDP Exposes Automotive & IoT Systems to Attack!

Do Son June 12, 2025

The QNX Software Development Platform (SDP)—a foundation of many embedded and real-time systems—has been found vulnerable to...

TPM 2.0 Flaw (CVE-2025-2884) Exposes Sensitive Data & Disrupts Trusted Computing! TPM 2.0, Security Vulnerability

TPM 2.0 Flaw (CVE-2025-2884) Exposes Sensitive Data & Disrupts Trusted Computing!

Do Son June 12, 2025

A vulnerability in the Trusted Platform Module (TPM) 2.0 reference implementation has been disclosed, potentially allowing attackers...

HPE Aruba Networking Patches Sensitive Data Exposure Vulnerability in Private 5G Core Platform HPE Aruba, 5G Security

HPE Aruba Networking Patches Sensitive Data Exposure Vulnerability in Private 5G Core Platform

Do Son June 11, 2025

HPE Aruba Networking has released a security update addressing a high-severity vulnerability in its Private 5G Core...

Critical Apache CloudStack Flaws Expose Kubernetes & Admin Accounts! CVE-2024-50386 Apache CloudStack, Critical Vulnerabilities

Critical Apache CloudStack Flaws Expose Kubernetes & Admin Accounts!

Do Son June 11, 2025

The Apache CloudStack project has released new Long-Term Support (LTS) versions—4.19.3.0 and 4.20.1.0—to address five security vulnerabilities,...

Critical Command Injection Flaw in KDE Konsole Exposes Users to Arbitrary Code Execution Konsole Vulnerability, Linux Security

Critical Command Injection Flaw in KDE Konsole Exposes Users to Arbitrary Code Execution

Do Son June 11, 2025

A newly disclosed critical vulnerability in Konsole, KDE’s popular terminal emulator, has raised serious concerns for Linux...

High-Severity Flaw in Kibana: Unauthorized Access Possible in Synthetic Monitoring! Kibana Vulnerability, Elastic Security

High-Severity Flaw in Kibana: Unauthorized Access Possible in Synthetic Monitoring!

Do Son June 11, 2025

Elastic has disclosed a high-severity vulnerability (CVE-2024-43706) affecting its Kibana observability platform, specifically in the Synthetic Monitoring...

Ivanti Patches High-Severity Credential Decryption Flaws in Workspace Control Ivanti Workspace Control

Ivanti Patches High-Severity Credential Decryption Flaws in Workspace Control

Do Son June 11, 2025

Ivanti has released critical security updates addressing three high-severity vulnerabilities in Ivanti Workspace Control (IWC)—a widely-used tool...

Insyde UEFI Flaw (CVE-2025-4275): Secure Boot Bypass Allows Rootkits & Undetectable Malware Insyde UEFI, Secure Boot Bypass CVE-2025-4275

Insyde UEFI Flaw (CVE-2025-4275): Secure Boot Bypass Allows Rootkits & Undetectable Malware

Do Son June 11, 2025

A newly disclosed vulnerability in Insyde H2O UEFI firmware, tracked as CVE-2025-4275, allows attackers to bypass Secure...

Chrome Update Alert: Two High-Severity Flaws Patched – Update Now to Stay Safe! Chrome Security

Chrome Update Alert: Two High-Severity Flaws Patched – Update Now to Stay Safe!

Do Son June 11, 2025

Google has released a Stable Channel update for Chrome Desktop, rolling out version 137.0.7151.103/.104 for Windows and...

CVSS 9.8: Backend.AI Critical Flaw Allows Account Takeover via PoC, No Patch Available Backend.AI Vulnerability

CVSS 9.8: Backend.AI Critical Flaw Allows Account Takeover via PoC, No Patch Available

Do Son June 11, 2025

Security researchers at HiddenLayer have disclosed a critical privilege escalation vulnerability in Backend.AI, a widely used container-based...

CoreDNS DoS Flaw: Unauthenticated Attackers Can Crash Servers via DNS-over-QUIC CoreDNS Vulnerability, DoS Attack

CoreDNS DoS Flaw: Unauthenticated Attackers Can Crash Servers via DNS-over-QUIC

Do Son June 11, 2025

A critical denial-of-service (DoS) vulnerability has been identified in CoreDNS, the modular DNS server widely deployed across...

UEFI Secure Boot Bypass: Critical Flaw (CVE-2025-3052) Exposes Millions of Devices! vulnerable UEFI shim bootloaders, Secure Boot bypass UEFI Secure Boot, Critical Vulnerability CVE-2025-3052

vulnerable UEFI shim bootloaders, Secure Boot bypass UEFI Secure Boot, Critical Vulnerability CVE-2025-3052

UEFI Secure Boot Bypass: Critical Flaw (CVE-2025-3052) Exposes Millions of Devices!

Do Son June 10, 2025

A new high-severity vulnerability discovered by BINARLY REsearch has reignited concerns about the integrity of the UEFI...

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched! Patch Tuesday, Microsoft Security

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched!

Do Son June 10, 2025

Microsoft’s June 2025 Patch Tuesday rollout has addressed a substantial 69 vulnerabilities, including 10 critical and 57...

CVSS 9.9: Critical XXE Flaw in GeoTools Exposes Geospatial Data Systems XXE Vulnerability

CVSS 9.9: Critical XXE Flaw in GeoTools Exposes Geospatial Data Systems

Do Son June 10, 2025

The GeoTools project, a popular open-source Java library used for geospatial data processing, has issued a critical...

CVE-2025-4601: Flaw Exposes 33,000+ RealHomes WordPress Sites to Admin Takeover WordPress Vulnerability

CVE-2025-4601: Flaw Exposes 33,000+ RealHomes WordPress Sites to Admin Takeover

Do Son June 10, 2025

A critical Privilege Escalation vulnerability has been disclosed in the RealHomes WordPress theme, a popular real estate...

CISA Flags Active Exploits in Erlang/OTP SSH and Roundcube Webmail: Critical RCE and XSS Flaws Under Attack CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953