Vulnerability Archives • Page 36 of 45 • Daily CyberSecurity

Critical AWS Amplify Studio Flaw Allows Code Execution – Update Now! AWS Amplify, security vulnerability

Critical AWS Amplify Studio Flaw Allows Code Execution – Update Now!

Do Son May 7, 2025

A critical-severity security flaw has been identified in AWS Amplify Studio, specifically within the amplify-codegen-ui package. This...

CVE-2025-2605 (CVSS 9.9): Critical Vulnerability Found in Honeywell MB-Secure Alarm Panels Honeywell, command injection

CVE-2025-2605 (CVSS 9.9): Critical Vulnerability Found in Honeywell MB-Secure Alarm Panels

Do Son May 6, 2025

Honeywell has issued an urgent security notice (SN 2025-05-01-01) disclosing a critical vulnerability in its MB-Secure and...

Digigram PYKO-OUT AoIP Devices Exposed to Attacks Due to Missing Default Password Digigram, default password vulnerability

Digigram PYKO-OUT AoIP Devices Exposed to Attacks Due to Missing Default Password

Do Son May 6, 2025

A security vulnerability has been identified in Digigram’s PYKO-OUT audio-over-IP (AoIP) product, raising concerns about its use...

Critical IBM Cognos Analytics Vulnerabilities Demand Urgent Patching Cognos Analytics, IBM vulnerabilities

Critical IBM Cognos Analytics Vulnerabilities Demand Urgent Patching

Do Son May 6, 2025

IBM has released security updates to address two critical vulnerabilities affecting its flagship business intelligence platform, IBM...

Android Security Bulletin May 2025: Multi Vulnerabilities Including Actively Exploited CVE-2025-27363 Android Security Bulletin CVE-2025-27363

Android Security Bulletin CVE-2025-27363

Android Security Bulletin May 2025: Multi Vulnerabilities Including Actively Exploited CVE-2025-27363

Do Son May 5, 2025

Google has released its Android Security Bulletin for May 2025, highlighting a range of high-severity vulnerabilities affecting...

BeyondTrust PRA Vulnerability (CVE-2025-0217) Enables Session Hijacking via Authentication Bypass BeyondTrust, authentication bypass

BeyondTrust PRA Vulnerability (CVE-2025-0217) Enables Session Hijacking via Authentication Bypass

Do Son May 5, 2025

A significant security vulnerability has been identified in BeyondTrust’s Privileged Remote Access (PRA) solution, posing a risk...

CVE-2025-2774: Webmin Vulnerability Allows Root-Level Privilege Escalation CVE-2024-12828 CVE-2025-2774 Webmin vulnerability

CVE-2025-2774: Webmin Vulnerability Allows Root-Level Privilege Escalation

Do Son May 4, 2025

Webmin, a popular web-based system administration tool used to manage Unix-like servers and various services with approximately...

Critical UAF Vulnerability Discovered in Ladybird Browser Engine (CVE-2025-47154) Ladybird, use-after-free

Critical UAF Vulnerability Discovered in Ladybird Browser Engine (CVE-2025-47154)

Do Son May 2, 2025

The Ladybird browser engine, a relatively new entrant originating from the SerenityOS project, has been found to...

CVE-2025-46619: LFI Vulnerability Affects Multiple Versions of Couchbase Server for Windows Couchbase Server, Local File Inclusion

CVE-2025-46619: LFI Vulnerability Affects Multiple Versions of Couchbase Server for Windows

Do Son May 2, 2025

Couchbase Server, a widely-used NoSQL document database engineered for high-performance, interactive applications, disclosed a serious security flaw....

Chrome Update Fixes High-Severity Security Flaw (CVE-2025-4096) Chrome 136, Security Update

Chrome Update Fixes High-Severity Security Flaw (CVE-2025-4096)

Do Son April 30, 2025

The Chrome team has just rolled out its latest stable channel update (version 136) for Windows, Mac,...

High-Severity DoS Vulnerability Found in PowerDNS DNSdist (CVE-2025-30194) DNSdist vulnerability, CVE-2025-30194

High-Severity DoS Vulnerability Found in PowerDNS DNSdist (CVE-2025-30194)

Do Son April 30, 2025

The PowerDNS team has issued a high-severity security advisory—CVE-2025-30194—regarding a newly discovered denial-of-service (DoS) vulnerability in DNSdist,...

CVE-2025-3200: Wiesemann & Theis Com-Server Devices Exposed by Deprecated TLS Protocols CVE-2025-3200, Wiesemann & Theis Vulnerability

CVE-2025-3200: Wiesemann & Theis Com-Server Devices Exposed by Deprecated TLS Protocols

Do Son April 29, 2025

A coordinated security advisory from CERT@VDE and Wiesemann & Theis GmbH has revealed critical vulnerabilities impacting several...

CISA Warns of Critical Vulnerabilities in Planet Technology Products Planet Technology vulnerabilities, CISA advisory

CISA Warns of Critical Vulnerabilities in Planet Technology Products

Do Son April 28, 2025

CISA has issued a new security advisory highlighting critical vulnerabilities impacting several Planet Technology products, including UNI-NMS-Lite,...

Multiple Vulnerabilities in NETSCOUT nGeniusONE Threaten Infrastructure Visibility Platforms nGeniusONE, Vulnerability

Multiple Vulnerabilities in NETSCOUT nGeniusONE Threaten Infrastructure Visibility Platforms

Do Son April 28, 2025

NETSCOUT has issued a advisory addressing a series of security vulnerabilities in its flagship infrastructure monitoring platform,...

ConnectWise Patches Critical ViewState RCE Vulnerability in ScreenConnect ScreenConnect vulnerability ViewState RCE

ConnectWise Patches Critical ViewState RCE Vulnerability in ScreenConnect

Do Son April 26, 2025

ConnectWise has issued an important security bulletin addressing a critical code injection vulnerability in ScreenConnect versions 25.2.3...

Critical AMI BMC Vulnerability: Patch Your ASUS Workstation Now ASUS CVE-2025-13348 File Shredder Removal ASUS LPE Flaw CVE-2025-59373 ASUS Armoury Crate vulnerability Asus CVE Numbering Authority - CVE-2024-12912 and CVE-2024-13062 AMI BMC vulnerability, CVE-2024-54085

Critical AMI BMC Vulnerability: Patch Your ASUS Workstation Now

Do Son April 25, 2025

Veteran PC users are likely familiar with encountering messages from American Megatrends International (AMI) during system startup....

Microsoft’s Patch for Symlink Exploit Introduces New Windows Update DoS Flaw inetpub vulnerability, Windows Update

Microsoft’s Patch for Symlink Exploit Introduces New Windows Update DoS Flaw

Do Son April 25, 2025

Previously, in an effort to patch security vulnerability (CVE-2025–21204) within the Windows operating system, Microsoft began creating...

CVE-2024-2787: Apple Archive Flaw Enables Arbitrary File Write and Gatekeeper Bypass, PoC Releases CVE-2024-27876, Apple Archive Gatekeeper bypass

CVE-2024-27876, Apple Archive Gatekeeper bypass

CVE-2024-2787: Apple Archive Flaw Enables Arbitrary File Write and Gatekeeper Bypass, PoC Releases

Do Son April 25, 2025

A newly disclosed vulnerability in Apple’s proprietary libAppleArchive library, tracked as CVE-2024-27876, enables attackers to achieve arbitrary...

Redis Vulnerability Exposes Servers to Denial-of-Service Attacks Redis vulnerability, CVE-2025-21605

Redis Vulnerability Exposes Servers to Denial-of-Service Attacks

Do Son April 24, 2025

A high-severity vulnerability has been discovered in Redis, the popular open-source in-memory data structure store, which could...

GitLab Releases Security Update to Patch XSS and Account Takeover Flaws GitLab security, GitLab vulnerability

GitLab Releases Security Update to Patch XSS and Account Takeover Flaws

Do Son April 24, 2025

GitLab has issued a security advisory urging users to upgrade their self-managed GitLab installations immediately. The advisory...

Critical Alert 1 Active Exploit Detected Today