Vulnerability Archives • Page 38 of 45 • Daily CyberSecurity

Microsoft to Disable ActiveX Controls in Office 365 and 2024 Microsoft Patch Tuesday CVE-2026-20805 RasMan Crash Flaw, 0patch Micropatch ASP.NET Core, HTTP smuggling Windows kernel Rust ActiveX, Microsoft 365

Microsoft Patch Tuesday CVE-2026-20805 RasMan Crash Flaw, 0patch Micropatch ASP.NET Core, HTTP smuggling Windows kernel Rust ActiveX, Microsoft 365

Microsoft to Disable ActiveX Controls in Office 365 and 2024

Do Son April 17, 2025

According to a product announcement released by Microsoft, the company plans to begin disabling all ActiveX controls...

CISA Alert: Actively Exploited SonicWall SMA100 Vulnerability SonicWall vulnerability, CVE-2021-20035 Vulnerability Exploitation

CISA Alert: Actively Exploited SonicWall SMA100 Vulnerability

Do Son April 17, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert, adding CVE-2021-20035 to its Known...

CVE Foundation Launched to Secure Vulnerability Tracking CVE Foundation, CVE Program

CVE Foundation Launched to Secure Vulnerability Tracking

Do Son April 16, 2025

In a major shift for the cybersecurity world, the CVE Foundation has officially been launched to ensure...

Oracle April 2025 CPU: 378 Security Patches Released Oracle CPU Oracle Patch Update

Oracle April 2025 CPU: 378 Security Patches Released

Do Son April 16, 2025

On April 15, 2025, Oracle released its latest Critical Patch Update (CPU), delivering a sweeping set of...

Chrome 148 lazy loading Chrome for Linux ARM64 Chrome 145 Update Chrome Security Fixes Chrome Security Update CVE-2026-1220 Chrome 144 Security Update CVE-2026-0899 Chrome Memory Safety, WebGPU UAF Chrome V8 Type Confusion, Google Updater Flaw Chrome V8 Flaw, CVE-2025-13042 Chrome V8, Type Confusion, Chrome 142 Update Chrome V8 Flaw, CVE-2025-12036 Chrome 141, WebGPU Overflow Google Chrome preloading Chrome, V8 vulnerability CVE-2025-9132 Chrome Security Update, Use-After-Free Chrome V8, Type Confusion Chrome Telemetry, Windows 10 EOL Microsoft Family Safety, Chrome Blocking Chrome Security Update, High-Severity Google Chrome, Antitrust CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

Critical Chrome Security Update: Patch CVE-2025-3619 & CVE-2025-3620 Now!

Do Son April 16, 2025

Google has released a critical security update for its Chrome browser, pushing version 135.0.7049.95/.96 to the Stable...

Windows 11 Privilege Escalation Flaws Uncovered: CVE-2025-24076 and CVE-2025-24994 DLL Hijacking, CVE-2025-24076

Windows 11 Privilege Escalation Flaws Uncovered: CVE-2025-24076 and CVE-2025-24994

Do Son April 16, 2025

In a revealing security analysis, Compass Security researcher John Ostrowski has disclosed two privilege escalation vulnerabilities in...

Critical RCE Vulnerability Affects HylaFAX and AvantFAX CVE-2024-52335 HylaFAX, AvantFAX vulnerability

Critical RCE Vulnerability Affects HylaFAX and AvantFAX

Do Son April 16, 2025

A recent security advisory from iFAX Solutions has revealed a critical vulnerability affecting the HylaFAX Enterprise Web...

Google Ends Security Updates for Android 12 CVE-2023-21085 Android 12 Security Updates

Google Ends Security Updates for Android 12

Do Son April 15, 2025

In 2021, Google introduced Android 12, a version that once held a market share of approximately 12.43%...

PyPI Swiftly Patches Privilege Escalation Flaw in Organizations Feature Project Quarantine PyPI Security Privilege Escalation

PyPI Swiftly Patches Privilege Escalation Flaw in Organizations Feature

Do Son April 15, 2025

On April 14, 2025, the Python Package Index (PyPI) team swiftly addressed a security concern involving persisting...

CrushFTP Hit by SSRF and Directory Traversal Vulnerabilities (CVE-2025-32102 & CVE-2025-32103) CVE-2024-53552 CrushFTP vulnerability, SSRF

CrushFTP Hit by SSRF and Directory Traversal Vulnerabilities (CVE-2025-32102 & CVE-2025-32103)

Do Son April 15, 2025

CrushFTP, a popular file transfer server, is facing increased scrutiny following the discovery of two significant security...

CVE-2025-24859 (CVSSv4 10): Apache Roller Flaw Exposes Blogs to Unauthorized Access Apache Roller vulnerability CVE-2025-24859

CVE-2025-24859 (CVSSv4 10): Apache Roller Flaw Exposes Blogs to Unauthorized Access

Do Son April 15, 2025

A security vulnerability has been identified in Apache Roller, a Java-based blog server, that could allow unauthorized...

China-Nexus APT Exploits Ivanti Connect Secure VPN in Global Cyber Espionage Campaign BeyondTrust Vulnerability CVE-2026-1731 UPBIT $369M Hack CVE-2024-55591 Ivanti VPN vulnerability, cyber espionage

BeyondTrust Vulnerability CVE-2026-1731 UPBIT $369M Hack CVE-2024-55591 Ivanti VPN vulnerability, cyber espionage

China-Nexus APT Exploits Ivanti Connect Secure VPN in Global Cyber Espionage Campaign

Do Son April 15, 2025

A recent report by TeamT5 has uncovered a widespread cyber espionage campaign targeting Ivanti Connect Secure VPN...

CVE-2025-27840: How a Tiny ESP32 Chip Could Crack Open Bitcoin Wallets Worldwide ESP32 vulnerability Bitcoin security

CVE-2025-27840: How a Tiny ESP32 Chip Could Crack Open Bitcoin Wallets Worldwide

Do Son April 14, 2025

In a jaw-dropping revelation, researchers at Crypto Deep Tech have exposed a severe cryptographic vulnerability in the...

Urgent: Yii 2 Vulnerability CVE-2024-58136 Under Active Exploit

Do Son April 14, 2025

A critical security vulnerability, tracked as CVE-2024-58136 (CVSS 9.1), has been uncovered in the popular PHP web...

CVE-2024-56406: Heap Overflow Vulnerability in Perl Threatens Denial of Service and Potential Code Execution CVE-2024-56406 Perl Vulnerability

CVE-2024-56406: Heap Overflow Vulnerability in Perl Threatens Denial of Service and Potential Code Execution

Do Son April 13, 2025

Perl, a versatile programming language widely used for various tasks like system administration and web development, has...

CVE-2024-0132: Incomplete NVIDIA Toolkit Patch Enables Container Escape and DoS Attacks NVIDIA DGX Cloud restructuring, Dwight Diercks engineering shift NVIDIA Isaac Launchable, Hard-coded Credentials NVIDIA Merlin Deserialization, AI Pipeline RCE Triton DoS Flaws, AI Inference Server Security NVIDIA AI programming AI Chips China 800VDC Data Center, AI Power Architecture CVE-2024-0114 NVIDIA Container Toolkit vulnerability Container escape

NVIDIA DGX Cloud restructuring, Dwight Diercks engineering shift NVIDIA Isaac Launchable, Hard-coded Credentials NVIDIA Merlin Deserialization, AI Pipeline RCE Triton DoS Flaws, AI Inference Server Security NVIDIA AI programming AI Chips China 800VDC Data Center, AI Power Architecture CVE-2024-0114 NVIDIA Container Toolkit vulnerability Container escape

CVE-2024-0132: Incomplete NVIDIA Toolkit Patch Enables Container Escape and DoS Attacks

Do Son April 13, 2025

A recent report by Trend Research has uncovered that NVIDIA’s September 2024 security update for a critical...

Critical Vulnerability in Everest Forms Plugin Threatens WordPress Sites Everest Forms Vulnerability WordPress Plugin Security

Critical Vulnerability in Everest Forms Plugin Threatens WordPress Sites

Do Son April 12, 2025

A critical security vulnerability has been discovered in the Everest Forms WordPress plugin, putting over 100,000 websites...

InstaWP Connect Plugin Exposes WordPress Sites to Critical File Inclusion Vulnerability InstaWP Connect Vulnerability WordPress Plugin Security

InstaWP Connect Vulnerability WordPress Plugin Security

InstaWP Connect Plugin Exposes WordPress Sites to Critical File Inclusion Vulnerability

Do Son April 11, 2025

A severe security vulnerability has been identified in the InstaWP Connect WordPress plugin, posing a significant risk...

Jenkins Docker Images Vulnerable to SSH Host Key Reuse Jenkins - CVE-2024-43044 Jenkins vulnerability SSH host key reuse

Jenkins Docker Images Vulnerable to SSH Host Key Reuse

Do Son April 11, 2025

In the ever-evolving world of DevOps automation, Jenkins is a cornerstone tool powering countless build pipelines across...

Joomla Security Alert: Critical SQL Injection & MFA Bypass Vulnerabilities Uncovered Joomla Vulnerability SQL Injection

Joomla Security Alert: Critical SQL Injection & MFA Bypass Vulnerabilities Uncovered

Do Son April 11, 2025

The Joomla Project has issued two security announcements addressing two significant vulnerabilities affecting its CMS and database...

Critical Alert 1 Active Exploit Detected Today