Vulnerability Archives • Cybersecurity News

CVE-2025-0411: 7-Zip Security Vulnerability Enables Code Execution – Update Now

do son January 20, 2025

Popular file archiver, 7-Zip, contained a flaw that could have allowed attackers to slip malware past Windows’...

TP-Link Vulnerability: PoC Exploit for CVE-2024-54887 Reveals Remote Code Execution Risks CVE-2024-54887 PoC exploit

TP-Link Vulnerability: PoC Exploit for CVE-2024-54887 Reveals Remote Code Execution Risks

do son January 20, 2025

Security researcher Joward has published an in-depth analysis and Proof of Concept (PoC) exploit for a critical...

CVE-2025-22146 (CVSS 9.1): Critical Sentry Vulnerability Allowed Account Takeovers

do son January 20, 2025

A recently patched vulnerability in popular error tracking and performance monitoring platform Sentry could have allowed attackers...

IBM Sterling Secure Proxy Faces Multiple Critical Vulnerabilities: A Call for Immediate Action CVE-2024-41783 & CVE-2024-38337

IBM Sterling Secure Proxy Faces Multiple Critical Vulnerabilities: A Call for Immediate Action

do son January 20, 2025

IBM has disclosed multiple critical vulnerabilities affecting its Sterling Secure Proxy (SSP), a critical solution for secure...

OWASP Unveils Top 10 Smart Contract Vulnerabilities for 2025

do son January 20, 2025

The Open Web Application Security Project (OWASP) has released its updated list of the top 10 vulnerabilities...

Oracle’s January 2025 Critical Patch Update: Addressing 320 Security Vulnerabilities Oracle Critical Patch Update 2025

Oracle’s January 2025 Critical Patch Update: Addressing 320 Security Vulnerabilities

do son January 20, 2025

Oracle has released its Critical Patch Update Pre-Release Announcement for January 2025, providing advance notice of the...

ChatGPT Crawler Vulnerability: DDoS Attacks via HTTP Requests

do son January 20, 2025

The behavior of ChatGPT’s web crawler can be exploited through a discovered vulnerability: under specific query conditions,...

Zero-Day Vulnerability in Windows Exploited: CVE-2024-49138 PoC Code Released

do son January 19, 2025

Security researcher MrAle_98 recently published a proof-of-concept (PoC) exploit for a zero-day vulnerability, CVE-2024-49138. This flaw, which...

CVE-2025-2306 (CVSS 9.0): Mongoose Flaw Leaves Millions of Downloads Exposed to Search Injection

do son January 19, 2025

A newly discovered vulnerability in Mongoose, a popular MongoDB object modeling tool, could leave millions of users...

Critical Vulnerabilities in QNX Software Development Platform Image Codecs Expose Systems to Attacks

do son January 19, 2025

BlackBerry’s QNX Software Development Platform (SDP), a widely used real-time operating system in safety-critical industries, is the...

CVE-2024-12297 (CVSS 9.2): Critical Authorization Vulnerability in Moxa EDS-508A Series CVE-2024-9137 and CVE-2024-9139 - CVE-2024-12297

CVE-2024-12297 (CVSS 9.2): Critical Authorization Vulnerability in Moxa EDS-508A Series

do son January 18, 2025

Moxa has issued a security advisory detailing CVE-2024-12297 (CVSS 9.2), a critical vulnerability in its EDS-508A Series...

CL-UNK-0979 Exploit Zero-Day Flaw in Ivanti Connect Secure to Gain Access to Networks CVE-2024-50623 - European Space Agency cyberattack

CL-UNK-0979 Exploit Zero-Day Flaw in Ivanti Connect Secure to Gain Access to Networks

do son January 18, 2025

Palo Alto Networks has issued a detailed threat briefing on two critical vulnerabilities in Ivanti products—CVE-2025-0282 and...

CVE-2025-0107: PoC Exploit Code Released for Palo Alto Expedition RCE Flaw

do son January 17, 2025

Security researchers published the technical details and a proof-of-concept (PoC) exploit code for CVE-2025-0107, a vulnerability in...

CVE-2024-53691: PoC Exploit Released for Severe QNAP RCE Flaw CVE-2024-53691 PoC exploit

CVE-2024-53691: PoC Exploit Released for Severe QNAP RCE Flaw

do son January 16, 2025

Security researcher c411e published a proof-of-concept (PoC) exploit code for a severe vulnerability in QNAP NAS devices,...

Yubico Addresses Authentication Bypass Vulnerability CVE-2025-23013 in pam-u2f Package

do son January 16, 2025

Yubico, a leading provider of security keys and authentication solutions, has issued a security advisory to address...