Advanced Search
Search Results
491 total results found
Proof-of-Concept Exploit Released for Vulnerability CVE-2024-49113 in Microsoft Windows LDAP
Security researchers have published a PoC for DoS vulnerability CVE-2024-49113 and additional information on their attempts to exploit RCE vulnerability CVE-2024-49112
Proof-of-Concept Exploit Released for CVE-2024-40725 in Apache HTTP Server
CVE-2024-40725 could lead to source code disclosure of local scripts running on the server
Multiple Vulnerabilities in Redis
Security updates fix two vulnerabilities that could lead to RCE and denial-of-service
Multiple Vulnerabilities in SonicOS
SonicWall releases security update to address four vulnerabilities in SonicOS
Active Exploitation of Zero-Day Vulnerability in Ivanti Connect Secure, Policy Secure, and Neurons for ZTA Gateways
CVE-2025-0282 could allow an unauthenticated attacker to achieve RCE and is under active exploitation. Patches also fix CVE-2025-0283 which could be exploited to allow a local attacker to escalate their privileges.
SAP Releases January 2025 Updates
Updates address two critical vulnerabilities which could lead to information disclosure or privilege escalation, and fourteen others affecting multiple products
Active Exploitation of Zero-Day Vulnerability CVE-2024-55591 in FortiOS and FortiProxy
CVE-2024-55591 could allow an unauthenticated remote attacker to gain super-admin privileges
Fortinet Releases Security Advisory for FortiSwitch
Exploitation of critical vulnerability CVE-2023-37936 could allow an unauthenticated attacker to perform RCE
Ivanti Releases January 2025 Updates for EPM
Updates address 4 critical and 12 high severity vulnerabilities
Microsoft Releases January 2025 Security Updates
Scheduled updates for Microsoft products, including security updates for 159 vulnerabilities, with three reported as actively exploited
Proof-of-Concept Exploit Released for CVE-2024-53691 in QNAP QTS and QuTS NAS
Security researchers claim CVE-2024-53691 could lead to RCE
Exploitation of Critical Vulnerability CVE-2025-23006 in SonicWall SMA1000 Series Appliances
Exploitation could lead to execution of arbitrary OS commands in SonicWall SMA1000 Series Appliances
Active Exploitation Reported for CVE-2025-0411 in 7-Zip
Observed exploitation has involved targeted spear-phishing campaigns, using homoglyph attacks to spoof document extensions to lure users
Apple Releases Security Updates for Multiple Products
Security updates include remediation for an exploited zero-day privilege escalation vulnerability affecting iOS, iPadOS, and macOS
Potential Backdoor Embedded in Contec Health CMS8000 Patient Monitor Firmware
CISA has found evidence of Contec CMS8000 and re-labelled Epsimed MN-120 devices beaconing to a public IP address
TeamViewer Releases Security Updates for Privilege Escalation Vulnerability
A vulnerability has been discovered in the TeamViewer Clients for Windows
Cisco Releases Security Advisories for Multiple Products
Nine security advisories address multiple vulnerabilities, including one critical and two high severity advisories
MicroDicom Releases DICOM Viewer Software Update
A privileged attacker could exploit CVE-2025-1002 to alter network traffic and perform a machine-in-the-middle attack
Proof-of-Concept Exploit for AnyDesk Vulnerability (CVE-2024-12754)
Exploitation of this vulnerability could allow an attacker to read arbitrary files, including stored credentials
Microsoft Releases February 2025 Security Updates
Scheduled updates for Microsoft products, including security updates for 63 vulnerabilities, of which two are reported as exploited