More results...
A vulnerability in AMD CPUs has been uncovered, enabling attackers with administrative privileges to bypass microcode signature verification and execute malicious code. Designated as CVE-2024-36347 (CVSS score: 6.4, Medium), the flaw impacts multiple g…
A critical unauthenticated Remote Code Execution (RCE) vulnerability, CVE-2025-22457, has been disclosed by Ivanti, sparking concerns across the cybersecurity industry. The flaw, which affects several Ivanti products, allows attackers to execute arbitr…
A newly disclosed vulnerability affecting Jenkins Docker images has raised serious concerns about network security. The vulnerability, stemming from the reuse of SSH host keys, could allow attackers to impersonate Jenkins build agents and hijack sensit…
Dell Technologies has issued an urgent security advisory to its users, warning of several critical vulnerabilities in its PowerScale OneFS operating system. These flaws, if exploited, could allow attackers to take over high-privileged user accounts, by…
SonicWall has issued a critical alert concerning multiple vulnerabilities discovered in its NetExtender Windows client. These vulnerabilities, identified via several Common Vulnerabilities and Exposures (CVEs), could allow malicious actors to exploit p…
A critical security vulnerability has been discovered in the Langflow AI Builder, a popular tool for creating agentic AI workflows. The flaw, tracked as CVE-2025-3248, enables unauthenticated remote attackers to compromise servers running Langflow, pot…
A critical vulnerability has been discovered in TP-Link’s Smart Hub, potentially exposing users’ Wi-Fi credentials to malicious actors. This flaw could allow attackers to gain unauthorized access to sensitive information, posing significant risks to af…
A new vulnerability has been discovered in the Microsoft.Identity.Web NuGet package under specific conditions, potentially exposing sensitive information such as client secrets and certificate details in service logs. The flaw, identified as CVE-2025-3…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued alerts regarding two actively exploited vulnerabilities in the Linux Kernel. The flaws, tagged as CVE-2024-53197 and CVE-2024-53150, both reside in the USB-audio driver. These vulne…
A newly disclosed denial-of-service (DoS) vulnerability in Palo Alto Networks’ PAN-OS software enables attackers to force firewalls into repeated reboots using maliciously crafted packets. Tracked as CVE-2025-0128, the flaw impacts SCEP (Simple Ce…