More results...
A newly disclosed vulnerability in Palo Alto Networks’ GlobalProtect application could allow attackers to escalate privileges and install malicious software on affected systems through improper certificate validation. The security flaw, tracked a…
A critical vulnerability discovered in Cisco’s Secure Firewall Threat Defense Software has been identified as CVE-2025-20217, posing significant risks to network security infrastructure worldwide. The vulnerability, affecting the Snort 3 Detectio…
Security researchers have disclosed a critical vulnerability in the HTTP/2 protocol that could enable massive distributed denial-of-service (DDoS) attacks, potentially affecting millions of web servers worldwide. The flaw, dubbed “MadeYouReset…
Cisco has disclosed a critical security vulnerability in its Secure Firewall Management Center software that could allow unauthenticated attackers to remotely execute shell commands with elevated privileges. The flaw, tracked as CVE-2025-20265, carries…
Security researchers have disclosed critical vulnerabilities in Xerox FreeFlow Core that enable unauthenticated remote attackers to execute arbitrary code on vulnerable systems. The proof-of-concept exploits are now publicly available, raising immediat…
A severe security vulnerability has been discovered in a popular WordPress plugin used by over 70,000 websites worldwide, potentially exposing them to complete takeover by malicious actors. The vulnerability, tracked as CVE-2025-7384, affects the ̶…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued urgent alerts regarding two critical vulnerabilities in N-able N-Central that are currently being actively exploited, prompting immediate action from organizations using this remote…
GitLab has released critical security patches addressing multiple high-severity vulnerabilities that could enable attackers to execute account takeovers and stored cross-site scripting (XSS) attacks across both Community Edition (CE) and Enterprise Edi…
Microsoft has disclosed three critical security vulnerabilities in its Office suite that could enable attackers to execute malicious code remotely on affected systems. The vulnerabilities, identified as CVE-2025-53731, CVE-2025-53740, and CVE-2025-5373…
Microsoft has disclosed critical security vulnerabilities in Exchange Server that could enable attackers to conduct network-based spoofing attacks and tamper with sensitive data, according to security bulletins released on August 12, 2025. The vulnerab…