A critical security vulnerability has been discovered in Citrix’s Windows Virtual Delivery Agent that could allow attackers with low-level system access to escalate their privileges to SYSTEM level, potentially granting them complete control over…

A critical security vulnerability has been discovered in Fortinet’s FortiWeb web application firewall that allows unauthenticated attackers to execute malicious SQL commands through the device’s graphical user interface. The flaw, designate…

Security researchers have uncovered two significant vulnerabilities in Zoom Clients for Windows, exposing users to potential Denial of Service (DoS) attacks. The flaws, identified as classic buffer overflow vulnerabilities, could allow an authorized us…

Fortinet has disclosed a critical security vulnerability in FortiOS that could allow authenticated attackers to execute arbitrary code through a heap-based buffer overflow in the cw_stad daemon, affecting multiple versions of the popular network securi…

Ivanti has released critical security updates for its Connect Secure and Policy Secure products, addressing six medium-severity vulnerabilities that could potentially lead to denial-of-service attacks and unauthorized access. The cybersecurity firm ann…

MediaTek has released a comprehensive security bulletin addressing 16 critical vulnerabilities across its extensive chipset portfolio, including smartphone, tablet, AIoT, smart display, smart platform, OTT, computer vision, audio, and TV chipsets. The …

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of a critical path traversal vulnerability in Ruby on Rails, designated as CVE-2019-5418. The agency added this five-year-old secur…

Security researchers have discovered a critical vulnerability in DNN (formerly DotNetNuke), one of the oldest open-source content management systems, that allows attackers to steal NTLM credentials through a sophisticated Unicode normalization bypass t…