More results...
A recent vulnerability has been discovered in the Zyxel NWA50AX Pro, a WiFi 6 access point for small businesses, exposing it to an n-day flaw that allows arbitrary file deletion via a misconfigured CGI endpoint. This issue, tracked as CVE-2024-29974, h…
Citrix has released patches for critical- and high-severity vulnerabilities in NetScaler and Secure Access Client and Workspace for Windows.
The post Critical Vulnerability Patched in Citrix NetScaler appeared first on SecurityWeek.
Qualys has disclosed two Linux vulnerabilities that can be chained for full root access, and CISA added a flaw to its KEV catalog.
The post Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation appeared first on SecurityWeek.
Qualys researchers have unearthed two local privilege escalation vulnerabilities (CVE-2025-6018, CVE-2025-6019) that can be exploited in tandem to achieve root access on most Linux distributions “with minimal effort.” About the vulnerabilit…
Google has released a crucial security update for its Chrome browser, addressing multiple high-severity vulnerabilities that could allow attackers to execute arbitrary code on affected systems. The update, now rolling out as version 137.0.7151.119/.120…
Google has released a Chrome 137 update to resolve two memory bugs in the browser’s V8 and Profiler components.
The post Chrome 137 Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek.
The Qualys Threat Research Unit (TRU) has uncovered two interconnected local privilege escalation (LPE) vulnerabilities—CVE-2025-6018 and CVE-2025-6019—that together enable attackers to gain full root access on a wide range of Linux distributions with …
Veeam and BeyondTrust have resolved several vulnerabilities that could be exploited for remote code execution.
The post Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products appeared first on SecurityWeek.
The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert regarding active exploitation of a critical Linux kernel vulnerability, tracked as CVE-2023-0386, which has now been added to the Known Exploited Vulnerabilities (KEV) C…
Veeam, a leading provider of data protection and backup solutions, disclosed three critical vulnerabilities affecting its widely deployed backup software. These flaws—assigned CVE-2025-23121, CVE-2025-24286, and CVE-2025-24287—could allow attackers to …