Monday, May 5, 2025

CVE/vulnerability

CISA Warns of NAKIVO Backup Flaw Exploited in Attacks with PoC Released

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a serious vulnerability in the NAKIVO Backup and Replication software, known...

Critical Veeam Backup & Replication Vulnerability Allows Remote Execution of Malicious Code

A critical vulnerability in Veeam Backup & Replication software has been disclosed, posing a significant risk to users. This vulnerability, identified as CVE-2025-23120, allows remote...

Linux Kernel Vulnerability Allows Attackers to Escalate Privileges via Out-of-Bounds Write

A recently discovered vulnerability in the Linux kernel, identified as CVE-2025-0927, poses a significant threat to system security. This flaw, present in the HFS+ file...

mySCADA myPRO RCE Vulnerabilities Expose ICS Devices to Remote Control

Supervisory Control and Data Acquisition (SCADA) systems play a pivotal role in managing critical infrastructure across sectors like energy, manufacturing, and more. However, this digital...

Sante PACS Server Flaws Allow Remote Attackers to Download Arbitrary Files

Recently, several critical vulnerabilities were discovered in Sante PACS Server version 4.1.0, leaving it susceptible to severe security breaches. These vulnerabilities, identified by CVE-2025-2263, CVE-2025-2264, CVE-2025-2265, and CVE-2025-2284, expose...

CISA Warns of Supply-Chain Attack Exploiting GitHub Action Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm over a critical supply-chain attack affecting a widely used third-party GitHub Action: tj-actions/changed-files. This...

Critical Synology Vulnerability Allows Remote Attackers to Execute Arbitrary Code

A critical vulnerability affecting Synology's DiskStation Manager (DSM) has been disclosed, allowing remote attackers to execute arbitrary code on vulnerable systems. This severe issue, identified...

Windows File Explorer Vulnerability Enables Network Spoofing Attacks: PoC Released

A critical vulnerability in Windows File Explorer has been discovered, allowing attackers to capture NTLM hashes and potentially exploit them for network spoofing attacks. The...