Saturday, May 3, 2025

Exploit

Multiple MySQL2 Flaw Let Attackers Arbitrary Code Remotely

The widely used MySQL2 has been discovered to have three critical vulnerabilities: remote Code execution, Arbitrary code injection, and Prototype Pollution. These vulnerabilities have been...

PoC Exploit Released For Critical Oracle VirtualBox Vulnerability

Oracle Virtualbox was identified and reported as having a critical vulnerability associated with Privilege Escalation and Arbitrary File Move/Delete. This vulnerability was assigned with CVE-2024-21111,...

Alert! Zero-day Exploit For WhatsApp Advertised On Hacker Forums

A zero-day exploit targeting the popular messaging app WhatsApp has been advertised on underground hacker forums. The exploit has raised serious concerns regarding the safety...

Fortra For Windows Vulnerability Let Attackers Escalate Privilege

Fortra's Robot Schedule Enterprise Agent permits a low-privileged user to elevate privileges to the local system level.  The problem arises from the agent's failure to...

Hackers Using ScrubCrypt ‘AV Evasion Tool’ To Exploit Oracle WebLogic Servers

Hackers exploit Oracle WebLogic Servers, knowing that they are extensively used in enterprises. Threat actors can use security vulnerabilities present in the WebLogic servers to...

CISA Warns Of Active Exploitation Of Flaws In Fortinet, Ivanti, & Nice Linear

A recent security alert warns of three critical vulnerabilities actively exploited in the wild, of which the first is CVE-2023-48788, an SQL injection vulnerability...

Microsoft Xbox Gaming Services Flaw Let Attackers Gain SYSTEM Privileges

A new elevation of privilege vulnerability has been discovered in the Xbox Gaming services that allow a threat actor to elevate their privileges to...

Exploit Released For Critical Fortinet RCE Flaw: Patch Soon!

FortiClientEMS (Enterprise Management Server), the security solution used for scalable and centralized management, was discovered with an SQL injection vulnerability that could allow an...