CVE/vulnerability
PoC Exploit Released for TP-Link Code Execution Vulnerability(CVE-2024-54887)
A security researcher, exploring reverse engineering and exploit development, has successfully identified a critical vulnerability in the TP-Link TL-WR940N router, specifically affecting hardware versions 3 and 4 with all...
CVE/vulnerability
Brave Browser Vulnerability Allows Malicious Website Appears as Trusted One
A security vulnerability has been identified in Brave Browser, potentially allowing malicious websites to masquerade as trusted ones during file upload or download operations.The...
CVE/vulnerability
Apache CXF Vulnerability Triggers DoS Attack
Colm O hEigeartaigh announced a critical vulnerability affecting various versions of Apache CXF, a widely-used framework for building web services.This issue, documented as CVE-2025-23184,...
CVE/vulnerability
PoC Exploit Released for TP-Link Code Execution Vulnerability (CVE-2024-54887)
A serious code execution vulnerability in the TP-Link TL-WR940N router, identified as CVE-2024-54887, has become the focus of intense scrutiny following the release of...
CVE/vulnerability
OpenVPN Easy-rsa Vulnerability Allows Attacker to Bruteforce Private CA key
A significant security vulnerability, designated as CVE-2024-13454, has been discovered in the OpenVPN Easy-RSA tool, specifically affecting versions from 3.0.5 to 3.2.0 that utilize...
CVE/vulnerability
Vim Command Line Text Editor Segmentation Vulnerability Patched
Christian Brabandt, a prominent figure in the Vim community, announced the patching of a medium-severity segmentation fault vulnerability identified as CVE-2025-24014.The vulnerability, discovered in versions...
Cyber Security News
Multiple Azure DevOps Vulnerabilities Let Inject CRLF Queries & Rebind DNS
Researchers uncovered several significant vulnerabilities within Azure DevOps, specifically focusing on potential Server-Side Request Forgery (SSRF) weaknesses.The findings highlight the importance of robust...
ChatGPT
Researchers Used ChatGPT to Discover S3 Bucket Takeover Vulnerability in Red Bull
Bug bounty programs have emerged as a critical avenue for researchers to identify vulnerabilities in digital platforms.One such success story involves a recent discovery...
CVE/vulnerability
ChatGPT Crawler Vulnerability Abused to Trigger Reflexive DDoS Attacks
Security researchers have uncovered a severe vulnerability in OpenAI's ChatGPT API, allowing attackers to exploit its architecture for launching Reflective Distributed Denial of Service...
CVE/vulnerability
PoC Exploit Released for QNAP RCE Vulnerability
A critical remote code execution (RCE) vulnerability, tracked as CVE-2024-53691, has recently come to light, affecting users of QNAP's QTS and QuTS Hero operating...
CVE/vulnerability
Multiple HPE Aruba Network Vulnerabilities Allows Remote Arbitrary Code Execution
Hewlett Packard Enterprise (HPE) has confirmed multiple vulnerabilities in its Aruba Networking products that could allow remote arbitrary code execution.These vulnerabilities, CVE-2025-23051 and CVE-2025-23052,...