Vulnerability

Dell PowerProtect Flaw Allows Remote Attackers to Execute Arbitrary CommandsDell PowerProtect Flaw Allows Remote Attackers to Execute Arbitrary Commands

Dell PowerProtect Flaw Allows Remote Attackers to Execute Arbitrary Commands

Dell Technologies has released a security update addressing a critical vulnerability (CVE-2025-29987) in its PowerProtect Data Domain Operating System (DD…

4 weeks ago
Bitdefender GravityZone Console PHP Vulnerability Lets Hackers Execute Arbitrary CommandsBitdefender GravityZone Console PHP Vulnerability Lets Hackers Execute Arbitrary Commands

Bitdefender GravityZone Console PHP Vulnerability Lets Hackers Execute Arbitrary Commands

Cybersecurity firm Bitdefender has patched a severe flaw (CVE-2025-2244) in its GravityZone Console, which could allow unauthenticated attackers to execute…

4 weeks ago
Vite Development Server Flaw Allows Attackers Bypass Path RestrictionsVite Development Server Flaw Allows Attackers Bypass Path Restrictions

Vite Development Server Flaw Allows Attackers Bypass Path Restrictions

A critical security vulnerability, CVE-2025-31125, has been identified in the Vite development server. Due to improper path verification during URL request…

1 month ago
Halo ITSM Vulnerability Lets Attackers Inject Malicious SQL CodeHalo ITSM Vulnerability Lets Attackers Inject Malicious SQL Code

Halo ITSM Vulnerability Lets Attackers Inject Malicious SQL Code

A critical security flaw has been discovered in Halo ITSM, an IT support management software widely deployed across cloud and on-premise…

1 month ago
OpenVPN Flaw Allows Attackers Crash Servers and Run Remote CodeOpenVPN Flaw Allows Attackers Crash Servers and Run Remote Code

OpenVPN Flaw Allows Attackers Crash Servers and Run Remote Code

OpenVPN, a widely-used open-source virtual private network (VPN) software, has recently patched a security vulnerability that could allow attackers to…

1 month ago
Apache Traffic Server Flaw Allows Request Smuggling AttacksApache Traffic Server Flaw Allows Request Smuggling Attacks

Apache Traffic Server Flaw Allows Request Smuggling Attacks

A critical vulnerability has been discovered in Apache Traffic Server (ATS), an open-source caching proxy server. Identified as CVE-2024-53868, this flaw…

1 month ago
Cisco AnyConnect VPN Server Vulnerability Allows Attackers to Trigger DoSCisco AnyConnect VPN Server Vulnerability Allows Attackers to Trigger DoS

Cisco AnyConnect VPN Server Vulnerability Allows Attackers to Trigger DoS

Cisco has disclosed a significant vulnerability in its AnyConnect VPN Server for Meraki MX and Z Series devices, allowing authenticated attackers to…

1 month ago
SonicWall Firewall Vulnerability Enables Unauthorized AccessSonicWall Firewall Vulnerability Enables Unauthorized Access

SonicWall Firewall Vulnerability Enables Unauthorized Access

Researchers from Bishop Fox have successfully exploited CVE-2024-53704, an authentication bypass vulnerability that affects SonicWall firewalls. This critical flaw allows remote…

1 month ago
Cisco Smart Licensing Utility Flaws Allowed Attackers to Gain Admin AccessCisco Smart Licensing Utility Flaws Allowed Attackers to Gain Admin Access

Cisco Smart Licensing Utility Flaws Allowed Attackers to Gain Admin Access

Cisco has disclosed critical vulnerabilities in its Smart Licensing Utility software, identified as CVE-2024-20439 and CVE-2024-20440, which could allow unauthenticated,…

1 month ago
Google Cloud Platform Vulnerability Exposes Sensitive Data to AttackersGoogle Cloud Platform Vulnerability Exposes Sensitive Data to Attackers

Google Cloud Platform Vulnerability Exposes Sensitive Data to Attackers

A privilege escalation vulnerability in Google Cloud Platform (GCP), dubbed "ImageRunner," was recently discovered and fixed. The flaw, which Tenable…

1 month ago