Microsoft has announced that it’ll introduce a new pricing update for its Online Services purchased through volume licensing programs. Starting…
Microsoft is gradually updating its Notepad app for sometime now, and the latest release adds another welcome change to the…
Battlefield 6 is gearing up for its second Open Beta weekend, running from August 14 through August 17, with new…
Microsoft is rolling out a welcome upgrade for Arm-based Windows 11 PCs, giving them a big boost in gaming. With…
Google has announced two new AI-powered image editing features for Google Slides and Google Vids, designed to give users more…
PowerToys version 0.93 is here, and it’s one of the biggest updates in the the recent time. You’re getting a…
Ghostty terminal has undergone a GTK rewrite, embracing the GObject type system. The result: new features, better memory management, and…
Application monitoring company Sentry is making it easier to gain visibility into MCP servers with the launch of a new…
CVE ID : CVE-2025-7774
Published : Aug. 14, 2025, 2:15 p.m. | 9 hours, 49 minutes ago
Description : A security issue exists within the 5032 16pt Digital Configurable module’s web server. Intercepted session credentials can be used within a 3-minute timeout window, allowing unauthorized users to perform privileged actions.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7973
Published : Aug. 14, 2025, 2:15 p.m. | 9 hours, 49 minutes ago
Description : A security issue exists in FactoryTalk ViewPoint version 14.0 or below due to improper handling of MSI repair operations. During a repair, attackers can hijack the cscript.exe console window, which runs with SYSTEM privileges. This can be exploited to spawn an elevated command prompt, enabling full privilege escalation.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-9036
Published : Aug. 14, 2025, 2:15 p.m. | 9 hours, 49 minutes ago
Description : A security issue in the runtime event system allows unauthenticated connections to receive a reusable API token. This token is broadcasted over a WebSocket and can be intercepted by any local client listening on the connection.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-40758
Published : Aug. 14, 2025, 3:15 p.m. | 8 hours, 49 minutes ago
Description : A vulnerability has been identified in Mendix SAML (Mendix 10.12 compatible) (All versions
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7972
Published : Aug. 14, 2025, 3:15 p.m. | 8 hours, 49 minutes ago
Description : A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-8875
Published : Aug. 14, 2025, 3:15 p.m. | 8 hours, 49 minutes ago
Description : Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of Code.This issue affects N-central: before 2025.3.1.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-8876
Published : Aug. 14, 2025, 3:15 p.m. | 8 hours, 49 minutes ago
Description : Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-9041
Published : Aug. 14, 2025, 3:15 p.m. | 8 hours, 49 minutes ago
Description : A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IF8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault (Code 16#0010), and the module cannot recover without a power cycle.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-9042
Published : Aug. 14, 2025, 3:15 p.m. | 8 hours, 49 minutes ago
Description : A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IY8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault (Code 16#0010), and the module cannot recover without a power cycle.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-20133
Published : Aug. 14, 2025, 5:15 p.m. | 6 hours, 49 minutes ago
Description : A vulnerability in the management and VPN web servers of the Remote Access SSL VPN feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly stop responding, resulting in a DoS condition.
This vulnerability is due to ineffective validation of user-supplied input during the Remote Access SSL VPN authentication process. An attacker could exploit this vulnerability by sending a crafted request to the VPN service on an affected device. A successful exploit could allow the attacker to cause a DoS condition where the device stops responding to Remote Access SSL VPN authentication requests.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-20134
Published : Aug. 14, 2025, 5:15 p.m. | 6 hours, 49 minutes ago
Description : A vulnerability in the certificate processing of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.
This vulnerability is due to improper parsing of SSL/TLS certificates. An attacker could exploit this vulnerability by sending a crafted SSL/TLS certificate to an affected system through a listening SSL/TLS socket. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-20148
Published : Aug. 14, 2025, 5:15 p.m. | 6 hours, 49 minutes ago
Description : A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document.
This vulnerability is due to improper validation of user-supplied data. An attacker could exploit this vulnerability by submitting malicious content to an affected device and using the device to generate a document that contains sensitive information. A successful exploit could allow the attacker to alter the standard layout of the device-generated documents, read arbitrary files from the underlying operating system, and conduct server-side request forgery (SSRF) attacks. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Security Analyst (Read Only).
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…