VS meldt actief misbruik van beveiligingslek in Commvault-webserver
Aanvallers maken actief misbruik van een kwetsbaarheid in Commvault-webserver, zo meldt het Cybersecurity and Infrastructure Security Agency (CISA) van het Amerikaanse ministerie van Homeland Security …
Read more
Published Date:
Apr 29, 2025 (2 hours, 47 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-3928
Google: Zero-Day Exploits Shift from Browsers to Enterprise Security Tools in 2024
In its latest threat landscape analysis, the Google Threat Intelligence Group (GTIG) reported a continued surge in the strategic use of zero-day vulnerabilities, but with a notable shift in targeting …
Read more
Published Date:
Apr 29, 2025 (1 hour, 53 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-31103
CVE-2025-0108
CVE-2024-49039
CVE ID : CVE-2025-3452
Published : April 29, 2025, 9:15 a.m. | 2 hours, 29 minutes ago
Description : The SecuPress Free — WordPress Security plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ‘secupress_reinstall_plugins_admin_ajax_cb’ function in all versions up to, and including, 2.3.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install arbitrary plugins.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
React Router Vulnerabilities Let Attackers Spoof Contents & Modify Values
Significant security flaws have been discovered in React Router, a widely-used routing library for React applications, potentially allowing attackers to corrupt content, poison caches, and manipulate …
Read more
Published Date:
Apr 28, 2025 (22 hours, 33 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-43865
CVE-2025-43864
FastCGI Library Vulnerability Exposes Embedded Devices to Code Execution Attacks
A critical vulnerability in the FastCGI library could allow attackers to execute arbitrary code on embedded devices.
The flaw, tracked as CVE-2025-23016 with a CVSS score of 9.3, affects all FastCGI f …
Read more
Published Date:
Apr 28, 2025 (22 hours, 21 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-23016
⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
Cybersecurity / Hacking News
What happens when cybercriminals no longer need deep skills to breach your defenses? Today’s attackers are armed with powerful tools that do the heavy lifting — from AI-po …
Read more
Published Date:
Apr 28, 2025 (20 hours, 23 minutes ago)
Vulnerabilities has been mentioned in this article.
Android Show: Google to Unveil OS Future Before I/O 2025
Ahead of the Google I/O 2025 conference, scheduled to commence on May 20th (Pacific Time), Google will host a special edition “Android Show” event on May 13th at 1 PM Eastern Time to unveil the future …
Read more
Published Date:
Apr 29, 2025 (5 hours, 37 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2022-26006
CVE-2022-21198
CISA Issues Warning on Commvault Web Server Flaw Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has added the Commvault Web Server vulnerability (CVE-2025-3928) to its Known Exploited Vulnerabilities (KEV) catalog, indicating that threa …
Read more
Published Date:
Apr 29, 2025 (3 hours, 2 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-3928
Apache Tomcat Vulnerability Let Attackers Bypass Rules & Trigger DoS Condition
The Apache Software Foundation disclosed a significant security vulnerability in Apache Tomcat that could allow attackers to bypass security rules and trigger denial-of-service conditions through mani …
Read more
Published Date:
Apr 29, 2025 (2 hours, 38 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-31650
CVE-2025-3928
CVE-2025-24813
Broadcom waarschuwt voor actief misbruikt lek in Brocade Fabric OS
Broadcom en het Amerikaanse cyberagentschap CISA waarschuwen voor een actief misbruikte kritieke kwetsbaarheid in Brocade Fabric OS. Dit is het besturingssysteem gebruikt voor Fibre Channel-switches e …
Read more
Published Date:
Apr 29, 2025 (1 hour, 15 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-1976
DslogdRAT Malware: A Sneaky Cyberattack Exploiting Ivanti ICS Zero-Day
Photo by SCARECROW artworks on UnsplashBuckle up, cybersecurity enthusiasts! 🚀 A new villain has entered the digital stage: DslogdRAT, a stealthy malware that’s been causing chaos by exploiting a zero …
Read more
Published Date:
Apr 29, 2025 (1 hour, 3 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE ID : CVE-2025-2893
Published : April 29, 2025, 7:15 a.m. | 1 hour, 25 minutes ago
Description : The Gutenverse – Ultimate Block Addons and Page Builder for Site Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s countdown Block in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2018-13372
Published : April 29, 2025, 3:15 a.m. | 3 hours, 40 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-24179
Published : April 29, 2025, 3:15 a.m. | 3 hours, 40 minutes ago
Description : A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.3 and iPadOS 18.3, visionOS 2.3, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, macOS Sequoia 15.3, tvOS 18.3. An attacker on the local network may be able to cause a denial-of-service.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-24251
Published : April 29, 2025, 3:15 a.m. | 3 hours, 40 minutes ago
Description : The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, watchOS 11.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-24206
Published : April 29, 2025, 3:15 a.m. | 3 hours, 40 minutes ago
Description : An authentication issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to bypass authentication policy.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-24252
Published : April 29, 2025, 3:15 a.m. | 3 hours, 40 minutes ago
Description : A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to corrupt process memory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-24270
Published : April 29, 2025, 3:15 a.m. | 3 hours, 40 minutes ago
Description : This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to leak sensitive user information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-30445
Published : April 29, 2025, 3:15 a.m. | 3 hours, 40 minutes ago
Description : A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-24271
Published : April 29, 2025, 3:15 a.m. | 3 hours, 40 minutes ago
Description : An access issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An unauthenticated user on the same network as a signed-in Mac could send it AirPlay commands without pairing.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…