SysAid ITSM Platform Vulnerabilities Allows Pre-authenticated Remote Command Execution

A critical vulnerability chain in SysAid’s On-Premise IT Service Management (ITSM) platform that allows attackers to achieve pre-authenticated Remote Command Execution (RCE).
The findings detail how m …
Read more

Published Date:
May 07, 2025 (4 hours, 34 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-2778

CVE-2025-2777

CVE-2025-2776

CVE-2025-2775

CVE-2023-47246

PoC Tool Released for Max Severity Apache Parquet Vulnerability to Detect Affected Servers

A proof-of-concept (PoC) exploit tool has been publicly released for a maximum severity vulnerability in Apache Parquet, enabling security teams to easily identify affected servers.
The vulnerability, …
Read more

Published Date:
May 07, 2025 (4 hours, 16 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-30065

CVE-2025-24813

Hackers exploit OttoKit WordPress plugin flaw to add admin accounts

Hackers are exploiting a critical unauthenticated privilege escalation vulnerability in the OttoKit WordPress plugin to create rogue admin accounts on targeted sites.
OttoKit (formerly SureTriggers) i …
Read more

Published Date:
May 07, 2025 (3 hours, 52 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-27007

CVE-2025-3102