Facebook Linkedin RSS Twitter
SIEM as a Service
Home Vulnerability News

Vulnerability News

Latest
Zoom Workplace Apps Vulnerabilities

Zoom Workplace Apps Vulnerabilities Let Attackers Escalate Privileges

Guru Baran -
Zoom Video Communications disclosed multiple vulnerabilities affecting its Workplace Apps across various platforms, including Windows, macOS, Linux, iOS, and Android.  These vulnerabilities pose significant risks such as privilege escalation, denial-of-service (DoS), and remote code execution,...
Read more

Apple Security Update: Multiple Vulnerabilities in macOS & iOS Patched

Guru Baran -
Apple has released critical security updates for macOS Sequoia, addressing multiple vulnerabilities that could allow malicious applications to access sensitive user data.  The update, macOS Sequoia 15.5, fixes eight major Important flaws that specifically target...
Read more
VMware Tools Vulnerability

VMware Tools Vulnerability Let Attackers Tamper Files to Trigger Malicious Operations

Guru Baran -
A moderate-severity vulnerability in VMware Tools could allow attackers with limited privileges to manipulate files and trigger insecure operations within virtual machines. The vulnerability, tracked as CVE-2025-22247, affects both Windows and Linux versions of VMware...
Read more
Azure Storage Utility Vulnerability

Azure Storage Utility Vulnerability Let Attackers Escalate Their Privileges to Root

Guru Baran -
A critical security vulnerability in AZNFS-mount, an Azure utility that allows attackers to escalate privileges from an unprivileged user to root on Linux machines. The vulnerability affects all versions up to 2.0.10 of the...
Read more
Ubiquiti UniFi Protect Camera Vulnerability

Ubiquiti UniFi Protect Camera Vulnerability Allows Remote Code Execution

Guru Baran -
A critical security vulnerability in Ubiquiti UniFi Protect Cameras could allow attackers to execute arbitrary code remotely.  The flaw, which received the highest possible CVSS score of 10.0, affects all camera firmware versions 4.75.43 and...
Read more
Radware Cloud Web App Firewall Vulnerability

Radware Cloud Web App Firewall Vulnerability Let Attackers Bypass Filters

Guru Baran -
Security researchers have uncovered critical vulnerabilities in Radware's Cloud Web Application Firewall (WAF) that could allow attackers to completely bypass security filters, potentially exposing underlying web applications to various attacks. The vulnerabilities, tracked as CVE-2024-56523...
Read more
Microsoft Bookings Vulnerability

Microsoft Bookings Vulnerability Let Attackers Alter the Meeting Details

Guru Baran -
A significant vulnerability in Microsoft Bookings allowed attackers to manipulate meeting details by exploiting insufficient input validation.  The flaw, which Microsoft has largely remedied, enabled malicious actors to inject arbitrary HTML into meeting invitations, alter...
Read more
Cisco IOS XE Wireless Controllers Vulnerability

Cisco IOS XE Wireless Controllers Vulnerability Enables Full Device Control for Attackers

Guru Baran -
Cisco has disclosed a critical security vulnerability in its IOS XE Wireless LAN Controllers that could allow unauthorized attackers to gain complete control of affected devices. The flaw, assigned the maximum severity rating of 10.0,...
Read more
MobSF 0-day Exposes Systems

Critical MobSF 0-Day Exposes Systems to Stored XSS & ZIP of Death Attacks

Guru Baran -
The Mobile Security Framework (MobSF), a widely utilized tool, contains two critical zero-day vulnerabilities. These vulnerabilities, designated as CVE-2025-46335 and CVE-2025-46730, impact all versions of MobSF up to and including version 4.3.2. If exploited, they...
Read more

Critical Microsoft Telnet 0-Click Vulnerability Exposes Windows Credentials

Guru Baran -
A critical vulnerability in Microsoft Telnet Server enables attackers to bypass authentication completely, potentially gaining administrator access without valid credentials. Organizations running legacy Windows systems are advised to take immediate action, as no official...
Read more
123...34Page 1 of 34

Supply Chain Attack Prevention

SIEM as a Service

Recent Posts

Apache Superset Vulnerability

Apache Superset Vulnerability Let Attackers Takeover Resource Ownership

Kaaviya -
Apache Superset, the popular open-source data visualization and business intelligence platform, has been found to have a significant security vulnerability.  The vulnerability, CVE-2025-27696, allows authenticated...

Zoom Workplace Apps Vulnerabilities Let Attackers Escalate Privileges

Guru Baran -

PupkinStealer Attacking Windows Users to Steal Browser Login Credentials

Tushar Subhra Dutta -

Asus One-Click Vulnerability Let Attackers Execute Malicious Remote Code

Kaaviya -

Hackers Exploiting PyInstaller to Deploy Undetectable macOS Infostealer

Tushar Subhra Dutta -
© Copyright 2025 - Cyber Security News