Topic: cve identifiers

Sort by: Relevance | Date
  • NSA-Reported VMware Flaws Patched by Broadcom
    October 8, 2025
    90%

    NSA-Reported VMware Flaws Patched by Broadcom

    Broadcom has released critical patches for two VMware NSX vulnerabilities (CVE-2025-41251 and CVE-2025-41252) that allow unauthenticated attackers to enumerate valid usernames, posing risks of unauthorized access. Additional high-severity flaws were addressed in VMware vCenter (CVE-2025-41250) an...

    Read More »
  • Critical DNS Cache Poisoning Flaws Found in 2 Apps
    October 27, 2025
    80%

    Critical DNS Cache Poisoning Flaws Found in 2 Apps

    Critical vulnerabilities in BIND and Unbound DNS software allow attackers to poison DNS caches and redirect users to fraudulent websites, with severity ratings up to 8.6. These flaws enable malicious actors to replace legitimate domain IP addresses with attacker-controlled ones, but security patc...

    Read More »
  • Zero-Day Attack Hits Gladinet File Sharing Software
    October 22, 2025
    80%

    Zero-Day Attack Hits Gladinet File Sharing Software

    A zero-day vulnerability (CVE-2025-11371) in Gladinet's CentreStack and Triofox platforms allows unauthenticated attackers to access sensitive files via Local File Inclusion, with at least three organizations already targeted. Attackers exploit the LFI flaw to retrieve machine keys and chain it w...

    Read More »
  • Cisco ASA Firewalls Under Active Attack from Zero-Day Exploits
    September 28, 2025
    80%

    Cisco ASA Firewalls Under Active Attack from Zero-Day Exploits

    Cisco has issued an urgent alert to patch two actively exploited zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) affecting its ASA and FTD software. The company, aided by international cybersecurity agencies, also addressed a third critical flaw (CVE-2025-20363) but has not linked it...

    Read More »
  • Supermicro Motherboards Harbor Unremovable Malware
    September 24, 2025
    80%

    Supermicro Motherboards Harbor Unremovable Malware

    Supermicro motherboards have critical vulnerabilities allowing malware to be embedded so deep that standard removal methods fail, as attackers can remotely install malicious firmware before the operating system loads. The flaws include an incomplete patch for a prior high-severity issue and a sep...

    Read More »
  • Lenovo UEFI Updates Patch Critical Secure Boot Vulnerabilities
    August 1, 2025
    80%

    Lenovo UEFI Updates Patch Critical Secure Boot Vulnerabilities

    Lenovo released critical firmware updates to fix high-risk vulnerabilities in Secure Boot for several all-in-one desktop models, which could allow attackers to bypass security and execute malicious code at the firmware level. The affected devices include IdeaCentre AIO 3 and Yoga AIO models, with...

    Read More »
  • Oracle Warns Known Flaws Fueling Recent Ransomware Attacks
    October 4, 2025
    75%

    Oracle Warns Known Flaws Fueling Recent Ransomware Attacks

    Oracle is warning that known vulnerabilities in its E-Business Suite are being exploited in ransomware attacks, with customers receiving extortion emails linked to patched security flaws. The Cl0p ransomware group, possibly connected to FIN11, is suspected of sending these emails from compromised...

    Read More »
  • SAP Issues Critical Security Alert for Multiple Products
    September 10, 2025
    65%

    SAP Issues Critical Security Alert for Multiple Products

    SAP has issued a critical security alert for multiple vulnerabilities, including one with the highest severity score, as threat actors actively exploit a separate high-severity flaw. The most severe vulnerability, CVE-2025-42944 with a CVSS score of 10.0, affects the NetWeaver platform and allows...

    Read More »

Related Topics

remote code execution (59) active exploitation (18) security patches (8) deserialization vulnerability (6) unauthenticated attacks (2) cloud security (74) data theft (44) security updates (43)