Topic: unauthenticated access
-
Urgent Oracle EBS Vulnerability Alert (CVE-2025-61884)
A critical security flaw, CVE-2025-61884, has been identified in Oracle's E-Business Suite, affecting versions 12.2.3 to 12.2.14 and potentially earlier versions like 12.1.3, allowing unauthenticated attackers to exploit it via HTTP. Exploitation of this vulnerability could result in unauthorized...
Read More » -
Cisco ASA Firewalls Under Active Attack from Zero-Day Exploits
Cisco has issued an urgent alert to patch two actively exploited zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) affecting its ASA and FTD software. The company, aided by international cybersecurity agencies, also addressed a third critical flaw (CVE-2025-20363) but has not linked it...
Read More » -
SolarWinds Patches Critical RCE Flaw in Web Help Desk
SolarWinds has released a critical update for its Web Help Desk software to patch CVE-2025-26399, an unauthenticated remote code execution vulnerability requiring immediate action to prevent system compromise. The flaw, located in the AjaxProxy class, allows remote attackers to execute arbitrary ...
Read More » -
SolarWinds Issues Urgent Patch for Critical Web Help Desk Flaw
SolarWinds has released an urgent hotfix for a critical, unauthenticated remote code execution vulnerability (CVE-2025-26399) in its Web Help Desk software, which poses a severe risk to affected systems. The flaw is a patch bypass for a previous vulnerability and stems from unsafe deserialization...
Read More » -
Microsoft Copilot AI Exits WhatsApp on January 15
Microsoft's Copilot AI assistant will stop working on WhatsApp from January 15 due to updated platform policies, requiring users to switch to Microsoft's apps or web interface. WhatsApp's policy changes discontinue support for general-purpose AI chatbots via its Business API, affecting third-part...
Read More »