Security Vulnerabilities

The latest Security Vulnerabilities

NewsSecurity Vulnerabilities

Ubiquiti Networks UniFi Console Missing Authentication for Critical Function Authentication Bypass Vulnerability (CVE-2025-23116)

Jason Davies 137 Views 0 Comments 0 min read

– This vulnerability allows network-adjacent attackers to bypass authentication on affected Ubiquiti Networks UniFi Console devices.

Read More
NewsSecurity Vulnerabilities

Ubiquiti Networks AI Bullet Insufficient Firmware Update Validation Remote Code Execution Vulnerability (CVE-2025-23117)

Jason Davies 123 Views 0 Comments 0 min read

– This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Ubiquiti Networks AI Bullet Cameras.

Read More
NewsSecurity Vulnerabilities

Microsoft Visual Studio initializeCommand Insufficient UI Warning Remote Code Execution Vulnerability (CVE-2025-47959)

Jason Davies 170 Views 0 Comments 0 min read

– This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Visual Studio.

Read More
NewsSecurity Vulnerabilities

Hewlett Packard Enterprise Directory Traversal Remote Code Execution Vulnerability (CVE-2025-37099)

Luke Simmonds 224 Views 0 Comments 0 min read

– This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Insight Remote Support. Authentication is not required to exploit this vulnerability.

Read More
NewsSecurity Vulnerabilities

Cisco Identity Services Engine on Cloud Platforms Static Credential Vulnerability (CVE-2025-20286)

Jason Davies 461 Views 0 Comments 1 min read

– A critical vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) cloud deployments of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems.

Read More
NewsSecurity Vulnerabilities

Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability (CVE-2025-5481)

Jason Davies 258 Views 0 Comments 0 min read

CVE number = CVE-2025-5481 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer

Read More
NewsSecurity Vulnerabilities

Cisco Meraki MX and Z Series Teleworker Gateway AnyConnect VPN Denial of Service Vulnerabilities

Jason Davies 261 Views 0 Comments 4 min read

– Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition to the AnyConnect VPN service on an affected device.

Read More
NewsSecurity Vulnerabilities

Cisco Meraki MX and Z Series Teleworker Gateway AnyConnect VPN Session Takeover and Denial of Service Vulnerability (CVE-2024-20509)

Jason Davies 239 Views 0 Comments 1 min read

– A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service condition for individual users of the AnyConnect VPN service on affected device.

Read More
NewsSecurity Vulnerabilities

Blackmagic Design DaVinci Resolve TCC Bypass via Dylib Substitution Vulnerability (CVE-2025-4081)

Jason Davies 822 Views 0 Comments 0 min read

– Use of entitlement “com.apple.security.cs.disable-library-validation” and lack of launch and library load constraints allows to substitute a legitimate dylib with malicious one.

Read More
NewsSecurity Vulnerabilities

Linux Kernel ksmbd Session Setup Null Pointer Dereference Denial-of-Service Vulnerability

Luke Simmonds 585 Views 0 Comments 0 min read

– This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Linux Kernel.

Read More