Security Vulnerabilities

The latest Security Vulnerabilities

NewsSecurity Vulnerabilities

Elevation of Privilege Vulnerability in Visual Studio (CVE-2025-29813)

An elevation of privilege vulnerability exists when Visual Studio improperly handles pipeline job tokens.

Read More
NewsSecurity Vulnerabilities

Cisco Catalyst SD-WAN Manager Arbitrary File Overwrite Vulnerability (CVE-2025-20213)

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.

Read More
NewsSecurity Vulnerabilities

Out of bounds write vulnerability in FreeType versions 2.13.0 and below (CVE-2025-27363)

An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files.

Read More
NewsSecurity Vulnerabilities

Cisco IOS XE Wireless Controller Software Arbitrary File Upload Vulnerability (CVE-2025-20188)

CVE number = CVE-2025-20188 A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE Software

Read More
NewsSecurity Vulnerabilities

Cisco IOS XE SNMP OID Handling Out-Of-Bounds Read Denial-of-Service Vulnerability (CVE-2025-20172)

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Cisco IOS XE.

Read More
NewsSecurity Vulnerabilities

Apache Parquet Java – Potential malicious code execution from trusted packages (CVE-2025-46762)

Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code.

Read More
NewsSecurity Vulnerabilities

Cisco IOS XE SNMP GET-NEXT ciscoFlashFileSize Unexpected Sign Extension Denial-of-Service Vulnerability (CVE-2025-20169)

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Cisco IOS XE.

Read More
NewsSecurity Vulnerabilities

Synology BeeStation BST150-4T Unnecessary Privileges Remote Code Execution Vulnerability (CVE-2024-10445)

CVE number = CVE-2024-10445 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology BeeStation BST150-4T

Read More
NewsSecurity Vulnerabilities

Apache ActiveMQ NMS Body Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2025-29953)

CVE-2025-29953 – This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apache ActiveMQ NMS.

Read More
NewsSecurity Vulnerabilities

Oracle VirtualBox OHCI USB Controller Race Condition Local Privilege Escalation Vulnerability (CVE-2024-21113)

CVE-2024-21113 – This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox.

Read More