Security Vulnerabilities

The latest Security Vulnerabilities

NewsSecurity Vulnerabilities

Microsoft Windows TAR File Parsing NTLM Relay Vulnerability (CVE-2025-59284)

Jason Davies 984 Views 0 Comments 0 min read

– This vulnerability allows remote attackers to relay NTLM credentials on affected installations of Microsoft Windows.

Read More
NewsSecurity Vulnerabilities

Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities (CVE-2025-20359 and CVE-2025-20360)

Jason Davies 1221 Views 0 Comments 2 min read

– Multiple Cisco products are affected by vulnerabilities in the HTTP Multipurpose Internet Mail Extensions (MIME) Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak possible sensitive information or to restart.

Read More
NewsSecurity Vulnerabilities

Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability (CVE-2025-20329)

Jason Davies 928 Views 0 Comments 1 min read

– A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials.

Read More
NewsSecurity Vulnerabilities

Palo Alto Improper Neutralization of Input in the Management Web Interface (CVE-2025-4615)

Jason Davies 1067 Views 0 Comments 0 min read

– An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands.

Read More
NewsSecurity Vulnerabilities

Jaspersoft Jasper Reports JRLoader Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2025-10492)

Luke Simmonds 1305 Views 0 Comments 0 min read

– This vulnerability allows remote attackers to execute arbitrary code on affected installations of Jaspersoft Jasper Reports.

Read More
NewsSecurity Vulnerabilities

7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability (CVE-2025-11001)

Luke Simmonds 1619 Views 0 Comments 0 min read

– This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip.

Read More
NewsSecurity Vulnerabilities

7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability (CVE-2025-11002)

Luke Simmonds 1150 Views 0 Comments 0 min read

– This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip.

Read More
NewsSecurity Vulnerabilities

Allegra DatabaseBackupBL Directory Traversal Information Disclosure Vulnerability (CVE-2025-11466)

Luke Simmonds 806 Views 0 Comments 0 min read

– This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra.

Read More
NewsSecurity Vulnerabilities

Active exploitation of vulnerability affecting Oracle E-Business Suite (CVE-2025-61882)

Luke Simmonds 1167 Views 0 Comments 0 min read

– Oracle has published a security update to address an unauthenticated remote vulnerability (CVE-2025-61882) affecting Oracle E-Business Suite (EBS).

Read More
NewsSecurity Vulnerabilities

win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability (CVE-2025-11202)

Jason Davies 893 Views 0 Comments 0 min read

– This vulnerability allows remote attackers to execute arbitrary code on affected installations of win-cli-mcp-server.

Read More