Security Vulnerabilities

The latest Security Vulnerabilities

NewsSecurity Vulnerabilities

Veritas Arctera InfoScale Critical Vulnerability (CVE-2025-27816)

Jason Davies 1057 Views 0 Comments 0 min read

CVE-2025-27816 is a critical vulnerability that was discovered in the Arctera InfoScale 7.0 through 8.0.2 where a .NET remoting endpoint can be exploited due to the insecure deserialization of potentially untrusted messages.

Read More
NewsSecurity Vulnerabilities

Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability (CVE-2025-2024)

Jason Davies 1337 Views 0 Comments 0 min read

CVE-2025-2024 – This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp.

Read More
NewsSecurity Vulnerabilities

Cisco Small Business Routers Vulnerabilities (CVE-2023-20025 and CVE-2023-20026 and CVE-2023-20118)

Jason Davies 1455 Views 0 Comments 3 min read

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow a remote attacker to bypass authentication or execute arbitrary commands on the underlying operating system of an affected device.

Read More
NewsSecurity Vulnerabilities

Apache Pinot Improper Neutralization of Special Elements Authentication Bypass Vulnerability (CVE-2024-56325)

Kerry Dean 1325 Views 0 Comments 0 min read

CVE-2024-56325 vulnerability allows remote attackers to bypass authentication on affected installations of Apache Pinot.

Read More
NewsSecurity Vulnerabilities

Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability (CVE-2025-20208)

Luke Simmonds 1267 Views 0 Comments 0 min read

CVE-2025-20208 is a vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow a low-privileged, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.

Read More
NewsSecurity Vulnerabilities

Cisco Secure Client for Windows with Secure Firewall Posture Engine DLL Hijacking Vulnerability (CVE-2025-20206)

Luke Simmonds 1402 Views 0 Comments 1 min read

A vulnerability in the interprocess communication (IPC) channel of Cisco Secure Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the Secure Firewall Posture Engine, formerly HostScan, is installed on Cisco Secure Client.

Read More
NewsSecurity Vulnerabilities

Cisco Webex for BroadWorks Credential Exposure Vulnerability

Jason Davies 999 Views 0 Comments 2 min read

A low-severity vulnerability in Cisco Webex for BroadWorks Release 45.2 could allow an unauthenticated, remote attacker to access data and credentials if unsecure transport is configured for the SIP communication.

Read More
NewsSecurity Vulnerabilities

Critical Zero-day Vulnerabilities in VMware ESXi, Workstation, and Fusion (CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226)

Jason Davies 1662 Views 0 Comments 1 min read

CVE-2025-22224 and CVE-2025-22225 and CVE-2025-22226 – Broadcom has addressed three exploited vulnerabilities that, when chained, can allow an attacker to access the hypervisor through a running virtual machine.

Read More
NewsSecurity Vulnerabilities

Deserialization of Untrusted Data Vulnerability In b1gMail (CVE-2025-1741)

Jason Davies 943 Views 0 Comments 0 min read

CVE number = CVE-2025-1741 A vulnerability classified as problematic was found in b1gMail up to 7.4.1-pl1. Affected by this vulnerability

Read More
NewsSecurity Vulnerabilities

Cisco Nexus 3000 and 9000 Series Switches Health Monitoring Diagnostics Denial of Service Vulnerability (CVE-2025-20111)

Jason Davies 1283 Views 0 Comments 1 min read

A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.

Read More