Security Vulnerabilities

The latest Security Vulnerabilities

NewsSecurity Vulnerabilities

Fortinet FortiWeb cgi_xmlprotection_xmlschemafile_post Directory Traversal Arbitrary File Write Vulnerability (CVE-2024-55597)

Jason Davies 220 Views 0 Comments 0 min read

This vulnerability allows remote attackers to create arbitrary XML schema files on affected installations of Fortinet FortiWeb.

Read More
NewsSecurity Vulnerabilities

Trend Micro Cleaner One Pro Link Following Denial-of-Service Vulnerability (CVE-2025-27529)

Jason Davies 266 Views 0 Comments 0 min read

This vulnerability (CVE-2025-27529) allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Cleaner One Pro.

Read More
NewsSecurity Vulnerabilities

Autodesk Navisworks Freedom DWFX File Parsing Memory Corruption Remote Code Execution Vulnerability (CVE-2025-1660)

Luke Simmonds 250 Views 0 Comments 0 min read

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom.

Read More
NewsSecurity Vulnerabilities

Cisco Enterprise Chat and Email Denial of Service Vulnerability (CVE-2025-20139)

Jason Davies 365 Views 0 Comments 1 min read

A vulnerability in chat messaging features of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

Read More
NewsSecurity Vulnerabilities

Cisco Meraki MX and Z Series AnyConnect VPN Denial of Service Vulnerability (CVE-2025-20212)

Jason Davies 357 Views 0 Comments 1 min read

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series devices could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the Cisco AnyConnect service on an affected device.

Read More
NewsSecurity Vulnerabilities

Zabbix server DoS vulnerability (CVE-2024-45700)

Jason Davies 284 Views 0 Comments 0 min read

CVE-2024-45700 – Zabbix server is vulnerable to a DoS vulnerability due to uncontrolled resource exhaustion.

Read More
NewsSecurity Vulnerabilities

Apple macOS AudioToolboxCore WAV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability (CVE-2025-24244)

Jason Davies 248 Views 0 Comments 0 min read

CVE-2025-24244 – This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS.

Read More
NewsSecurity Vulnerabilities

Cisco Smart Licensing Utility Vulnerabilities (CVE-2024-20439 and CVE-2024-20440)

Jason Davies 485 Views 0 Comments 2 min read

CVE-2024-20439 and CVE-2024-20440 – Multiple vulnerabilities in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to collect sensitive information or administer Cisco Smart Licensing Utility services on a system while the software is running.

Read More
NewsSecurity Vulnerabilities

Authorisation bypass vulnerability in Next.js web development framework (CVE-2025-29927)

Jason Davies 345 Views 0 Comments 1 min read

Next.js has published a security advisory detailing an authorisation bypass vulnerability present in Next.js, a popular and open-source React-based web development framework that is used to build full-stack web applications in use in the UK and around the world.

Read More
NewsSecurity Vulnerabilities

Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability (CVE-2024-20475)

Jason Davies 510 Views 0 Comments 0 min read

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.

Read More