Security Vulnerabilities

The latest Security Vulnerabilities

NewsSecurity Vulnerabilities

Out of bounds write vulnerability in FreeType versions 2.13.0 and below (CVE-2025-27363)

Luke Simmonds 350 Views 0 Comments 0 min read

An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files.

Read More
NewsSecurity Vulnerabilities

Cisco IOS XE Wireless Controller Software Arbitrary File Upload Vulnerability (CVE-2025-20188)

Luke Simmonds 578 Views 0 Comments 1 min read

CVE number = CVE-2025-20188 A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE Software

Read More
NewsSecurity Vulnerabilities

Cisco IOS XE SNMP OID Handling Out-Of-Bounds Read Denial-of-Service Vulnerability (CVE-2025-20172)

Jason Davies 346 Views 0 Comments 0 min read

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Cisco IOS XE.

Read More
NewsSecurity Vulnerabilities

Apache Parquet Java – Potential malicious code execution from trusted packages (CVE-2025-46762)

Jason Davies 333 Views 0 Comments 0 min read

Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code.

Read More
NewsSecurity Vulnerabilities

Cisco IOS XE SNMP GET-NEXT ciscoFlashFileSize Unexpected Sign Extension Denial-of-Service Vulnerability (CVE-2025-20169)

Jason Davies 367 Views 0 Comments 0 min read

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Cisco IOS XE.

Read More
NewsSecurity Vulnerabilities

Synology BeeStation BST150-4T Unnecessary Privileges Remote Code Execution Vulnerability (CVE-2024-10445)

Luke Simmonds 359 Views 0 Comments 0 min read

CVE number = CVE-2024-10445 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology BeeStation BST150-4T

Read More
NewsSecurity Vulnerabilities

Apache ActiveMQ NMS Body Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2025-29953)

Jason Davies 411 Views 0 Comments 0 min read

CVE-2025-29953 – This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apache ActiveMQ NMS.

Read More
NewsSecurity Vulnerabilities

Oracle VirtualBox OHCI USB Controller Race Condition Local Privilege Escalation Vulnerability (CVE-2024-21113)

Jason Davies 330 Views 0 Comments 0 min read

CVE-2024-21113 – This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox.

Read More
NewsSecurity Vulnerabilities

Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability (CVE-2025-24054)

Jason Davies 655 Views 0 Comments 0 min read

CVE-2025-24054 is a vulnerability involving NTLM hash disclosure through spoofing, triggered by specially crafted .library-ms files.

Read More
NewsSecurity Vulnerabilities

Path traversal vulnerability in Commvault Command Center Innovation Release (CVE-2025-34028)

Jason Davies 468 Views 0 Comments 0 min read

A critical security vulnerability has been identified in the Commvault Command Center installation, allowing remote attackers to execute arbitrary code without authentication. 

Read More