The latest Security Vulnerabilities
CVE-2025-20209 – A vulnerability in the Internet Key Exchange version 2 (IKEv2) function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent an affected device from processing any control plane UDP packets.
Read MoreCVE-2025-2233 allows attackers to bypass authentication on Samsung SmartThings due to improper signature verification.
Read MoreCVE-2025-27816 is a critical vulnerability that was discovered in the Arctera InfoScale 7.0 through 8.0.2 where a .NET remoting endpoint can be exploited due to the insecure deserialization of potentially untrusted messages.
Read MoreCVE-2025-2024 – This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp.
Read MoreMultiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow a remote attacker to bypass authentication or execute arbitrary commands on the underlying operating system of an affected device.
Read MoreCVE-2024-56325 vulnerability allows remote attackers to bypass authentication on affected installations of Apache Pinot.
Read MoreCVE-2025-20208 is a vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow a low-privileged, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
Read MoreA vulnerability in the interprocess communication (IPC) channel of Cisco Secure Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the Secure Firewall Posture Engine, formerly HostScan, is installed on Cisco Secure Client.
Read MoreA low-severity vulnerability in Cisco Webex for BroadWorks Release 45.2 could allow an unauthenticated, remote attacker to access data and credentials if unsecure transport is configured for the SIP communication.
Read MoreCVE-2025-22224 and CVE-2025-22225 and CVE-2025-22226 – Broadcom has addressed three exploited vulnerabilities that, when chained, can allow an attacker to access the hypervisor through a running virtual machine.
Read More
