WooCommerce Reflected Cross-Site Scripting Vulnerability (CVE-2025-0864)
CVE number = CVE-2025-0864 The Active Products Tables for WooCommerce. Use constructor to create tables plugin for WordPress is vulnerable
Read MoreSecurity Vulnerabilities
The latest Security Vulnerabilities
Red Hat Improper Authorization in Keycloak (CVE-2025-1391)
CVE-2025-1391 – A flaw was found in the Keycloak organization feature, which allows the incorrect assignment of an organization to a user if their username or email matches the organization’s domain pattern.
Read More
Dell NetWorker Management Console vulnerability (CVE-2025-21103)
CVE number = CVE-2025-21103 Dell NetWorker Management Console, version(s) 19.11 through 19.11.0.3 & Versions prior to 19.10.0.7 contain(s) an improper
Read More
Palo Alto Unauthorized Access to Broker VM Docker Containers (CVE-2025-0113)
CVE number = CVE-2025-0113 A problem with the network isolation mechanism of the Palo Alto Networks Cortex XDR Broker VM
Read MoreNVIDIA Container Toolkit for Linux Time-of-Check Time-of-Use vulnerability (CVE-2025-23359)
CVE-2025-23359 – NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system.
Read More
Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability (CVE-2025-0413)
CVE-2025-0413 – This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop.
Read More
Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Vulnerabilities
CVE numbers CVE-2025-20184 and CVE-2025-20185. Multiple vulnerabilities in Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an attacker to execute arbitrary commands locally or remotely.
Read MoreCisco NX-OS Software Image Verification Bypass Vulnerability (CVE-2024-20397)
CVE number = CVE-2024-20397 – A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification.
Read More
Cisco Identity Services Engine Insecure Java Deserialization and Authorization Bypass Vulnerabilities (CVE-2025-20124)
CVE numbers CVE-2025-20124 and CVE-2025-20125 – Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands and elevate privileges on an affected device.
Read MoreTeamViewer Improper Neutralization of Argument Delimiters Local Privilege Escalation Vulnerability (CVE-2025-0065)
CVE-2025-0065 – This vulnerability allows local attackers to escalate privileges on affected installations of TeamViewer.
Read More