CVE ID : CVE-2025-4302
Published : July 17, 2025, 8:15 a.m. | 2 hours, 9 minutes ago
Description : The Stop User Enumeration WordPress plugin before version 1.7.3 blocks REST API /wp-json/wp/v2/users/ requests for non-authorized users. However, this can be bypassed by URL-encoding the API path.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Google’s Big Sleep AI Foils Live Zero-Day Exploit in SQLite (CVE-2025-6965)
In a demonstration of artificial intelligence applied to cybersecurity, Google has revealed that its AI agent, Big Sleep, has successfully identified and neutralized a critical vulnerability before it …
Read more
Published Date:
Jul 17, 2025 (10 hours, 22 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-6965
NVIDIA Plugs Critical Flaws in Container Toolkit and GPU Operator: CVE-2025-23266 & CVE-2025-23267
NVIDIA has released a critical security update for its Container Toolkit and GPU Operator, patching two high-impact vulnerabilities—CVE-2025-23266 and CVE-2025-23267—that could allow attackers to gain …
Read more
Published Date:
Jul 17, 2025 (10 hours, 11 minutes ago)
Vulnerabilities has been mentioned in this article.
Microsoft Unveils RedirectionGuard: A New Windows 11 Defense Against Privilege Escalation Attacks
As attackers continue to evolve their tactics, Microsoft is taking bold strides to neutralize entire classes of vulnerabilities — not just patching individual CVEs. In its recently blog post, the tech …
Read more
Published Date:
Jul 17, 2025 (10 hours, 5 minutes ago)
Vulnerabilities has been mentioned in this article.
Critical Flaws in Alcatel-Lucent OmniAccess Stellar WLAN APs Allow Full Remote Takeover, PoC Releases
In a recently disclosure, ALE (Alcatel-Lucent Enterprise) has published a security advisory (SA-N0150) addressing multiple critical vulnerabilities in its OmniAccess Stellar WLAN Access Points, affect …
Read more
Published Date:
Jul 17, 2025 (10 hours ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-52690
CVE-2025-52689
CVE-2025-52688
CVE-2025-52687
SonicWall SMA Devices Under Attack: UNC6148 Deploys OVERSTEP Rootkit for Persistent Access
Google’s Threat Intelligence Group (GTIG) uncovers a stealthy, sophisticated campaign led by a financially motivated actor tracked as UNC6148. This campaign targets end-of-life SonicWall Secure Mobile …
Read more
Published Date:
Jul 17, 2025 (8 hours, 34 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-20337
CVE-2024-38475
CVE-2023-44221
CVE-2021-20038
CVE-2021-20035
Critical Cisco ISE Flaw CVE-2025-20337 (CVSS 10.0) Allows Unauthenticated Root RCE – Patch Immediately
A critical vulnerability was found in Cisco Identity Services Engine (ISE) and Cisco ISE-PIC. Tracked as CVE-2025-20337, the flaw is rated a maximum CVSS score of 10, highlighting its severity and pot …
Read more
Published Date:
Jul 17, 2025 (8 hours, 21 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-20337
CVE-2024-20469
Made by Google 2025: Pixel 10, Pixel Watch 4, and More AI Innovations Revealed
Image: Google
Google has confirmed that this year’s Made by Google event will take place on August 20 at 1 PM Eastern Time, returning to New York City. The highly anticipated Pixel 10 lineup is expect …
Read more
Published Date:
Jul 17, 2025 (8 hours, 10 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-20337
CVE-2024-39343
Cloudflare’s 1.1.1.1 DNS Suffers Global Outage Due to Internal Configuration Error
Image: CloudFlare
The 1.1.1.1 public DNS service operated by Cloudflare—second in global usage only to Google’s 8.8.8.8—experienced a large-scale worldwide outage on July 14, 2025. The disruption left …
Read more
Published Date:
Jul 17, 2025 (7 hours, 49 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-20115
TryHackMe Room Walkthrough: Billing
🧠 TryHackMe Room Walkthrough: BillingA detailed walkthrough of TryHackMe’s Billing room exploiting CVE-2023–30258 and escalating via fail2ban misconfig4 min read11 hours agoRoom Link: https://tryhackm …
Read more
Published Date:
Jul 17, 2025 (4 hours, 45 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE‑2025‑27210 & CVE‑2025‑27209: Two high‑severity vulnerabilities in Node.js
What is this vulnerability?Two high‑severity flaws: CVE‑2025‑27210 and CVE‑2025‑27209 were found in Node.js. The first is a path traversal bypass exploiting Windows device names (CON, PRN, AUX). The s …
Read more
Published Date:
Jul 17, 2025 (4 hours, 45 minutes ago)
Vulnerabilities has been mentioned in this article.
Lenovo Vantage Vulnerabilities Allow Attackers to Escalate Privileges as SYSTEM User
A trio of newly disclosed CVE-2025-6230, CVE-2025-6231 and CVE-2025-6232 underscores how a single trusted OEM utility can become a springboard for full machine compromise.
Lenovo Vantage, shipped by d …
Read more
Published Date:
Jul 17, 2025 (3 hours, 10 minutes ago)
Vulnerabilities has been mentioned in this article.
GhostContainer backdoor: malware compromising Exchange servers of high-value organizations in Asia
In a recent incident response (IR) case, we discovered highly customized malware targeting Exchange infrastructure within government environments. Analysis of detection logs and clues within the sampl …
Read more
Published Date:
Jul 17, 2025 (2 hours, 22 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2020-0688
Cisco Unified Intelligence Center Vulnerability Allows Remote Attackers to Upload Arbitrary Files
A critical vulnerability in Cisco’s Unified Intelligence Center (CUIC) web-based management interface has been classified with high severity, allowing authenticated remote attackers with Report Design …
Read more
Published Date:
Jul 17, 2025 (1 hour, 41 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-20274
The United Australia Party (UAP), led by mining magnate Clive Palmer, has confirmed that it fell victim to a cyberattack…
Co-op has confirmed that the personal details of all 6.5 million of its members were stolen in a cyberattack earlier…
The popular U.S. department store chain Belk is under scrutiny following a cyberattack that may have compromised sensitive customer information.…
CVE ID : CVE-2025-7712
Published : July 17, 2025, 3:15 a.m. | 1 hour, 59 minutes ago
Description : The Madara – Core plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wp_manga_delete_zip() function in all versions up to, and including, 2.2.3. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7735
Published : July 17, 2025, 4:15 a.m. | 59 minutes ago
Description : The Hospital Information System developed by UNIMAX has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
New Konfety Malware Variant Evades Detection by Manipulating APKs and Dynamic Code
Cybersecurity researchers have discovered a new, sophisticated variant of a known Android malware referred to as Konfety that leverages the evil twin technique to enable ad fraud.
The sneaky approach …
Read more
Published Date:
Jul 16, 2025 (21 hours, 5 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-3648
CVE-2025-6554
CVE-2025-3067
CVE-2025-1939