Static AES keys are enabling attackers to decrypt access tokens and reach remote code execution, triggering urgent patch ...
Research shows a .NET proxy design flaw enables file writes and RCE through attacker-supplied WSDL in multiple products.
Hackers are exploiting a new, undocumented vulnerability in the implementation of the cryptographic algorithm present in ...
FreePBX patched 2025 flaws allowing SQL injection, file upload attacks, and an auth bypass only when webserver AUTHTYPE was ...
Over the weekend, Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the ...
In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security ...
Researcher warns that many .NET applications might be vulnerable to arbitrary file writes because .NET’s HTTP client proxy ...
A critical Ivanti EPM vulnerability could allow unauthenticated attackers to execute arbitrary code remotely with ...
KB5072033 addresses vulnerabilities across Windows systems and Office applications—including one actively exploited zero-day.
Microsoft fixed over 50 security vulnerabilities with December's big Patch Tuesday. One of them is already being actively ...
Threat actors have exploited a zero-day vulnerability in the Gogs self-hosted Git service to compromise over 700 ...
Roomba maker iRobot has filed for bankruptcy protection and will change its ownership, but your robot vacuum cleaners will ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback