-
Researchers at GreyNoise observed a sudden spike in attempts to exploit a well-known Grafana flaw. This vulnerability, tracked as CVE-2021-43798, allows attackers to traverse paths on a server and read any file they choose. Over the course of a single …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Three critical security flaws were discovered in firmware version V9.4.0cu.1360_B20241207 of the TOTOLINK X6000R router released on March 28, 2025. These vulnerabilities range from argument injection and command injection to a security bypass that can …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in the official Termix Docker image puts users at risk of exposing sensitive SSH credentials. The flaw allows anyone with network access to retrieve stored host addresses, usernames, and passwords without logging in. How the Vu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Splunk released security advisories addressing multiple vulnerabilities affecting various versions of Splunk Enterprise and Splunk Cloud Platform. The flaws range from cross-site scripting (XSS) vulnerabilities to access control bypasses, with CVSS sco…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NVIDIA has issued a critical security bulletin revealing multiple vulnerabilities in its NVIDIA App software that can enable attackers to escalate privileges on Windows systems. The flaws, addressed in the September 2025 update, stem from improper file…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A serious vulnerability in the Red Hat OpenShift AI service (RHOAI) enables attackers with minimal access to escalate privileges and take control of entire clusters. Identified as CVE-2025-10725, the flaw resides in an overly permissive ClusterRole ass…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An uptick in internet-wide scanning activity indicates that threat actors are actively probing for systems vulnerable to CVE-2024-3400, a critical GlobalProtect flaw in Palo Alto Networks PAN-OS. Security researchers at SANS ISC observed a single …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has released an urgent alert for system administrators and IT teams worldwide. Researchers have confirmed that attackers are actively exploiting a serious vulnerability in the sudo utility use…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A team of security researchers has released an in-depth technical report on CVE-2025-32463, a critical local privilege escalation flaw in the widely used Linux sudo utility. The vulnerability, which affects sudo versions 1.9.14 through 1.9.17, allows a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Organizations using VMware hypervisors face an urgent threat as a local privilege escalation zero-day, tracked as CVE-2025-41244, is under active exploitation in the wild. Both VMware Tools and VMware Aria Operations’ Service Discovery Management Pack …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
