CVE/vulnerability – Page 43

Apache Struts Flaw Allows Attackers to Launch Disk Exhaustion Attacks

A new security flaw has been found in Apache Struts, a popular open‑source web application framework used by many companies worldwide. The issue, tracked as CVE‑2025‑64775, could allow attackers to fill a server’s disk space, causing it to stop working…

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
OpenAI Codex CLI Flaw Allows Attackers to Run Arbitrary Commands

OpenAI’s Codex CLI, a command-line tool designed to bring AI-powered reasoning into developer workflows, contains a critical vulnerability that allows attackers to execute arbitrary commands on developer machines without any user interaction or a…

·

CVE/vulnerability, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Qualcomm Alerts Users to Critical Flaws That Compromise the Secure Boot Process

Qualcomm Technologies, Inc. has issued an urgent security bulletin warning customers about multiple critical vulnerabilities affecting millions of devices worldwide. The most severe flaw threatens the secure boot process, a fundamental security mechani…

·

CVE/vulnerability, cyber security, Cyber Security News, Vulnerabilities, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Devolutions Server Hit by SQL Injection Flaw Allowing Data Theft

A critical security vulnerability has been discovered in Devolutions Server, a popular centralized password and privileged access management solution. The flaw, rated critical severity by experts, could allow attackers to steal sensitive data or modify…

·

CVE/vulnerability, cyber security, Cyber Security News, Vulnerabilities, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
PoC Released for Outlook “MonikerLink” RCE Flaw Allowing Remote Code Execution

Security researchers have released a proof-of-concept (PoC) exploit for CVE-2024-21413, a critical remote code execution vulnerability in Microsoft Outlook dubbed “MonikerLink.” This flaw enables attackers to execute arbitrary code on victi…

·

CVE/vulnerability, Cyber Security News, Microsoft, Outlook, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Mystery OAST Tool Exploits 200 CVEs Using Google Cloud for Large-Scale Attacks

A sophisticated threat actor has been operating a private Out-of-band Application Security Testing (OAST) service hosted on Google Cloud infrastructure to conduct a large-scale exploit campaign targeting more than 200 CVEs, according to new research fr…

·

CVE/vulnerability, cyber security, Cyber Security News, Google

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Apache SkyWalking Flaw Allows Attackers to Launch XSS Attacks

A recently discovered vulnerability in Apache SkyWalking, a popular application performance monitoring tool, could allow attackers to execute malicious scripts and launch cross-site scripting (XSS) attacks. The flaw, identified as CVE-2025-54057, affec…

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability, xss

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Microsoft Teams Guest Chat Flaw Could Let Hackers Deliver Malware

Security researchers have discovered a critical vulnerability in Microsoft Teams that allows attackers to bypass all Defender for Office 365 protections by inviting users into malicious tenant environments. The flaw exploits a fundamental architectural…

·

CVE/vulnerability, cyber security, Cyber Security News, Microsoft, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
NVIDIA DGX Spark Flaws Allow Attackers to Run Malicious Code and Launch DoS Attacks

NVIDIA has released security updates to address fourteen critical vulnerabilities in its DGX Spark system. These flaws could allow attackers to execute malicious code, steal sensitive information, and launch denial-of-service attacks that crash the sys…

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Apache Syncope Flaw Lets Attackers Access Internal Database Content

A security vulnerability has been identified in Apache Syncope that could allow attackers to decrypt stored passwords if they gain access to the internal database. The flaw stems from the use of a hardcoded default AES encryption key, which undermines …

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

1010.cx

1010.cx

Category: CVE/vulnerability

Apache Struts Flaw Allows Attackers to Launch Disk Exhaustion Attacks

OpenAI Codex CLI Flaw Allows Attackers to Run Arbitrary Commands

Qualcomm Alerts Users to Critical Flaws That Compromise the Secure Boot Process

Devolutions Server Hit by SQL Injection Flaw Allowing Data Theft

PoC Released for Outlook “MonikerLink” RCE Flaw Allowing Remote Code Execution

Mystery OAST Tool Exploits 200 CVEs Using Google Cloud for Large-Scale Attacks

Apache SkyWalking Flaw Allows Attackers to Launch XSS Attacks

Microsoft Teams Guest Chat Flaw Could Let Hackers Deliver Malware

NVIDIA DGX Spark Flaws Allow Attackers to Run Malicious Code and Launch DoS Attacks

Apache Syncope Flaw Lets Attackers Access Internal Database Content