CVE/vulnerability – Page 6

CISA Issues Alert on Citrix NetScaler 0-Day RCE Exploited in the Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert after detecting active exploitation of a critical zero-day remote code execution (RCE) vulnerability in Citrix NetScaler devices. Designated CVE-2025-7775, the flaw …

8/28/2025

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Microsoft Teams Flaw Prevents Users From Accessing Embedded Office Files

A widespread service disruption is currently affecting Microsoft Teams users across the globe, preventing access to embedded Office documents within the collaboration platform. The issue, which began surfacing, has created significant workflo…

8/28/2025

·

CVE/vulnerability, cyber security, Cyber Security News, Microsoft, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Over 28,000 Citrix Servers at Risk from Active 0-Day RCE Exploit

A critical zero-day remote code execution (RCE) vulnerability is currently threatening the security of over 28,000 Citrix instances worldwide. The flaw, designated as CVE-2025-7775, is being actively exploited by threat actors, prompting urge…

8/28/2025

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
NVIDIA NeMo AI Curator Vulnerability Allows Code Execution and Privilege Escalation

NVIDIA released a security bulletin for NVIDIA® NeMo Curator addressing a high-severity vulnerability (CVE-2025-23307) that affects all prior versions of the Curator software. The flaw, rooted in improper handling of user-supplied files, allows a malic…

8/27/2025

·

CVE/vulnerability, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Nagios Flaw Enables Remote Attackers to Run Arbitrary JavaScript via XSS

Nagios has addressed a significant cross-site scripting (XSS) vulnerability in its enterprise monitoring platform Nagios XI that could allow remote attackers to execute arbitrary JavaScript code in users’ browsers. The security flaw, discovered i…

8/27/2025

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
IPFire Firewall Admin Panel Vulnerability Enables Persistent JavaScript Injection

A critical vulnerability in IPFire 2.29’s web-based firewall interface (firewall.cgi) allows authenticated administrators to inject persistent JavaScript code, leading to session hijacking, unauthorized actions, or internal network pivoting. Tracked as…

8/27/2025

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
CISA Issues New ICS Advisories on Critical Vulnerabilities and Exploits

The Cybersecurity and Infrastructure Security Agency (CISA) released three Industrial Control Systems (ICS) advisories on August 26, 2025, detailing nine critical vulnerabilities in INVT VT-Designer and HMITool (CVSS v4 8.5). Multiple flaws in Schneide…

8/27/2025

·

CVE/vulnerability, cyber security, Cyber Security News, Vulnerabilities, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Critical Chrome Use-After-Free Flaw Enables Arbitrary Code Execution

Google has released an urgent security update for the Chrome Stable channel to address a critical use-after-free vulnerability in the ANGLE graphics library that could allow attackers to execute arbitrary code on vulnerable systems. The fixes…

8/27/2025

·

Chrome, CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Citrix NetScaler ADC and Gateway Hit by Ongoing Attacks Exploiting 0-Day RCE

Cloud Software Group has issued an emergency security bulletin warning of active exploitation targeting three critical vulnerabilities in NetScaler ADC and NetScaler Gateway products. The vulnerabilities, tracked as CVE-2025-7775, CVE-2025-77…

8/27/2025

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability, Zero-Day

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
PoC Exploit Published for Chrome 0-Day Already Under Active Attack

A proof-of-concept exploit for a high-severity Google Chrome zero-day vulnerability has been published publicly, less than three months after the flaw was first disclosed, amid reports of active in-the-wild exploitation. The vulnerability, tracked as C…

8/26/2025

·

Chrome, CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

1010.cx

1010.cx

Category: CVE/vulnerability

CISA Issues Alert on Citrix NetScaler 0-Day RCE Exploited in the Wild

Microsoft Teams Flaw Prevents Users From Accessing Embedded Office Files

Over 28,000 Citrix Servers at Risk from Active 0-Day RCE Exploit

NVIDIA NeMo AI Curator Vulnerability Allows Code Execution and Privilege Escalation

Nagios Flaw Enables Remote Attackers to Run Arbitrary JavaScript via XSS

IPFire Firewall Admin Panel Vulnerability Enables Persistent JavaScript Injection

CISA Issues New ICS Advisories on Critical Vulnerabilities and Exploits

Critical Chrome Use-After-Free Flaw Enables Arbitrary Code Execution

Citrix NetScaler ADC and Gateway Hit by Ongoing Attacks Exploiting 0-Day RCE

PoC Exploit Published for Chrome 0-Day Already Under Active Attack