Tag: critical vulnerability

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical CrushFTP vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Critical CrushFTP vulnerability

A critical CrushFTP, CVE-2025-2825, with a CVSS score of 9.8, flaw has been discovered. It enables attackers to bypass authentication on CrushFTP servers, posing a high-severity risk to corporate environments. Continue reading this Cybersecurity Threat Advisory for details on how...

/ April 10, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Exploited Cisco backdoor flaw
FeaturedSecurity

Cybersecurity Threat Advisory: Exploited Cisco backdoor flaw

CVE-2024-20439 is a critical authentication bypass vulnerability in Cisco’s Smart Licensing Utility (CSLU). Attackers exploit this backdoor to gain unauthorized administrative access to vulnerable systems. The vulnerability affects specific versions of the standalone CSLU software, which is used to manage...

/ April 5, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Next.js vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Critical Next.js vulnerability

A critical security flaw, CVE-2025-29927, with a CVSS score of 9.1, has been found affecting the Next.js React framework. This vulnerability lets attackers bypass middleware authorization checks and access parts of a web application that should remain restricted. To protect...

/ March 25, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical AMI BMC vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Critical AMI BMC vulnerability

AMI has disclosed a critical vulnerability, CVE-2024-54085, with a CVSS score of 10.0. This vulnerability allows attackers to gain remote access and execute malicious commands. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk. What is...

/ March 19, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical vulnerability in PostgreSQL
FeaturedSecurity

Cybersecurity Threat Advisory: Critical vulnerability in PostgreSQL

Security experts identified a critical PostgreSQL vulnerability, CVE-2025-1094, with a CVSS of 8.1. The vulnerability poses a significant risk to database integrity in enterprise and production environments. Review this Cybersecurity Threat Advisory to learn how to mitigate your risks. What...

/ February 28, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Juniper vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Critical Juniper vulnerability

A critical vulnerability, CVE-2025-21589, is found in Juniper Networks’ Session Smart Router, Session Smart Conductor, and WAN Assurance Router products. This flaw enables threat actors to bypass authentication mechanisms and gain administrative control over affected devices. Continue reading this Cybersecurity...

/ February 19, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Microsoft SharePoint connector vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Microsoft SharePoint connector vulnerability

A critical security vulnerability was identified in Microsoft Power Platform’s SharePoint connector. The flaw allows attackers to harvest user credentials and perform unauthorized actions within the platform upon a successful exploitation. Continue reading this Cybersecurity Threat Advisory to learn how...

/ February 4, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Aviatrix Controller vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Aviatrix Controller vulnerability

A critical security vulnerability in the Aviatrix Controller cloud networking platform has been discovered and is actively exploited by threat actors to deploy backdoors and cryptocurrency miners. Multiple cloud deployments have reported that they have been compromised following this disclosure....

/ January 15, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Active exploitation of Ivanti’s Connect Secure VPN
FeaturedSecurity

Cybersecurity Threat Advisory: Active exploitation of Ivanti’s Connect Secure VPN

A critical Ivanti Connect Secure VPN vulnerability, identified as CVE-2025-0282, was disclosed. Threat actors are actively exploiting it in the wild, primarily targeting organizations relying on Ivanti’s Zero Trust Access (ZTA) solutions. Review this Cybersecurity Threat Advisory to see how...

/ January 13, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: PAN-OS critical vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: PAN-OS critical vulnerability

A critical vulnerability, tracked as CVE-2024-3393 with a CVSS score of 8.7, has been identified in Palo Alto Networks’ PAN-OS software. This flaw allows unauthenticated attackers to send specially crafted packets that can reboot affected firewalls, leading to potential service...

/ December 31, 2024
1 2 3 6