Tag: RCE

Cybersecurity Threat Advisory: Critical RCE flaw in Apache Roller blog server
Researchers have discovered a critical session management vulnerability within Apache Roller. It is being tracked as CVE-2025-24859 and has been assigned the maximum CVSS score of 10.0. Review the details in this Cybersecurity Threat Advisory to mitigate your risks. What...

Cybersecurity Threat Advisory: Critical Ivanti Connect Secure flaw
A critical vulnerability, identified as CVE-2025-22457, has been discovered in Ivanti Connect Secure (ICS) VPN appliances. This flaw is actively exploited in the wild, allowing attackers to execute arbitrary code remotely. Review the details within this Cybersecurity Threat Advisory to...

Cybersecurity Threat Advisory: Apache RCE vulnerability
A critical remote code execution (RCE) vulnerability in Apache Parquet, identified as CVE-2025-30065, with a CVSS score of 10.0, has been discovered. Continue reading this Cybersecurity Threat Advisory to learn how to effectively mitigate your risks. What is the threat?...

Cybersecurity Threat Advisory: Critical Ivanti vulnerability found in appliances
Researchers identified a critical vulnerability, CVE-2025-0282, that affects Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons, zero trust access (ZTA) gateways. This vulnerability can enable unauthenticated remote code execution (RCE), allow attackers to compromise the security and integrity of...

Cybersecurity Threat Advisory: RCE vulnerability in Veeam Backup & Replication
A vulnerability, tracked as CVE-2025-23120, with a CVSS score of 9.9, has been discovered in Veeam Backup & Replication. This vulnerability can allow attackers to exploit the system and execute remote code on the Veeam Backup Server. Continue reading this...

Cybersecurity Threat Advisory: Apache Tomcat vulnerability
A severe remote code execution (RCE) vulnerability in Apache Tomcat, identified as CVE-2025-24813, is actively exploited in the wild, allowing attackers to gain server control using a simple PUT request. Review the details in this Cybersecurity Threat Advisory to learn...

Cybersecurity Threat Advisory: Microsoft Windows zero-click RCE vulnerability
A critical Microsoft Windows Lightweight Directory Access Protocol (LDAP) vulnerability has been discovered, identified as CVE-2024-49112. The flaw has a CVSS severity score of 9.8, representing a major threat to enterprise networks. Continue reading this Cybersecurity Threat Advisory to learn...

Cybersecurity Threat Advisory: Critical Apache Struts 2 vulnerability
The Apache Software Foundation (ASF) has issued a security update to address a critical vulnerability in both end-of-life and current versions of Apache Struts 2. Under specific conditions, this vulnerability could lead to remote code execution (RCE). Review this Cybersecurity...

Cybersecurity Threat Advisory: Cleo file transfer critical vulnerability
A critical vulnerability, identified as CVE-2024-50623, has been discovered in Cleo’s file transfer software suite. This vulnerability allows attackers to exploit an unrestricted file upload and download flaw, potentially leading to remote code execution (RCE) on vulnerable systems. Continue reading...

Cybersecurity Threat Advisory: New VPN client vulnerabilities to watch out for
Vulnerabilities were discovered in SonicWall NetExtender, CVE-2024-29014, and Palo Alto GlobalConnect, CVE-2024-5921, which can lead to remote code execution (RCE). Continue reading this Cybersecurity Threat Advisory to limit your exposure to these vulnerabilities. What is the threat? The vulnerabilities exhibit...