8,000 New WordPress Vulnerabilities Reported in 2024 2025-03-17 at 18:14 By Ionut Arghire Nearly 8,000 new vulnerabilities affecting the WordPress ecosystem were reported last year, nearly all in plugins and themes. The post 8,000 New WordPress Vulnerabilities Reported in 2024 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
8,000 New WordPress Vulnerabilities Reported in 2024 Read More »
Nvidia Riva Vulnerabilities Allow Unauthorized Use of AI Services 2025-03-17 at 13:16 By Eduard Kovacs Vulnerabilities in Nvidia Riva could allow hackers to abuse speech and translation AI services that are typically expensive. The post Nvidia Riva Vulnerabilities Allow Unauthorized Use of AI Services appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
Nvidia Riva Vulnerabilities Allow Unauthorized Use of AI Services Read More »
Cisco Patches 10 Vulnerabilities in IOS XR 2025-03-13 at 18:02 By Ionut Arghire Cisco has released patches for 10 vulnerabilities in IOS XR, including five denial-of-service (DoS) bugs. The post Cisco Patches 10 Vulnerabilities in IOS XR appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Cisco Patches 10 Vulnerabilities in IOS XR Read More »
Zoom Patches 4 High-Severity Vulnerabilities 2025-03-12 at 17:04 By Eduard Kovacs Zoom has patched five vulnerabilities in its applications, including four high-severity flaws. The post Zoom Patches 4 High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Zoom Patches 4 High-Severity Vulnerabilities Read More »
Fortinet Patches 18 Vulnerabilities 2025-03-12 at 14:52 By Eduard Kovacs Fortinet has published 17 new advisories to inform customers about 18 vulnerabilities patched in its products. The post Fortinet Patches 18 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Fortinet Patches 18 Vulnerabilities Read More »
SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver 2025-03-11 at 15:00 By Ionut Arghire SAP released 21 new security notes and updated three security notes on March 2025 security patch day. The post SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver Read More »
Details Disclosed for SCADA Flaws That Could Facilitate Industrial Attacks 2025-03-10 at 19:01 By Eduard Kovacs Palo Alto Networks has shared details on several high-severity Mitsubishi Electric and Iconics SCADA vulnerabilities. The post Details Disclosed for SCADA Flaws That Could Facilitate Industrial Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
Details Disclosed for SCADA Flaws That Could Facilitate Industrial Attacks Read More »
Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities 2025-03-05 at 13:15 By Ionut Arghire Chrome 134 and Firefox 136 are rolling out across desktop and mobile with patches for multiple high-severity vulnerabilities. The post Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities Read More »
Vulnerabilities Patched in Qualcomm, Mediatek Chipsets 2025-03-04 at 14:54 By Ionut Arghire Chip makers Qualcomm and Mediatek have released patches for many vulnerabilities across their products. The post Vulnerabilities Patched in Qualcomm, Mediatek Chipsets appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Vulnerabilities Patched in Qualcomm, Mediatek Chipsets Read More »
Broadcom Patches 3 VMware Zero-Days Exploited in the Wild 2025-03-04 at 14:22 By Eduard Kovacs Broadcom patched VMware zero-days CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 after Microsoft warned it of exploitation. The post Broadcom Patches 3 VMware Zero-Days Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Broadcom Patches 3 VMware Zero-Days Exploited in the Wild Read More »
Exploitation Long Known for Most of CISA’s Latest KEV Additions 2025-03-04 at 13:02 By Eduard Kovacs Exploitation has been known for months or years for most of the latest vulnerabilities added by CISA to its KEV catalog. The post Exploitation Long Known for Most of CISA’s Latest KEV Additions appeared first on SecurityWeek. This article
Exploitation Long Known for Most of CISA’s Latest KEV Additions Read More »
Cisco Patches Vulnerabilities in Nexus Switches 2025-02-27 at 14:03 By Eduard Kovacs Cisco has patched command injection and DoS vulnerabilities affecting some of its Nexus switches, including a high-severity flaw. The post Cisco Patches Vulnerabilities in Nexus Switches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Cisco Patches Vulnerabilities in Nexus Switches Read More »
Siemens Teamcenter vulnerability could allow account takeover (CVE-2025-23363) 2025-02-27 at 11:32 By Zeljka Zorz A high-severity vulnerability (CVE-2025-23363) in the Siemens Teamcenter product lifecycle management (PLM) software could allow an attacker to steal users’ valid session data and gain unauthorized access to the vulnerable application. About CVE-2025-23363 Siemens Teamcenter is a suite of applications that
Siemens Teamcenter vulnerability could allow account takeover (CVE-2025-23363) Read More »
Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers 2025-02-21 at 15:21 By Ionut Arghire OPSWAT details two critical vulnerabilities in the Mongoose ODM library for MongoDB leading to remote code execution on the Node.js server. The post Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers appeared first on SecurityWeek. This article is an
Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers Read More »
Atlassian Patches Critical Vulnerabilities in Confluence, Crowd 2025-02-20 at 15:40 By Ionut Arghire Atlassian has released patches for 12 critical- and high-severity vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd, and Jira. The post Atlassian Patches Critical Vulnerabilities in Confluence, Crowd appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Atlassian Patches Critical Vulnerabilities in Confluence, Crowd Read More »
PoC Exploit Published for Critical Ivanti EPM Vulnerabilities 2025-02-20 at 13:47 By Ionut Arghire Proof-of-concept (PoC) code and technical details on four critical-severity Ivanti EPM vulnerabilities are now available. The post PoC Exploit Published for Critical Ivanti EPM Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
PoC Exploit Published for Critical Ivanti EPM Vulnerabilities Read More »
Chrome 133, Firefox 135 Updates Patch High-Severity Vulnerabilities 2025-02-19 at 15:01 By Ionut Arghire Google and Mozilla resolve high-severity memory safety vulnerabilities with the latest Chrome and Firefox security updates. The post Chrome 133, Firefox 135 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Chrome 133, Firefox 135 Updates Patch High-Severity Vulnerabilities Read More »
Attackers are chaining flaws to breach Palo Alto Networks firewalls 2025-02-19 at 11:03 By Zeljka Zorz Exploitation attempts targeting CVE-2025-0108, a recently disclosed authentication bypass vulnerability affecting the management web interface of Palo Alto Networks’ firewalls, are ramping up. “GreyNoise now sees 25 malicious IPs actively exploiting CVE-2025-0108, up from 2 on February 13,” the
Attackers are chaining flaws to breach Palo Alto Networks firewalls Read More »
Critical Vulnerability Patched in Juniper Session Smart Router 2025-02-18 at 15:34 By Eduard Kovacs A critical vulnerability tracked as CVE-2025-21589 has been patched in Juniper Networks’ Session Smart Router. The post Critical Vulnerability Patched in Juniper Session Smart Router appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Critical Vulnerability Patched in Juniper Session Smart Router Read More »
Xerox Versalink Printer Vulnerabilities Enable Lateral Movement 2025-02-17 at 13:03 By Ionut Arghire Xerox released security updates to resolve pass-back attack vulnerabilities in Versalink multifunction printers. The post Xerox Versalink Printer Vulnerabilities Enable Lateral Movement appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Xerox Versalink Printer Vulnerabilities Enable Lateral Movement Read More »