WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks. The vulnerability, CVE-2025-55177 …

I found that in CVE-2025-38236, many kernel releases are termed as "Not in Release". Does it mean vulnerable or safe?

We have over 1000 of ubuntu devices majority of them running with ubuntu 20.04 LTS with the Linux Kernel version - 5.4.0-216-generic. We also have ubuntu 22,24 devices. The vulnerability CVE-2025-38236 is currently affecting all our devices and I see there is…

Sangoma warns of an actively exploited FreePBX zero-day affecting systems with publicly exposed admin control panels. The Sangoma FreePBX Security Team addressed an actively exploited FreePBX zero-day vulnerability, tracked as CVE-2025-57819 (CVSS score of 10…

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-57819 Sangoma FreePBX Authentication Bypass Vulnerability This type of vulnerability is a f…

Posted by Xen . org security team on Aug 28 Xen Security Advisory CVE-2024-36350,CVE-2024-36357 / XSA-471 version 2 x86: Transitive Scheduler Attacks UPDATES IN VERSION 2 ==================== The fix for this issue uncovered a pre-existing bug with the h…

A critical vulnerability (CVE-2025-9074) in Docker Desktop for Windows and macOS was fixed. The flaw allowed a malicious…

Over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158, a critical vulnerability for which Plex has issued a fix for earlier this month, Censys has warned. About CVE-2025-34158 Plex Media Server (PMS) is sof…

Citrix addressed three vulnerabilities in NetScaler ADC and NetScaler Gateway, including one that has been actively exploited in the wild. Citrix addressed three security flaws (CVE-2025-7775, CVE-2025-7776, CVE-2025-8424) in NetScaler ADC and NetScaler Gatew…

The post PoC Code Available for Critical SQLite Vulnerability (CVE-2025-6965) appeared first on Daily CyberSecurity.

CVE-2025-48384, a recently patched vulnerability in the popular distributed revision control system Git, is being exploited by attackers. Details about the attacks are not public, but the confirmation of exploitation comes from the US Cybersecurity and Infras…

A vulnerability has been identified in Docker Desktop. A remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system. Note: Proof of Concept exploit code is publicly available for CVE-2025-9074. The vuln…

The dirtyZero toolbox based on Ian Beer's CVE-2025-24203 writeup has been updated to version 1.1 with new features and an updated UI.

Docker fixed a critical flaw in the Docker Desktop app for Windows and macOS that could potentially allow an attacker to escape the confines of a container. Docker fixed a critical vulnerability, tracked as CVE-2025-9074 (CVSS score of 9.3), impacting Docker …

Docker has released fixes to address a critical security flaw affecting the Docker Desktop app for Windows and macOS that could potentially allow an attacker to break out of the confines of a container. The vulnerability, tracked as CVE-2025-9074, carries a C…

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2024-8069 Citrix Session Recording Deserialization of Untrusted Data Vulnerability CVE-2024-8068 Cit…

Apple fixes CVE-2025-43300, a flaw letting hackers hijack devices via malicious images. Users urged to update iPhone, iPad,…

Posted by Alan Coopersmith on Aug 22CVE-2025-43023 is a bit of an odd vulnerability. https://support.hp.com/us-en/document/ish_12804224-12804228-16/hpsbpi04033 says: HP Linux Imaging and Printing Software - Use of DSA Key A potential security vulnerabili…

Apple addressed a vulnerability impacting iOS, iPadOS, and macOS that it is under active exploitation in the wild. Apple addressed an actively exploited zero-day, tracked as CVE-2025-43300, in iOS, iPadOS, and macOS. The vulnerability is zero-day out-of-bound…

Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances. The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows - CVE-2025-57788 (CVS…