Enterprise data backup platform Commvault has revealed that an unknown nation-state threat actor breached its Microsoft Azure environment by exploiting CVE-2025-3928 but emphasized there is no evidence of unauthorized data access. "This activity has affected …

SonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile Access (SMA) appliances have been exploited in the wild. The vulnerabilities in question are listed below - CVE-2023-44221 (CVSS score: 7.2) - Improper neutralizati…

A critical remote code execution (RCE) vulnerability has been disclosed in Synology’s DiskStation DS1823xs+, a popular NAS appliance The post CVE-2024-10442 (CVSS 10): Zero-Click RCE in Synology DiskStation, PoC Publishes appeared first on Daily CyberSecurity.

A serious security vulnerability has been discovered in Finit, a lightweight and fast init system for Linux, originally The post CVE-2025-29906: Finit’s Bundled Getty Flaw Allows Authentication Bypass on Linux Systems appeared first on Daily CyberSecurity.

A critical security vulnerability has been disclosed in vLLM, a popular open-source library used for high-performance inference and The post CVE-2025-32444 (CVSS 10): Critical RCE Flaw in vLLM’s Mooncake Integration Exposes AI Infrastructure appeared first on Daily CyberSecurity.

Article URL: https://hoefler.dev/articles/vsock.html Comments URL: https://news.ycombinator.com/item?id=43849373 Points: 4 # Comments: 0

Related content: CVE-2024-5920 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in PAN-OS Enables Impersonation of a Legitimate Administrator (Severity: LOW) CVE-2025-0123 PAN-OS: Information Disclosure Vulnerability in HTTP/2 Packet Captures (Severity…

Related content: CVE-2024-5916 PAN-OS: Cleartext Exposure of External System Secrets (Severity: MEDIUM) CVE-2025-0123 PAN-OS: Information Disclosure Vulnerability in HTTP/2 Packet Captures (Severity: LOW) CVE-2025-0117 GlobalProtect App: Local Privilege Escal…

Related content: CVE-2024-5916 PAN-OS: Cleartext Exposure of External System Secrets (Severity: MEDIUM) CVE-2025-0123 PAN-OS: Information Disclosure Vulnerability in HTTP/2 Packet Captures (Severity: LOW) CVE-2025-0117 GlobalProtect App: Local Privilege Escal…

Related content: CVE-2024-5916 PAN-OS: Cleartext Exposure of External System Secrets (Severity: MEDIUM) CVE-2025-0123 PAN-OS: Information Disclosure Vulnerability in HTTP/2 Packet Captures (Severity: LOW) CVE-2025-0117 GlobalProtect App: Local Privilege Escal…

A critical security vulnerability in SAP NetWeaver is under active exploitation, posing a significant threat to organizations worldwide. The post CISA Adds SAP NetWeaver Zero-Day CVE-2025-31324 to KEV Database appeared first on Daily CyberSecurity.

There was a post initially published in January 2022 showing an exploitable "probable zero-day vulnerabilities"[1] for Sonicwall but looking back in what has been submitted in the past year to ISC, this past week was the first time we have been getting some r…

The PowerDNS team has issued a high-severity security advisory—CVE-2025-30194—regarding a newly discovered denial-of-service (DoS) vulnerability in DNSdist, the The post High-Severity DoS Vulnerability Found in PowerDNS DNSdist (CVE-2025-30194) appeared first on Daily CyberSecurity.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SAP NetWeaver flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SAP NetWeaver flaw, tracked as CVE-2025-31324, to its K…

Ivanti Connect Secure⒢識эCVE-2025-22457鐚≪絵儀 (2025.04.04) f絵儀違紊у申荐 遵с茴㍂榊∈茯 Ivanti ZTA Gateways patch Ivanti Policy Secure patch 散2025.05.15 篋 翫сс若 (ICT) 茵パ㍾鴻箴腆肴 筝h箴球㍂綽純 PulseSecureァッ腟 (紊у, 2025.04.18) 紊ICT㍾承絎潟翫札筝絲…

The Cybersecurity and Infrastructure Security Agency (CISA) has added three new flaws to its Known Exploited Vulnerabilities catalog on Monday, affecting Commvault (CVE-2025-3928), Active! Mail (CVE-2025-42599), and Broadcom Brocade (CVE-2025-1976) solutions.…

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-31324 SAP NetWeaver Unrestricted File Upload Vulnerability These types of vulnerabilities are frequent …

Posted by Remi Gacogne on Apr 29Hi all, We released PowerDNS DNSdist 1.9.9 today, an emergency release fixing a security issue tracked as CVE-2025-30194 where a remote, unauthenticated attacker can cause a denial of service via a crafted DNS over HTTPS co…

In a recently analysis, security researcher Michael Hoefler has exposed the full depth of CVE-2025-21756, a Use-After-Free (UAF) The post CVE-2025-21756: How a Tiny Linux Kernel Bug Led to a Full Root Exploit, PoC Releases appeared first on Daily CyberSecurity.

Quantum has issued a critical security advisory warning users of two high-severity vulnerabilities in the StorNext GUI API, The post Quantum Issues Critical Patch for StorNext GUI RCE Vulnerabilities (CVE-2025-46616, CVE-2025-46617) appeared first on Daily CyberSecurity.