Technology ❯ Cybersecurity ❯ Vulnerabilities

Software Vulnerabilities

Microsoft Security Updates Microsoft SharePoint VMware Vulnerabilities Fortinet Microsoft Vulnerabilities Adobe Commerce Microsoft Exchange Microsoft Windows Microsoft Software React2Shell Android Security Browser Security CVE-2025-9491 Windows Server Update Service CVE-2025-54309 GPU Security Adobe Products Microsoft Security Patches Foxit PDF Tools PaperCut NG/MF CVE-2025-6558 Use After Free Apple Security Cisco ISE GNU libmicrohttpd NVIDIA Display Driver Exchange Server Ruby WEBrick Vulnerability SAP NetWeaver Cisco Secure Firewall Management Center CVE-2025-26633 Commvault WhatsApp Vulnerability CVE-2025-7775 Citrix NetScaler Git Vulnerability Citrix Session Recording CVE-2025-48384 Git Cisco IOS Docker Vulnerabilities NetScaler CVE-2025-42957 macOS Vulnerabilities CVE-2025-24893 Cisco IOS and IOS XE CVE-2025-6205 DELMIA Apriso CVE-2025-6204 Dassault Systèmes DELMIA Apriso GoAnywhere MFT CVE-2025-20352 CVE-2025-59689 CVE-2025-32463 CVE-2021-21311 CVE-2025-10035 Game Engine Vulnerabilities Redis Vulnerability CVE-2025-49844 Remote Code Execution CVE-2025-48703 Oracle E-Business Suite SKYSEA Client View CVE-2025-54100 Adobe Experience Manager Dell CloudLink Cisco Security Software CVE-2025-11371 WinRAR Unbound DNS Vulnerability CVE-2025-62221 Rsync Vulnerability Patch Management Fortinet FortiWeb Microsoft 7-Zip Vulnerability CVE-2025-11001 Microsoft SharePoint Server SonicWall SMA1000 Appliances CVE-2025-61932 Rust Libraries Microsoft CVEs Microsoft Patches QNAP Security Bulletins VMware FreePBX Vulnerability Cisco UCCX

SonicWall Patches Actively Exploited SMA1000 Zero-Day, Urges Immediate Hotfixes

Attackers chained the AMC privilege escalation with a January deserialization flaw to gain unauthenticated root access.

Microsoft’s December Patch Tuesday Fixes 57 Flaws, Including Exploited Windows Zero-Day

Google Rolls Out Chrome 143 With 13 Security Fixes and New AI, Read Aloud Features

Microsoft Quietly Alters Windows to Expose Full .LNK Targets After Years of Real‑World Abuse

NHS England Warns of Active Exploitation of 7‑Zip Symlink Vulnerability

Fortinet Confirms Second FortiWeb Flaw Under Active Attack as CISA Demands Rapid Fixes

Fortinet Confirms Critical FortiWeb Zero-Day Is Being Exploited as CISA Sets Nov. 21 Patch Deadline

Microsoft’s November Patch Tuesday Fixes 63 Flaws, Including Actively Exploited Windows Kernel Zero-Day

Cisco Patches Critical UCCX Flaws as New Firewall Attack Variant Emerges

CISA Adds Gladinet and CWP Flaws to KEV, Setting Nov. 25 Federal Remediation Deadline

CISA Adds VMware Aria Operations/Tools Flaw to KEV, Sets Nov. 20 Patch Deadline for Feds

CISA Adds Two Actively Exploited DELMIA Apriso Flaws to KEV

CISA Sets Nov. 14 Deadline After Active Attacks on Critical WSUS Flaw

Active Attacks Target Adobe Commerce With 'SessionReaper' Exploit

CISA Adds Motex Lanscope RCE Flaw to KEV, Citing Active Exploitation

‘TARmageddon’ Bug Hits Rust Async‑Tar Ecosystem as Popular Tokio‑Tar Remains Unpatched

CISA Adds Actively Exploited Adobe AEM Forms Flaw to KEV Catalog

Oracle Issues Out-of-Band Patch for New E‑Business Suite Flaw (CVE-2025-61884)

Critical 'RediShell' Bug in Redis Gets Fix as Tens of Thousands Remain Exposed

Unity Discloses High-Severity Runtime Flaw, Urges Developers to Update Games and Apps