Vulnerability - Rankiteo Blog

Wing FTP Server

public – 1 min read

Threat actors are actively exploiting a recently fixed remote code execution vulnerability (CVE-2025-47812) in Wing FTP Server. The vulnerability allows…

Jul 11, 2025

Jeremy C

Apache Foundation

public – 1 min read

The Opossum attack exploits a sophisticated cross-protocol application layer desynchronization vulnerability that compromises TLS-based communications. This attack affects critical protocols…

Jul 11, 2025

Jeremy C

GeoServer

public – 1 min read

A critical remote code execution vulnerability in GeoServer, designated CVE-2024-36401, has been exploited by cybercriminals to deploy cryptocurrency mining malware.…

Jul 11, 2025

Jeremy C

McDonald's

public – 1 min read

A vulnerability in McHire, the AI-powered recruitment platform used by a vast majority of McDonald’s franchisees, exposed the personal…

Jul 11, 2025

Jeremy C

D-Link

public – 1 min read

A critical stack-based buffer overflow vulnerability in the D-Link DIR-825 Rev.B 2.10 router firmware allows unauthenticated, zero-click remote…

Jul 11, 2025

Jeremy C

Kigen

public – 1 min read

A critical vulnerability in eSIM technology, specifically targeting Java Card Virtual Machine implementation, allowed attackers to clone mobile subscriber profiles…

Jul 11, 2025

Jeremy C

Zoom

public – 1 min read

Recently, two vulnerabilities were discovered in specific Zoom Clients for Windows, which could enable attackers to launch Denial of Service…

Jul 9, 2025

Jeremy C

Nippon Steel Solutions

public – 2 min read

Nippon Steel Solutions experienced a significant data breach involving a zero-day cyber attack that exploited a previously unknown software vulnerability…

Jul 9, 2025

Jeremy C

Fortinet

public – 1 min read

A critical security vulnerability, CVE-2025-25257, was discovered in FortiWeb web application firewalls, allowing unauthenticated attackers to execute unauthorized SQL commands…

Jul 9, 2025

Jeremy C

ServiceNow

public – 1 min read

A new vulnerability in ServiceNow, dubbed Count(er) Strike, allows low-privileged users to extract sensitive data from tables to which…

Jul 9, 2025

Jeremy C

Synacor

public – 1 min read

Synacor's Zimbra Collaboration Suite (ZCS) has a critical vulnerability (CVE-2019-9621) that allows attackers to manipulate the server into…

Jul 8, 2025

Jeremy C

Apple

public – 1 min read

Multiple vulnerabilities in macOS SMBClient, identified as CVE-2025-24269 and CVE-2025-24235, and an unassigned flaw, allow attackers to execute arbitrary code…

Jul 8, 2025

Jeremy C