Vulnerability - Rankiteo Blog (Page 17)

A critical denial-of-service (DoS) vulnerability (CVE-TBD) in Palo Alto Networks’ PAN-OS allows unauthenticated attackers to remotely reboot firewalls by sending…

Nov 14, 2025

Jeremy C

Fortinet

public – 2 min read

Fortinet faced criticism for silently patching **two zero-day vulnerabilities** in its **FortiWeb web application firewall (WAF)** without adequately informing customers.…

Nov 14, 2025

Jeremy C

Cisco

public – 4 min read

CISA issued an emergency directive ordering US federal agencies to urgently patch two actively exploited zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362)…

Nov 13, 2025

Jeremy C

GlobalLogic

public – 1 min read

In October, GlobalLogic fell victim to a cyberattack where threat actors exploited a zero-day vulnerability in Oracle E-Business Suite. The…

Nov 13, 2025

Jeremy C

GitLab

public – 5 min read

GitLab disclosed nine vulnerabilities across its Community (CE) and Enterprise (EE) editions, with CVE-2025-6945 being the most critical—a prompt-injection…

Nov 13, 2025

Jeremy C

NPM (Node Package Manager) ecosystem (affected projects using `expr-eval` library)

public – 3 min read

A critical Remote Code Execution (RCE) vulnerability (CVE pending) was discovered in the widely used JavaScript library `expr-eval` (versions <…

Nov 12, 2025

Jeremy C

IBM

public – 2 min read

The incident involves a 403 Forbidden error on an IBM web page, indicating unauthorized access or a misconfigured security restriction.…

Nov 12, 2025

Jeremy C

Elastic

public – 3 min read

Elastic disclosed a critical vulnerability (CVE-2025-37735) in Elastic Defend for Windows, stemming from improper file permission preservation in its SYSTEM-privileged…

Nov 12, 2025

Jeremy C