Vulnerability - Rankiteo Blog (Page 33)

Adobe

public – 3 min read

Adobe is facing active exploitation of a critical vulnerability (CVE-2025-54253) in its Adobe Experience Manager (AEM) Forms on JEE (versions…

Jun 16, 2025

Jeremy C

Microsoft

public – 3 min read

The Cybersecurity and Infrastructure Security Agency (CISA) identified CVE-2025-59230, a critical privilege escalation vulnerability in Windows Remote Access Connection Manager,…

Jun 16, 2025

Jeremy C

SAP

public – 3 min read

SAP addressed a critical insecure deserialization vulnerability (CVE-2025-42944, CVSS 10.0) in its SAP NetWeaver platform, allowing unauthenticated attackers to…

Jun 16, 2025

Jeremy C

Oracle

public – 3 min read

Oracle issued an emergency security update to patch a critical information disclosure vulnerability (CVE-2025-61884, CVSS 7.5) in its E-Business…

Jun 16, 2025

Jeremy C

OpenSSH (OpenBSD Project)

public – 3 min read

A critical vulnerability (CVE-2025-61984) in OpenSSH’s ProxyCommand feature allows remote attackers to execute arbitrary code on client systems by…

Jun 16, 2025

Jeremy C

Elastic

public – 2 min read

A critical vulnerability (CVE-2025-37728) was discovered in Elastic’s **Kibana CrowdStrike Connector**, where insufficient credential isolation in a shared cache…

Jun 16, 2025

Jeremy C

Redis

public – 4 min read

Redis disclosed CVE-2025-49844 (RediShell), a critical CVSS 10.0 vulnerability in its in-memory database software, allowing authenticated attackers to exploit…

Jun 16, 2025

Jeremy C

Unity Technologies

public – 3 min read

A critical vulnerability (CVE-2025-59489) was disclosed in the Unity engine, the world’s most widely used game development platform, exposing…

Jun 16, 2025

Jeremy C

Linux Foundation (or any enterprise using vulnerable Sudo versions 1.9.14–1.9.17)

public – 2 min read

A critical local privilege escalation vulnerability (CVE-2025-32463) in the Sudo binary (versions 1.9.14–1.9.17) exposes enterprises…

Jun 16, 2025

Jeremy C

QNAP Systems

public – 3 min read

QNAP Systems disclosed CVE-2025-57714, a critical unquoted search path vulnerability in its NetBak Replicator 4.5.x backup software for…

Jun 16, 2025

Jeremy C

Johnson Controls

public – 4 min read

Johnson Controls, a critical infrastructure provider, faced severe exposure of its industrial control systems (ICS) due to unpatched vulnerabilities and…

Jun 16, 2025

Jeremy C

DrayTek

public – 2 min read

DrayTek, a manufacturer of networking hardware, disclosed a critical security vulnerability (CVE-2025-10547) in multiple Vigor router models, allowing remote, unauthenticated…

Jun 16, 2025

Jeremy C