Vulnerability - Rankiteo Blog (Page 4)

Grafana Labs

public – 1 min read

More than 46,000 internet-facing Grafana instances remain unpatched and exposed to a client-side open redirect vulnerability that allows executing…

Jun 15, 2025

Jeremy C

Apple

public – 1 min read

A zero-click attack leveraging a newly disclosed Messages vulnerability (CVE-2025-43200) has infected the iPhones of two European journalists with Paragon&…

Jun 13, 2025

Jeremy C

Acer

public – 1 min read

A severe security vulnerability has been discovered in the Acer Control Center software, which could allow attackers to execute arbitrary…

Jun 13, 2025

Jeremy C

Apache2

public – 2 min read

A critical zero-day vulnerability (CVE-2025-33053) in WebDAV implementations allows remote code execution. Advanced persistent threat (APT) groups have actively exploited…

Jun 13, 2025

Jeremy C

OneLogin

public – 1 min read

A comprehensive security investigation revealed critical vulnerabilities in OneLogin’s Active Directory (AD) Connector service, exposing authentication credentials and enabling…

Jun 12, 2025

Jeremy C

Palo Alto Networks

public – 1 min read

A newly disclosed command injection vulnerability in Palo Alto Networks’ PAN-OS operating system poses significant security risks to enterprise firewall…

Jun 12, 2025

Jeremy C

Trend Micro

public – 1 min read

Multiple critical security vulnerabilities in the Trend Micro Apex One enterprise security platform could enable attackers to inject malicious code…

Jun 12, 2025

Jeremy C

CoreDNS

public – 1 min read

A high-severity security vulnerability, CVE-2025-47950, has been discovered in CoreDNS, allowing remote attackers to exhaust server memory through DNS-over-QUIC (DoQ)…

Jun 11, 2025

Jeremy C

Department of Defense

public – 1 min read

The Department of Defense's enterprise Identity Credential and Access Management initiative is transitioning from traditional security models to…

Jun 11, 2025

Jeremy C

SAP

public – 1 min read

A critical security vulnerability has been discovered in SAP NetWeaver Application Server for ABAP that allows authenticated attackers to bypass…

Jun 10, 2025

Jeremy C

Microsoft

public – 1 min read

Microsoft's June 2025 Patch Tuesday addressed 66 vulnerabilities, including two zero-day flaws. One actively exploited flaw, CVE-2025-33053, allowed…

Jun 10, 2025

Jeremy C

ManageEngine

public – 1 min read

A severe security vulnerability identified as CVE-2025-3835 has been found in ManageEngine Exchange Reporter Plus. This vulnerability allows attackers to…

Jun 10, 2025

Jeremy C