Vulnerability - Rankiteo Blog (Page 54)

Apache2

public – 2 min read

A critical zero-day vulnerability (CVE-2025-33053) in WebDAV implementations allows remote code execution. Advanced persistent threat (APT) groups have actively exploited…

Jun 13, 2025

Jeremy C

OneLogin

public – 1 min read

A comprehensive security investigation revealed critical vulnerabilities in OneLogin’s Active Directory (AD) Connector service, exposing authentication credentials and enabling…

Jun 12, 2025

Jeremy C

Palo Alto Networks

public – 1 min read

A newly disclosed command injection vulnerability in Palo Alto Networks’ PAN-OS operating system poses significant security risks to enterprise firewall…

Jun 12, 2025

Jeremy C

Trend Micro

public – 1 min read

Multiple critical security vulnerabilities in the Trend Micro Apex One enterprise security platform could enable attackers to inject malicious code…

Jun 12, 2025

Jeremy C

CoreDNS

public – 1 min read

A high-severity security vulnerability, CVE-2025-47950, has been discovered in CoreDNS, allowing remote attackers to exhaust server memory through DNS-over-QUIC (DoQ)…

Jun 11, 2025

Jeremy C

Insyde Software: Bootkit malware injection possible with novel Secure Boot vulnerability

public – 2 min read

Critical UEFI Flaw (CVE-2025-3052) Exposes Systems to Bootkit Attacks A newly disclosed memory corruption vulnerability in UEFI firmware, tracked as…

Jun 11, 2025

Jeremy C

Aim Security: Microsoft 365 Copilot ‘zero-click’ vulnerability enabled data exfiltration

public – 2 min read

Microsoft Patches Critical Zero-Click Flaw in Microsoft 365 Copilot Microsoft has addressed a severe "zero-click" vulnerability in its…

Jun 11, 2025

Jeremy C

ManageEngine

public – 1 min read

A severe security vulnerability identified as CVE-2025-3835 has been found in ManageEngine Exchange Reporter Plus. This vulnerability allows attackers to…

Jun 10, 2025

Jeremy C

Microsoft and Adobe: Microsoft and Adobe Patch Tuesday, June 2025 Security Update Review

public – 4 min read

Microsoft and Adobe Address Critical Vulnerabilities in June 2025 Patch Tuesday Microsoft’s June 2025 Patch Tuesday released fixes for…

Jun 10, 2025

Jeremy C

Cisco warns of ISE cloud credential vulnerability

public – 2 min read

**Cisco Patches High-Severity Cloud Vulnerability in Identity Services Engine** Cisco has released an urgent advisory addressing a high-severity vulnerability (CVE-2025-20286)…

Jun 10, 2025

Jeremy C

Roundcube

public – 1 min read

Over 84,000 Roundcube webmail installations are vulnerable to CVE-2025-49113, a critical remote code execution (RCE) flaw with a public…

Jun 9, 2025

Jeremy C

Jenkins

public – 1 min read

A critical cross-site scripting (XSS) vulnerability in the popular Jenkins Gatling Plugin allows attackers to bypass Content-Security-Policy (CSP) protections. The…

Jun 9, 2025

Jeremy C