Vulnerability - Rankiteo Blog (Page 55)

Jenkins

public – 1 min read

A critical cross-site scripting (XSS) vulnerability in the popular Jenkins Gatling Plugin allows attackers to bypass Content-Security-Policy (CSP) protections. The…

Jun 9, 2025

Jeremy C

Fortinet

public – 1 min read

A critical zero-day vulnerability affecting multiple Fortinet products has been actively exploited. The vulnerability, tracked as CVE-2025-32756, enables unauthenticated remote…

Jun 9, 2025

Jeremy C

TBK Vision

public – 1 min read

A new variant of the Mirai malware botnet is exploiting a command injection vulnerability (CVE-2024-3721) in TBK DVR-4104 and DVR-4216…

Jun 8, 2025

Jeremy C

HPE

public – 1 min read

Multiple severe security vulnerabilities in HPE Insight Remote Support (IRS) platform that could allow attackers to execute remote code, traverse…

Jun 6, 2025

Jeremy C

Wireshark Foundation

public – 1 min read

A critical vulnerability (CVE-2025-5601) in Wireshark allows attackers to trigger denial-of-service (DoS) attacks through packet injection or malformed capture files.…

Jun 6, 2025

Jeremy C

Apple

public – 1 min read

A previously unknown zero-click vulnerability in Apple’s iMessage, dubbed 'NICKNAME,' affected iOS versions up to 18.1.…

Jun 6, 2025

Jeremy C

Apache Tomcat

public – 2 min read

A critical denial-of-service vulnerability in Apache Tomcat has been publicly exposed, affecting servers running versions 10.1.10 through 10.…

Jun 6, 2025

Jeremy C

GoDaddy

public – 1 min read

Hackers are exploiting a critical vulnerability in the Roundcube webmail application, which is widely used by hosting providers like GoDaddy.…

Jun 6, 2025

Jeremy C

Cisco

public – 1 min read

A significant vulnerability in Cisco’s Integrated Management Controller (IMC) allows malicious actors to gain elevated privileges and access internal…

Jun 6, 2025

Jeremy C

VMware

public – 1 min read

Multiple Cross-Site Scripting (XSS) vulnerabilities in the VMware NSX network virtualization platform could allow malicious actors to inject and execute…

Jun 6, 2025

Jeremy C

Google

public – 1 min read

A critical zero-day vulnerability in Google Chrome’s V8 JavaScript engine, identified as CVE-2025-5419, has been actively exploited by cybercriminals.…

Jun 6, 2025

Jeremy C

Panasonic

public – 1 min read

Panasonic fell victim to subdomain hijacking by the Hazy Hawk threat group, which exploited misconfigured DNS records to spread malware…

Jun 5, 2025

Jeremy C