Critical Authentication Bypass Flaw Discovered in Juniper Session Smart Routers
Juniper Networks releases urgent security patches to address a severe authentication bypass vulnerability in its Session Smart Router products. The critical flaw, rated 9.8 CVSS, could allow attackers to gain full administrative access to affected devices.
Critical Security Flaws in Xerox VersaLink Printers Enable Windows Credential Theft
Security researchers discovered severe vulnerabilities in Xerox VersaLink C7025 printers that could allow attackers to steal Windows credentials through LDAP and SMB/FTP exploits. Xerox has released patches while recommending security measures for affected organizations.
U.S. Government Reveals Record of 39 Zero-Day Vulnerability Disclosures in Landmark Transparency Report
The U.S. Office of the Director of National Intelligence released its first-ever public report detailing the disclosure of 39 zero-day software vulnerabilities in 2023. This unprecedented transparency offers insight into how the government balances national security with software security through its Vulnerabilities Equities Process.
Critical PHP Voyager Vulnerabilities Enable Remote Code Execution Through One-Click Attacks
Three severe security flaws discovered in the PHP Voyager package allow attackers to execute malicious code through deceptive file uploads and XSS exploits. Despite being reported in September 2024, these vulnerabilities remain unpatched, putting organizations using Voyager at significant risk.
Critical SQL Injection Vulnerability Discovered in VMware Load Balancer
Broadcom discloses high-severity security flaw in VMware Avi Load Balancer that could enable unauthorized database access through SQL injection attacks. Multiple versions are affected, with patches now available to address the CVE-2025-22217 vulnerability rated at CVSS 8.6.
Critical Security Flaw in Subaru Starlink System Exposed Remote Vehicle Access Risk
Researchers uncovered a severe vulnerability in Subaru's Starlink service that allowed unauthorized access to vehicles and customer data across multiple countries. The flaw, which could be triggered using basic customer information, enabled remote vehicle control and access to sensitive personal data.
Nvidia Patches Critical Security Flaws in GPU Drivers with Latest Update
Nvidia releases crucial security updates for GPU display drivers and vGPU software, addressing seven vulnerabilities including high-priority flaws. The patches fix issues that could enable data tampering, information disclosure, and code execution through compromised systems.
Critical Security Flaw Exposes 4.2 Million Internet Devices to Tunneling Protocol Attacks
A major vulnerability in tunneling protocols has left millions of VPNs, routers, and network devices exposed to potential cyberattacks worldwide. Security researchers discovered multiple flaws that could enable anonymous attacks and unauthorized network access across China, France, Japan, US, and Brazil.
Chrome Security Update Patches 16 Critical Vulnerabilities
Google releases comprehensive security update for Chrome browser, addressing 16 vulnerabilities across desktop and mobile platforms. The update impacts multiple Chromium-based browsers and reinforces Google's commitment to maintaining secure browsing environments.
Critical SimpleHelp Vulnerabilities Expose Networks to Remote Attacks
Multiple severe security flaws discovered in SimpleHelp remote access software enable attackers to steal files, escalate privileges, and execute malicious code. The vulnerabilities, found by Horizon3.ai researchers, have been patched in recent versions but require immediate updates.