remote code execution
20 articles tagged "remote code execution"
Cisco Confirms Exploitation of 0-Day RCE Vulnerability in Email Gateway
Cisco has acknowledged the exploitation of a critical zero-day vulnerability in its Secure Email Gateway, allowing attackers to execute commands remotely. The flaw, identified as CVE-2025-20393, poses significant risks to cybersecurity and has prompted urgent action from federal agencies.
Urgent Action Needed as Oracle CVE-2025-61757 Threatens Security
CISA has issued a warning regarding the serious CVE-2025-61757 zero-day vulnerability in Oracle Identity Manager that allows unauthenticated remote code execution. Immediate patching is essential for affected organizations to mitigate potential risks.
Critical Zero-Day Vulnerabilities Expose Millions to Cyberattacks as Oracle and Redis Systems Come Under Fire
Critical zero-day vulnerabilities in Oracle E-Business Suite (CVE-2025-61882) and Redis (CVE-2025-49844) are being actively exploited by cybercriminals, with the Oracle flaw linked to Clop-affiliated threat actors targeting enterprise data since September 2025. Both vulnerabilities allow remote code execution and affect millions of systems worldwide, prompting emergency patches and urgent mitigation guidance from security experts and government agencies.
Zero-Day Vulnerabilities Target Cisco and Oracle Systems
Three critical zero-day vulnerabilities have emerged, targeting major systems including Cisco firewalls and Oracle E-Business Suite. Organizations must act swiftly to mitigate these threats.
Google Android CVE-2025-48530 Vulnerability Explained
CVE-2025-48530 exposes Google Android devices to potential remote code execution. This article explores the vulnerability, its implications, and mitigation strategies.
Citrix NetScaler Vulnerability Poses Global Cybersecurity Threat
A severe vulnerability in Citrix NetScaler devices is allowing cybercriminals to execute remote attacks, with potential worldwide repercussions. Experts emphasize the need for thorough investigation beyond mere patching.
CISA Expands Vulnerability Catalog with Three New Entries
CISA has identified three critical vulnerabilities that pose risks due to active exploitation, urging organizations to address these threats promptly.
Critical Vulnerabilities in Niagara Framework Threaten Security of Smart Buildings
Recent vulnerabilities in the Niagara Framework pose significant risks to smart buildings and industrial control systems. Sophisticated threat actors are actively exploiting these weaknesses, necessitating immediate attention and mitigation strategies.
Critical Zero-Day Vulnerability in NetScaler ADC and Gateway
A new vulnerability, CVE-2025-6543, has been discovered in NetScaler ADC and Gateway, allowing significant risk of exploitation. Users are urged to update their systems immediately.
Urgent Action Needed: Critical Vulnerability in Fortinet Products
A severe zero-day vulnerability affecting Fortinet products has been identified, necessitating immediate action for organizations. This flaw allows for remote code execution and presents significant threats to enterprise networks.
PSAUX Ransomware Attack Disrupts Over 22,000 CyberPanel Instances
A widespread PSAUX ransomware assault has left more than 22,000 CyberPanel instances offline due to critical vulnerabilities. Experts highlight the importance of prompt updates and security measures.
CVE-2024-7970: A Serious Google Chrome Vulnerability Emerges
CVE-2024-7970 highlights a critical vulnerability in Google Chrome's V8 engine, enabling potential remote code execution. Users are urged to update their browsers.
CVE-2024-4040: Unpacking CrushFTP's Serious Zero-Day Vulnerability
CrushFTP recently disclosed a significant zero-day vulnerability, CVE-2024-4040, that could allow unauthorized file access. Security experts emphasize immediate updates.
Zero-Day Exploitation of Remote Code Execution Vulnerability in GlobalProtect
A significant zero-day vulnerability (CVE-2024-3400) has been identified in Palo Alto Networks' GlobalProtect, allowing for unauthenticated remote code execution. Volexity uncovered the exploit during routine monitoring, which has led to widespread compromises.
CVE-2023-35628: Analysis of Windows Vulnerability and Fixes
A critical Windows vulnerability, CVE-2023-35628, poses serious risks to user systems. Mitigation steps have been outlined, including updates provided by Microsoft.
June 2024 Cybersecurity Update: Key Vulnerabilities and Risks
The June 2024 cybersecurity update reveals critical vulnerabilities, including a powerful SSRF in Exchange OWA and other risks across various platforms. Experts emphasize the importance of timely patches to prevent exploitation.
Remote Code Execution Vulnerability Found in Chromium Browser
A critical vulnerability (CVE-2022-1134) in Chromium enables remote code execution due to a type confusion issue in the v8 engine. The exploitation of this flaw allows attackers to execute arbitrary code by using malicious links.
CVE-2023-2033: Google Chrome's V8 Engine Faces Type Confusion Risk
CVE-2023-2033 poses a significant risk to Google Chrome users due to a type confusion vulnerability in the V8 engine. Immediate action is advised for affected users.
Remote Code Execution Vulnerabilities Found in Exynos Modems
Project Zero has identified severe vulnerabilities in Exynos modems, affecting numerous devices. Four exploitative vulnerabilities allow attackers to compromise devices remotely.
U.S. Government IIS Server Vulnerability Exposed by Cyber Threat Actors
Recent cybersecurity analysis revealed multiple threat actors exploited a vulnerability in Progress Telerik software on a U.S. government IIS server. This advisory outlines the risks and necessary actions.