Veeam released security patches for a critical Backup & Replication vulnerability that could let attackers remotely execute code. Veeam addressed...
Vous n'êtes pas connecté
A critical vulnerability has been discovered in WordPress plugin WPForms. The flaw allows authenticated attackers with subscriber-level privileges or higher to execute unauthorized refunds of Stripe payments and cancellations of Stripe subscriptions Thr vulnerability tracked as CVE-2024-11205 with a CVSS score of 7.5, stems in the ajax_single_payment_refund() and ajax_single_payment_cancel() functions within the plugin’s SingleActionsHandler class. […]
Veeam released security patches for a critical Backup & Replication vulnerability that could let attackers remotely execute code. Veeam addressed...
A critical flaw in the Next.js React framework could be exploited to bypass authorization checks under certain conditions. Maintainers of Next.js...
CVE-2025-21377 is a security vulnerability in Microsoft Windows that stems from weaknesses in the implementation of the NTLM (NT LAN Manager)...
A critical security vulnerability (CVE-2025-29927) has been discovered in Next.js that allows attackers to completely bypass middleware-based security...
The CVE-2025-23120 vulnerability is a critical security flaw discovered in Veeam Backup & Replication, a widely used backup and disaster recovery...
The CVE-2025-23120 vulnerability is a critical security flaw discovered in Veeam Backup & Replication, a widely used backup and disaster recovery...
CVE-2025-2857 is a critical vulnerability affecting Mozilla Firefox on Windows systems, allowing attackers to escape the browser’s sandbox...
CVE-2025-2857 is a critical vulnerability affecting Mozilla Firefox on Windows systems, allowing attackers to escape the browser’s sandbox...
Broadcom addressed a high-severity authentication bypass vulnerability, tracked as CVE-2025-22230, in VMware Tools for Windows. Broadcom released...
Popular WordPress security plugin WP Ghost is vulnerable to a critical severity flaw that could allow unauthenticated attackers to remotely execute...