SecurityVulnerability.io

Collecting, Enriching,
and Displaying
Cyber Security Vulnerabilities

Trending
Vulnerabilities

If it's trending, then it's probably important. Patch quicker!

Remote Attackers Can Gain Super-Admin Privileges via Crafted Requests to Node.js Websocket Module

CVE-2024-55591
FortinetFortiOS👾9.8CRITICAL

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21316
MicrosoftWindows 10 V...5.5MEDIUM

Stack-Based Buffer Overflow in Ivanti Connect Secure and Policy Secure

CVE-2025-0282
IvantiConnect Secure💰👾🟡9CRITICAL

Elevated Privilege Exposure in Windows Hyper-V by Microsoft

CVE-2025-21333
MicrosoftWindows 10 V...👾7.8HIGH

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2024-49138
MicrosoftWindows 10 V...👾🟡7.8HIGH

Apple Addresses File System Configuration Issue with macOS Sequoia 15.2 Update

CVE-2024-44243
AppleMac OS💰👾5.5MEDIUM

Reloader Vulnerability: Execution of Unsigned Software

CVE-2024-7344
RadixSmartrecovery👾6.5MEDIUM

Remote Code Execution Vulnerability in Aviatrix Controller by Aviatrix

CVE-2024-50603
AviatrixController💰👾🟡10CRITICAL

Authentication Bypass Vulnerability in NETGEAR DGN1000 Router

CVE-2024-12847
NetgearDgn1000👾🟡9.8CRITICAL

Trending Cyber News

Read about it, before you get ransomware!

favicon imageGizmodo

Ukranian Hackers Managed to Nearly Destroy Russian Internet Provider

The regional Russian provider confirmed the attack on social media, saying it caused a "complete failure" in its infrastructure.

favicon imageBleepingComputer

Telegram hands over data on thousands of users to US law enforcement

Telegram reveals that the communications platform has fulfilled 900 U.S. government requests, sharing the phone number or IP address information of 2,253 users with law enforcement.

favicon imageWIRED

Secret Phone Surveillance Tech Was Likely Deployed at 2024 DNC

Data WIRED collected during the 2024 Democratic National Convention strongly suggests the use of a cell-site simulator, a controversial spy device that intercepts sensitive data from every phone in its range.

favicon imageComputer Weekly

Cyber security dovetails with AI to lead 2025 corporate IT investme...

Cyber security and GenAI top enterprise IT investment plans for 2025, whether singly or together, according to research from Enterprise Strategy Group.

favicon imageCrowdStrike

January 2025 Patch Tuesday: Updates and Analysis | CrowdStrike

Microsoft has released security updates for 159 vulnerabilities, including eight zero-days and 10 critical, in its January 2025 Patch Tuesday rollout.

favicon imageArmy.mil

Cybersecurity program providing vital services for National Guard, Defense Logistics Agency

REDSTONE Arsenal, Ala. -- The U.S. government and military sectors report more than 1600 cyberattack per week. These stunning numbers underscore the cri...

Critical Microsoft Outlook Vulnerability Rated 9.8/10 Confirmed—Update Now

A critical-rated Outlook vulnerability has been confirmed by Microsoft which has warned that exploitation is likely—here’s what you need to know and do.

favicon imageHelp Net Security

Microsoft fixes actively exploited Windows Hyper-V zero-day flaws - Help Net Security

For January 2025 Patch Tuesday, Microsoft has fixed 157 CVE-numbered security issues, three of which (in Hyper-V) are being exploited.

favicon imageCyberScoop

Second Biden cyber executive order directs agency action on fed security, AI, space

A draft cybersecurity executive order would tackle cyber defenses in locations ranging from outer space to the U.S. federal bureaucracy.

Threat Brief: CVE-2025-0282 and CVE-2025-0283

CVE-2025-0282 and CVE-2025-0283 affect multiple Ivanti products. This threat brief covers attack scope, including details from an incident response case. CVE-2025-0282 and CVE-2025-0283 affect multiple Ivanti products. This threat brief covers attack scope, including details from an incident respons...