This critical (CVSS 10.0) use-after-free (UAF) vulnerability in Lua scripting could allow authenticated attackers to execute ...

46% of environments had passwords cracked, nearly doubling from 25% last year. Get the Picus Blue Report 2025 now for a comprehensive look at more findings on prevention, detection, and data ...

Researchers found four vulnerabilities in vRealize Log Insight that were relatively non-threatening on their own but lead to significant compromise when used together. VMware published patches last ...

Cloud cybersecurity startup Orca Security Ltd. today detailed the discovery of a previously unknown vulnerability in Microsoft Corp.’s Azure that allowed hackers to undertake remote code execution.

Zerodium has announced today an increased interest in exploits for the WordPress content management system that achieve remote code execution. The exploit acquisition platform is now enticing exploit ...

A popular Java library has a serious vulnerability, discovered over nine months ago, that continues to put thousands of Java applications and servers at risk of remote code execution attacks. The flaw ...

A vulnerability was discovered in Elementor, starting with version 3.6.0, that allows an attacker to upload arbitrary code and stage a full site takeover. The flaw was introduced through a lack of ...

Update 12.37 BST: VideoLAN pointed ZDNet towards a Twitter feed in response, saying that "there is no security issue in [the] last version of VLC," and instead, a mistake from MITRE and CERT_BUND is ...

Microsoft has addressed several fixes for zero-day flaws and other vulnerabilities on Tuesday, Dec. 14 for its last round of patches before the year ends. The tech giant indicated that it has solved ...

Researchers have publicly disclosed the existence of a severe remote code execution vulnerability in a range of D-Link routers. Last week, Fortinet's FortiGuard Labs said the vulnerability at the ...