Tracked as CVE-2025-47813, the flaw leads to the disclosure of the full local installation path of the application.
The post CISA Flags Year-Old Wing FTP Vulnerability as Exploited appeared first on SecurityWeek.
Critical HPE AOS-CX Vulnerability Allows Admin Password Resets
The vulnerability can be exploited remotely, without authentication, to circumvent existing authentication controls.
The post Critical HPE AOS-CX Vulnerability Allows Admin Password Resets appeared first on SecurityWeek.
Google Paid Out $17 Million in Bug Bounty Rewards in 2025
Google paid over $3.7 million for Chrome vulnerabilities, and more than $3.5 million for cloud security defects.
The post Google Paid Out $17 Million in Bug Bounty Rewards in 2025 appeared first on SecurityWeek.
Chrome 146 Update Patches Two Exploited Zero-Days
The flaws can be exploited to manipulate data and bypass security restrictions, potentially leading to code execution.
The post Chrome 146 Update Patches Two Exploited Zero-Days appeared first on SecurityWeek.
Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks
The issue allows attackers to inject SQL queries and extract sensitive information from the database.
The post Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks appeared first on SecurityWeek.
Splunk, Zoom Patch Severe Vulnerabilities
Critical- and high-severity flaws could be exploited to execute arbitrary shell commands or elevate privileges.
The post Splunk, Zoom Patch Severe Vulnerabilities appeared first on SecurityWeek.
Cisco Patches High-Severity IOS XR Vulnerabilities
The security defects could lead to denial-of-service (DoS) conditions, command execution, or device takeover.
The post Cisco Patches High-Severity IOS XR Vulnerabilities appeared first on SecurityWeek.
Critical N8n Vulnerabilities Allowed Server Takeover
The bugs allowed unauthenticated attackers to execute arbitrary code, steal credentials, and take over servers.
The post Critical N8n Vulnerabilities Allowed Server Takeover appeared first on SecurityWeek.
Fortinet, Ivanti, Intel Patch High-Severity Vulnerabilities
The bugs could lead to arbitrary code execution, privilege escalation, or authentication rate-limit bypass.
The post Fortinet, Ivanti, Intel Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
Microsoft Patches 83 Vulnerabilities
Microsoft has fixed a critical vulnerability, but none of the flaws fixed this Patch Tuesday has been exploited in the wild.
The post Microsoft Patches 83 Vulnerabilities appeared first on SecurityWeek.
