Critical security vulnerabilities have been discovered in PHP's PostgreSQL and SOAP extensions that could enable SQL injection attacks and denial of service conditions.
The vulnerabilities affect multiple PHP versions and require immediate patching to prevent potential exploitation by malicious actors.
A significant security vulnerability has...
A newly disclosed security vulnerability in ModSecurity, one of the most widely deployed web application firewalls, could allow attackers to crash protected web applications through carefully crafted XML requests containing empty tags.
The vulnerability, tracked as GHSA-gw9c-4wfm-vj3x, affects mod_security2 versions 2.9.8 and later when...
The financial sector has experienced a dramatic surge in Distributed Denial of Service (DDoS) attacks in 2024, with FS-ISAC and Akamai reporting an alarming evolution in the tactics employed by threat actors.
According to their latest joint report, “From Nuisance to Strategic Threat: DDoS...
A critical denial-of-service vulnerability in Realtek's RTL8762E SDK v1.4.0 that affects Bluetooth Low Energy (BLE) secure connections.
The vulnerability allows attackers to disrupt the pairing process by exploiting improper state machine validation, potentially rendering affected devices unable to establish secure BLE connections.
The vulnerability...
A two critical vulnerabilities in sslh, a popular protocol demultiplexer that allows multiple services to share the same network port.
The vulnerabilities , disclosed on June 13, 2025, could enable remote attackers to trigger denial-of-service (DoS) conditions, potentially crashing servers and disrupting services.
The...
Apache Tomcat, the widely used open-source Java servlet container, disclosed four security vulnerabilities on June 16, 2025, including two high-severity denial-of-service (DoS) vulnerabilities and a moderate-risk authentication bypass issue.
The vulnerabilities affect all major Tomcat branches (versions 9.x, 10.x, and 11.x), potentially exposing millions...