Subscribe
Monday, April 27, 2026
type here...
Subscribe
HomeVulnerabilities

Vulnerabilities

Gigabyte UEFI Vulnerabilities Enables Arbitrary Code Execution in SMM

A critical security disclosure has revealed multiple System Management Mode (SMM) callout vulnerabilities in Gigabyte UEFI firmware modules, potentially allowing attackers to execute arbitrary code in one of the most privileged processor environments. The vulnerabilities, publicly disclosed on July 11, 2025, through Vulnerability Note...
Read more

CISA Warns: ValveLink Vulnerabilities Allow Unauthorized Access to Sensitive Data

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security advisory warning about multiple severe vulnerabilities in Emerson ValveLink Products that could allow attackers to access industrial control systems and read sensitive information stored in cleartext memory. Released on July 8, 2025,...
Read more

GitLab Vulnerabilities Allow Remote Code Execution via Malicious Content Injection

GitLab has released critical security patches addressing multiple vulnerabilities, including a high-severity cross-site scripting (XSS) vulnerability that could allow attackers to execute malicious actions on behalf of users. The company issued versions 18.1.2, 18.0.4, and 17.11.6 for both Community Edition (CE) and Enterprise Edition...
Read more

Critical Ruckus Wireless Vulnerabilities Exposes Enterprise Wireless Networks

Multiple critical security vulnerabilities have been identified in Ruckus Wireless management products, putting enterprise wireless networks at severe risk of compromise. The vulnerabilities affect Virtual SmartZone (vSZ) and Network Director (RND) platforms, which manage large-scale wireless deployments across schools, hospitals, multi-tenant residences, and smart...
Read more

Critical SOAR Security Update: Splunk Patches Third-Party Package Vulnerabilities

Splunk has released a comprehensive security advisory addressing multiple critical vulnerabilities in third-party packages within SOAR versions 6.4.0 and 6.4.1. The advisory, published on July 7, 2025, identifies significant security vulnerabilities across various components including git, Django, cryptography libraries, and JavaScript frameworks that could...
Read more

Critical Security Update: Splunk Enterprise Addresses Third-Party Vulnerabilities

Splunk has released critical security updates addressing multiple vulnerabilities in third-party packages across Enterprise versions 9.4.3, 9.3.5, 9.2.7, and 9.1.10, with severity ratings ranging from informational to critical. The advisory, published on July 7, 2025, under Advisory ID SVD-2025-0710, encompasses fixes for numerous Common...
Read more

About us

The Cyber News is an online community for security professionals. It features articles from top security researchers, CISOs, and technology experts.

Company

The latest

Burp Suite Supercharges Its Scanning Capabilities With React2Shell Vulnerability Detection

Vulnerabilities 0
PortSwigger has leveled up Burp Suite's scanning arsenal with...

Malicious MCP Servers Enable New Prompt Injection Attack To Drain Resources

Vulnerabilities 0
Unit 42 researchers at Palo Alto Networks exposed serious...

Law Enforcement Detains Hackers Equipped With Specialized Flipper Hacking Tools

Cyber News 0
Polish police have arrested three Ukrainian men traveling through...

Subscribe

© 2025 the Cyber News