Ivanti has issued a critical security advisory for its Endpoint Manager (EPM) product, urging users to patch immediately.
The update addresses three high-severity vulnerabilities that could enable local authenticated attackers to write arbitrary files anywhere on affected systems.
Disclosed on November 10, 2025, the...
Mozilla has released Firefox 145 on November 11, 2025, along with updates for Extended Support Release versions ESR 140.5 and ESR 115.30, to address 16 security vulnerabilities, several of which are rated high-impact and could enable remote code execution without user interaction beyond normal...
Synology has patched a critical zero-day vulnerability in its BeeStation OS that enables remote attackers to execute arbitrary code, a flaw demonstrated at the Pwn2Own Ireland 2025 hacking contest.
Tracked as CVE-2025-12686 and identified by ZDI-CAN-28275, this buffer overflow issue poses severe risks to...
SAP's November 2025 Security Patch Day, released on November 11, underscores the ongoing need for robust protection in enterprise environments, with 18 new security notes and two updates addressing flaws across key products.
Among these, several critical vulnerabilities involve code execution and injection risks,...
Devolutions has disclosed a pair of serious security flaws in its Server product, potentially exposing organizations to account impersonation and sensitive data leaks.
Published on November 6, 2025, under advisory DEVO-2025-0016, these issues affect versions 2025.3.5 and earlier.
The most critical vulnerability, rated 9.4...
WatchGuard Firebox appliances, widely used to protect small- to medium-sized business networks, ship with a critical flaw in their default configuration through versions up to September 10, 2025.
Specifically, the SSH service on port 4118 remains enabled and accessible remotely, accepting the factory credentials...