Privilege escalation vulnerability

From Cyber Security News – Apple Warns of Three 0-Day Vulnerabilities Actively Exploited in Attacks

Apple has issued an urgent security advisory concerning three critical zero-day vulnerabilities CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085 that have been actively exploited in sophisticated attacks. These vulnerabilities affect a wide range…

shaikh Saqib April 1, 2025

News

From Cyber Security News – Splunk RCE Vulnerability Let Attackers Execute Arbitrary Code Via File Upload

Splunk has released patches to address a high-severity Remote Code Execution (RCE) vulnerability affecting Splunk Enterprise and Splunk Cloud Platform. The vulnerability, identified as CVE-2025-20229, could allow a low-privileged user…

shaikh Saqib March 27, 2025

News

From Security Week – Nvidia Riva Vulnerabilities Allow Unauthorized Use of AI Services

[[{"value":"Vulnerabilities in Nvidia Riva could allow hackers to abuse speech and translation AI services that are typically expensive. The post Nvidia Riva Vulnerabilities Allow Unauthorized Use of AI Services appeared…

shaikh Saqib March 17, 2025

News

From Security Week – Google Patches Pair of Exploited Vulnerabilities in Android

[[{"value":"Android’s March 2025 security update addresses over 40 vulnerabilities, including two actively exploited in the wild. The post Google Patches Pair of Exploited Vulnerabilities in Android appeared first on SecurityWeek."}]] Read…

shaikh Saqib March 4, 2025

News

From Security Week – Exploitation Long Known for Most of CISA’s Latest KEV Additions

[[{"value":"Exploitation has been known for months or years for most of the latest vulnerabilities added by CISA to its KEV catalog. The post Exploitation Long Known for Most of CISA’s…

shaikh Saqib March 4, 2025

News

From Cyber Security News – CISA Warns of Windows Win32k Vulnerability Exploited to Run Arbitrary code

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding CVE-2018-8639, a privilege escalation vulnerability in the Microsoft Windows Win32k component, which threat actors are actively exploiting to…

shaikh Saqib March 4, 2025

News

From Cyber Security News – AMD Ryzen DLL Hijacking Vulnerability Let Attackers Execute Arbitrary Code

A high-severity security vulnerability, identified as CVE-2024-21966, has been discovered in the AMD Ryzen™ Master Utility, a software tool designed to optimize the performance of AMD Ryzen™ processors. The vulnerability,…

shaikh Saqib February 14, 2025

News

From Cyber Security News – Windows Storage 0-Day Vulnerability Let Attackers Delete The Target Files Remotely

A significant security vulnerability has been identified in Windows, allowing attackers to remotely delete targeted files on affected systems. This vulnerability, tracked as CVE-2025-21391, was disclosed on February 11, 2025,…

shaikh Saqib February 12, 2025

News

From Cyber Security News – Microsoft SharePoint Connector Vulnerability Let Attackers Steal User’s Credentials

A critical server-side request forgery (SSRF) vulnerability in Microsoft Power Platform’s SharePoint connector allowed attackers to harvest user credentials and impersonate victims across multiple services, including Power Apps, Power Automate,…

shaikh Saqib February 10, 2025

News

From Cyber Security News – HPE Aruba Networking ClearPass Policy Manager Vulnerabilities Allow Arbitrary Code Execution

Hewlett Packard Enterprise (HPE) has disclosed multiple critical vulnerabilities in its Aruba Networking ClearPass Policy Manager (CPPM), a widely used network access control solution. These flaws, if exploited, could lead…

shaikh Saqib February 7, 2025