BACK TO INTEL

Archives

Classification

Application Security
Cloud Infrastructure
Enterprise Infrastructure
Enterprise IT Infrastructure
Enterprise Networking
Enterprise Security
Enterprise Software
ERP
Information Technology
Infrastructure
Infrastructure Security
Microsoft
Network Appliances
Network Infrastructure
Network Security
Networking
Open Source
Operating Systems
Software
Software Development
Software Security
Technology
Virtualization
Vulnerability
Web Hosting
Web Security
Windows Ecosystem

Feed

Verified advisories, vulnerability disclosures, and architectural research.

CVE-2026-41940

Critical Authentication Bypass in WebPros cPanel & WHM (CVE-2026-41940): Immediate Action Required

WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared) contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.

cPanel & WHM and WP2 (WordPress Squared)
View Detail
CVE-2025-24472

CVE-2025-24472: Critical Fortinet FortiOS and FortiProxy Authentication Bypass Advisory

Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests.

FortiOS and FortiProxy
View Detail
CVE-2025-29824

Analyzing CVE-2025-29824: Use-After-Free in Windows Common Log File System (CLFS) Driver

Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.

Windows
View Detail
CVE-2025-31324

CVE-2025-31324: Critical SAP NetWeaver Visual Composer Unrestricted File Upload Advisory

SAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload potentially malicious executable binaries.

NetWeaver
View Detail
CVE-2019-6693

Critical Security Advisory: CVE-2019-6693 Fortinet FortiOS Hard-Coded Cryptographic Key Vulnerability

Fortinet FortiOS contains a use of hard-coded credentials vulnerability that could allow an attacker to cipher sensitive data in FortiOS configuration backup file via knowledge of the hard-coded key.

FortiOS
View Detail
CVE-2025-5777

Critical Advisory: CVE-2025-5777 Citrix NetScaler Memory Disclosure (Citrix Bleed 2)

Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability (CVE-2025-5777) due to insufficient input validation. This can lead to memory overread on Gateway or AAA virtual servers, posing a critical risk of data disclosure and session hijacking.

NetScaler ADC and Gateway
View Detail
CVE-2025-53770

CVE-2025-53770: Critical Remote Code Execution Vulnerability in Microsoft SharePoint Server

CVE-2025-53770 is a critical deserialization vulnerability in Microsoft SharePoint Server (CVSS 9.8) exploited in the wild, acting as a patch bypass for CVE-2025-49704.

SharePoint
View Detail
CVE-2025-49704

CVE-2025-49704: Critical Microsoft SharePoint Code Injection Vulnerability Advisory

Microsoft SharePoint contains a code injection vulnerability that could allow an authorized attacker to execute code over a network. This vulnerability could be chained with CVE-2025-49706. CVE-2025-53770 is a patch bypass for CVE-2025-49704, and the updates for CVE-2025-53770 include more robust protection than those for CVE-2025-49704.

SharePoint
View Detail
CVE-2025-61884

CVE-2025-61884: Critical SSRF in Oracle E-Business Suite Oracle Configurator

Oracle E-Business Suite contains a server-side request forgery (SSRF) vulnerability in the Runtime component of Oracle Configurator. This vulnerability is remotely exploitable without authentication.

E-Business Suite
View Detail
CVE-2026-2441

CVE-2026-2441: Critical Use-After-Free Vulnerability in Google Chromium CSS Engine

Google Chromium CSS contains a use-after-free vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Chromium
View Detail
CVE-2026-20131

Critical Alert: CVE-2026-20131 Root RCE Vulnerability in Cisco Secure Firewall Management Center

Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deserialization of untrusted data vulnerability in the web-based management interface that could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device.

Secure Firewall Management Center (FMC)
View Detail
CVE-2023-21529

CVE-2023-21529: Critical Microsoft Exchange Server Deserialization Vulnerability Advisory

Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution.

Exchange Server
View Detail
1234567