A serious vulnerability, identified as CVE-2025-22217, has emerged within the VMware Avi Load Balancer. This high-risk flaw is a blind SQL injection vulnerability that poses a significant threat to organizations using this software. Discovered in early January 2025, it allows attackers to manipulate SQL queries, potentially leading to unauthorized access to sensitive data and system…
The recent identification of a high-severity Local File Inclusion (LFI) vulnerability in the ThemeREX Addons plugin for WordPress has raised alarm in the web development community. This vulnerability, designated as CVE-2025-0682, allows authenticated attackers with contributor-level and above permissions to execute arbitrary files on the server. Published on January 25, 2025, this weakness affects all…
Understanding CVE-2024-12647 Vulnerability in Canon Printers A critical vulnerability, identified as CVE-2024-12647, has surfaced in specific Canon Small Office Multifunction Printers and Laser Printers. This issue impacts popular models like the Color imageCLASS LBP632Cdw, Color imageCLASS LBP633Cdw, and Color imageCLASS MF652Cdw, particularly those running firmware version 05.04 and earlier. Discovered on January 28, 2025, this…
A critical buffer overflow vulnerability, known as CVE-2024-12648, has emerged in certain Canon Small Office Multifunction Printers and Laser Printers. Published on January 28, 2025, this vulnerability could allow an attacker on the same network to make the devices unresponsive or even execute arbitrary code. This alarming threat includes popular models like the Satera series…
A critical buffer overflow vulnerability, known as CVE-2024-12649, has been identified in certain Canon Small Office Multifunction Printers and Laser Printers. This vulnerability could allow an attacker on the same network to exploit the device, leading to severe consequences. Affected models include the Color imageCLASS LBP632Cdw, Color imageCLASS LBP633Cdw, and Color imageCLASS MF652Cdw. If these…
Nadzorovanje OT omrežij: Investicija v varnost ali iluzija nadzora? V času, ko se naši industrijski procesi postajajo vedno bolj povezani, se hkrati pojavljajo tudi težave s kibernetskimi napadi. Nadzorovanje OT omrežij je postalo ključno za varnost naše kritične infrastrukture. Vendar pa se pogosto sprašujemo, ali je to resnično učinkovita investicija v varnost ali zgolj iluzija…
Neprestanljivo nadzorovanje OT omrežij: investicija v varnost ali iluzija nadzora? V svetu, kjer se tehnologija Operacijske tehnologije (OT) postopoma povezuje z digitalnimi sistemi, je varnost postala ključno vprašanje. OT omrežja, ki upravljajo fizične procese in opremo, so tarča za hekerje. Zato je neprestanljiva nadzorovanja OT omrežij ključna za zagotavljanje varnosti in stabilnosti kritičnih infrastrukturnih sistemov….
Understanding the IBM Analytics Content Hub Buffer Overflow Vulnerability The IBM Analytics Content Hub Buffer Overflow Vulnerability, known as CVE-2024-39750, is a significant issue that emerged during the week of January 13, 2025. This particular vulnerability has the potential to severely compromise the integrity and confidentiality of systems that utilize IBM Analytics Content Hub. What’s…
A critical WordPress vulnerability, identified as CVE-2025-0682, has surfaced in the ThemeREX Addons plugin, which impacts versions up to 2.33.0. This threat poses a significant risk due to a Local File Inclusion (LFI) issue. The vulnerability results from manipulating the ‘type’ parameter within the ‘trxscreviews’ shortcode. Exploiting this flaw allows attackers to escalate privileges, leading…
Understanding the Vulnerability in the WordPress WPBookit Plugin The recent discovery of the CVE-2025-0357 vulnerability in the WordPress WPBookit plugin raises significant concerns among website administrators and users alike. On January 25, 2025, this flaw was identified, allowing attackers to perform arbitrary file uploads due to insufficient file type validation in the plugin’s ‘WPBProfilecontroller’ class….