Hackers Exploit NTLM Authentication Flaws to Target Windows Systems More than two decades after its initial discovery, the NTLM authentication protocol continues to plague Windows systems worldwide. What started in 2001 as a theoretical vulnerability has evolved into … Read more Published Date: Nov 26, 2025 (1 hour, 36 minutes ago) Vulnerabilities has been mentioned in this […]
CVE ID : CVE-2025-9163 Published : Nov. 26, 2025, 12:30 p.m. | 15 minutes ago Description : The Houzez theme for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.1.6 due to insufficient input sanitization and output escaping in the houzez_property_img_upload() and houzez_property_attachment_upload() functions. This makes […]
CVE ID : CVE-2025-9191 Published : Nov. 26, 2025, 12:30 p.m. | 15 minutes ago Description : The Houzez theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.1.6 via deserialization of untrusted input in saved-search-item.php. This makes it possible for authenticated attackers, with Subscriber-level access and above, to […]
The following table lists the changes that have been made to the CVE-2025-13674 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Nov. 26, 2025 Action […]
ASUS warns of new critical auth bypass flaw in AiCloud routers ASUS has released new firmware to patch nine security vulnerabilities, including a critical authentication bypass flaw in routers with AiCloud enabled. AiCloud is a cloud-based remote access feature t … Read more Published Date: Nov 26, 2025 (2 hours, 36 minutes ago) Vulnerabilities has been mentioned […]
Old tech, new vulnerabilities: NTLM abuse, ongoing exploitation in 2025 Just like the 2000s Flip phones grew popular, Windows XP debuted on personal computers, Apple introduced the iPod, peer-to-peer file sharing via torrents was taking off, and MSN Messenger dominated on … Read more Published Date: Nov 26, 2025 (2 hours, 15 minutes ago) Vulnerabilities has been […]
Apache Druid’s Kerberos authenticator uses a weak fallback secret when the `druid.auth.authenticator.kerberos.cookieSignatureSecret` configuration is not explicitly set. In this case, the secret is generated using `ThreadLocalRandom`, which is not a crypto-graphically secure random number generator. This may allow an attacker to predict or brute force the secret used to sign authentication cookies, potentially enabling token […]
The following table lists the changes that have been made to the CVE-2025-62728 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Nov. 26, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-9557 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Nov. 26, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-9558 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Nov. 26, 2025 Action […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
