The flaw ‘broke one of the fundamental things about the cloud – that you can’t access another person’s data,’ says security provider Wiz. Cloud security provider Wiz disclosed Thursday that earlier ...
A database used to track NYPD officer profiles contained security flaws that would have allowed a skilled-enough hacker to add, remove or modify data entries and insert potentially malicious files ...
FreePBX patched 2025 flaws allowing SQL injection, file upload attacks, and an auth bypass only when webserver AUTHTYPE was ...
Get the latest federal technology news delivered to your inbox. Despite goals set last year by the National Institute of Standards and Technology to process a backlog of unanalyzed cybersecurity ...
Organizations traditionally have struggled to track vulnerabilities in public cloud platforms and services because of the lack of a common vulnerability enumeration (CVE) program like the one that ...
Get the latest federal technology news delivered to your inbox. The National Institute of Standards and Technology awarded Maryland cybersecurity firm Analygence with a $865,657 task order to help the ...
A critical RCE flaw in React.js, dubbed React2Shell (CVE-2025-55182), has been disclosed with a maximum CVSS score of 10.0, ...
After the CVE’s program’s near-death experience in April, might the Europeans be looking for a more reliable long-term system? From this week, the global technology industry has a new database to ...
Update: Following the CVE Foundation's announcement (below), CISA has said the U.S. government is extending funding to ensure no continuity issues with the critical Common Vulnerabilities and ...
The development team behind the open-source password management software KeePass is disputing what is described as a newly found vulnerability that allows attackers to stealthily export the entire ...
The developers of the in-memory database Redis have closed a security vulnerability that allows attackers to execute arbitrary malicious code. The issue occurs from ...
After the U.S. government initially cut its funding of the CVE database, used to track security vulnerabilities in operating systems and software, CISA has said it will continue to be funded for ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback