Singapore’s CSA warns of a CVSS 10.0 SmarterMail vulnerability allowing unauthenticated remote code execution via file upload ...

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.

Microsoft has released its August 2025 Patch package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products. Microsoft’s SharePoint Server Remote Code ...

SmarterMail patched CVE-2025-52691, a maximum-severity RCE flaw allowing unauthenticated arbitrary file uploads Exploitation ...

HPE has released patches for a critical-severity OneView vulnerability that could lead to unauthenticated remote code execution.

ESET researchers provide a comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of ...

Hewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE OneView software that enables attackers to execute arbitrary code remotely.

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...

CISA adds an actively exploited Digiever DS-2105 Pro NVR vulnerability to KEV, warning of botnet attacks and urging ...

Remote code execution vulnerabilities pose especially critical threats to organizations, and VMware’s stronghold in data centers worldwide give patching these flaws particular urgency. VMware fixed ...

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.

WatchGuard warns that the critical Firebox vulnerability CVE-2025-14733 has been exploited in attacks for remote code ...