Alerts

Microsoft has released a security update to fix several vulnerabilities across multiple Microsoft products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, perform spoofing over a network, execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Azure Machine Learning Elevation of Privilege (CVE-2025-49747): CVSS: 9.9 […]

CrushFTP has released a security update to fix a critical vulnerability in CrushFTP versions below “10.8.5 and 11.3.4_23”. The addressed vulnerability could allow the attacker to gain elevated privileges and obtain administrative access to the affected system through HTTPS. CrushFTP Privilege Escalation Vulnerability (CVE-2025-54309): CVSS: 9.0 Attack Vector: Network Attack Complexity: High Privileges Required: None

Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to perform server-side request forgery attacks, bypass security restrictions, obtain sensitive information, execute arbitrary code, and gain access to the affected systems. Sample of addressed vulnerabilities: 1. Cisco ISE API Unauthenticated Remote Code Execution Vulnerability

Juniper has released security updates to fix several vulnerabilities affecting multiple Juniper Networks products. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks, obtain sensitive information, gain elevated privileges, bypass security restrictions, execute arbitrary commands, and gain access to the affectedsystem. Sample of the addressed vulnerabilities: 1. Juniper Networks Juniper

Oracle released its critical patch updates for July 2025, containing (309) new security patches for multiple affected products in Oracle code and third-party components. The addressed vulnerabilities could allow the attacker to perform various attacks such as obtaining sensitive information, bypassing security restrictions, conducting denial of service attacks, performing data manipulation (update, insert, or deleteaccess),

VMware has released security updates to fix several vulnerabilities across multiple VMware products. The addressed vulnerabilities could allow the local attacker with administrative privileges to obtain sensitive information, or execute arbitrary code and gain access to the affected product. 1. VMware ESXi, Workstation, and Fusion Integer Overflow Vulnerability (CVE-2025-41236): CVSS: 9.3 Attack Vector: Local Attack

Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to conduct cross-site scripting attacks, gain elevated privileges, execute arbitrary commands, and gain access to the affected system. Sample of addressed vulnerabilities: 1. Cisco Unified Communications Manager Static SSH Credentials Vulnerability (CVE-2025-20309): CVSS: 10 Attack

Fortinet has released security updates to fix several vulnerabilities across multiple Fortinet products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, or execute arbitrary code and gain access to the affected products. Sample of the addressed vulnerabilities: 1. FortiWeb Unauthenticated SQL Injection in GUI Vulnerability (CVE-2025-25257): CVSS: 9.6 Attack

Aruba has released security updates to fix several vulnerabilities across multiple HPE Aruba products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, perform server-side request forgery attacks, or execute arbitrary code and gain access to the affected product. Sample of the addressed vulnerabilities: 1. HPE Networking Instant on Access Points Hardcoded Credential

Adobe has released security updates to address several vulnerabilities across multiple Adobe products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, gain elevated privileges, conduct denial-of-service attacks, obtain sensitive information, or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Adobe Experience Manager (AEM) Forms

Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed one zero-day vulnerability. Microsoft has fixed (130) vulnerabilities, with one classified as critical, as they could allow the attacker to gain elevated privileges, perform denial of service attacks, obtain sensitive information, bypass security restrictions, or execute arbitrary code

SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a patch that fixes several vulnerabilities affecting multiple SAP products such as SAP Supplier Relationship Management, SAP NetWeaver, SAP S/4HANA and SAP SCM, SAP GRC, SAP Business Warehouse, SAP Business Objects Business Intelligence Platform, SAP MDM Server, SAP Business