CISA adds jQuery CVE-2020-11023 to KEV Catalog

CISA adds jQuery CVE-2020-11023 to KEV Catalog

CVE-2020-11023 is a significant security flaw within jQuery, a widely used JavaScript library. The vulnerability is categorized as a persistent cross-site scripting (XSS) issue. This type of vulnerability occurs when…
CVE-2025-23006 impacts SonicWall SMA 1000 Series

CVE-2025-23006 impacts SonicWall SMA 1000 Series

CVE-2025-23006 is a critical pre-authentication deserialization of untrusted data vulnerability identified in SonicWall's Secure Mobile Access (SMA) 1000 series appliances. This vulnerability poses significant risks, enabling remote, unauthenticated attackers to…
CVE-2025-0314 impacts GitLab

CVE-2025-0314 impacts GitLab

CVE-2025-0314 is a high-severity cross-site scripting (XSS) vulnerability identified in GitLab, a widely used platform for version control, CI/CD, and DevOps. This vulnerability enables attackers to inject malicious scripts into…
Chinese Plushdaemon APT targets SouthKorea

Chinese Plushdaemon APT targets SouthKorea

Background PlushDaemon is a China-aligned Advanced Persistent Threat (APT) group, active since at least 2019. Known for its sophisticated cyber-espionage operations, this group targets various high-profile entities across multiple sectors.…
CVE-2025-23083 impacts Node.js

CVE-2025-23083 impacts Node.js

Background Node.js is a widely-used JavaScript runtime built on Chrome's V8 JavaScript engine, known for its efficiency and ability to handle asynchronous operations. The platform is integral to many web…
CVE-2025-23195 impacts Apache Ambari

CVE-2025-23195 impacts Apache Ambari

Background Apache Ambari is a widely-used open-source tool that helps manage, monitor, and provision Hadoop clusters. It provides a user-friendly interface, simplifies cluster operations, and supports various Big Data components…
Oracle Patches – January 2025

Oracle Patches – January 2025

Overview Oracle has released a substantial Critical Patch Update for January 2025, addressing a total of 320 new security vulnerabilities across its wide-ranging product portfolio. This update spans over 90…