CVE Feed
- CVE-2025-68922 – OpenOps Terraform Remote Code Execution December 25, 2025
- CVE-2025-15073 – itsourcecode Online Frozen Foods Ordering System contact_us.php sql injection December 24, 2025
- CVE-2025-68920 – C-Kermit Remote File Overwrite/Vulnerable File Retrieval December 24, 2025
- CVE-2025-68917 – ONLYOFFICE Docs Cross-Site Scripting Vulnerability December 24, 2025
- CVE-2025-68919 – Fujitsu Fsas Technologies ETERNUS SF ACM/SC/Express Management Software Authentication Bypass December 24, 2025
- CVE-2025-8769 – MegaSys Computer Technologies Telenium Online Web Application Improper Input Validation December 24, 2025
- CVE-2025-68914 – Riello UPS NetMan 208 SQL Injection Vulnerability December 24, 2025
- CVE-2025-68915 – Riello UPS NetMan 208 Cross-Site Scripting Vulnerability December 24, 2025
- CVE-2025-68916 – Riello UPS NetMan 208 Remote File Inclusion Vulnerability December 24, 2025
- CVE-2025-3232 – Mitsubishi Electric Europe smartRTU Missing Authentication for Critical Function December 24, 2025
- CVE-2019-25255 – VideoFlow Digital Video Protection DVP 2.10 Authenticated Remote Code Execution December 24, 2025
- CVE-2019-25257 – LogicalDOC Enterprise 7.7.4 Authenticated Command Execution via Binary Path Manipulation December 24, 2025
- CVE-2019-25258 – LogicalDOC Enterprise 7.7.4 Multiple Post-Authentication Directory Traversal Vulnerabilities December 24, 2025
- CVE-2019-25254 – KYOCERA Net Admin 3.4.0906 Cross-Site Request Forgery via User Administration December 24, 2025
- CVE-2019-25256 – VideoFlow Digital Video Protection DVP 2.10 Authenticated Directory Traversal December 24, 2025
- CVE-2019-25248 – Beward N100 M2.1.6 Unauthenticated RTSP Video Stream Disclosure December 24, 2025
- CVE-2019-25249 – devolo dLAN 500 AV Wireless+ 3.1.0-1 Remote Code Execution via htmlmgr December 24, 2025
- CVE-2019-25250 – Devolo dLAN 500 AV Wireless+ 3.1.0-1 Cross-Site Request Forgery December 24, 2025
- CVE-2019-25251 – Teradek VidiU Pro 3.0.3 Server-Side Request Forgery via RTMP Settings December 24, 2025
Microsoft Security
- New Microsoft e-book: 3 reasons point solutions are holding you back December 18, 2025Explore the new Microsoft e-book on how a unified, AI-ready platform delivers speed, resilience, and measurable security gains. The post New Microsoft e-book: 3 reasons point solutions are holding you back appeared first on Microsoft Security Blog.Scott Woodgate
- Access Fabric: A modern approach to identity and network access December 17, 2025An Access Fabric is a unified access security solution that continuously decides who can access what, from where, and under what conditions—in real time. The post Access Fabric: A modern approach to identity and network access appeared first on Microsoft Security Blog.Igor Sakhnov
- Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components December 15, 2025CVE-2025-55182 (also referred to as React2Shell and includes CVE-2025-66478, which was merged into it) is a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server Components and related frameworks. The post Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components appeared first on Microsoft Security Blog.Microsoft Defender Security Research Team
- Microsoft named an overall leader in KuppingerCole Leadership Compass for Generative AI Defense December 15, 2025Today, we are proud to share that Microsoft has been recognized as an overall leader in the KuppingerCole Leadership Compass for Generative AI Defense. The post Microsoft named an overall leader in KuppingerCole Leadership Compass for Generative AI Defense appeared first on Microsoft Security Blog.Herain Oberoi
- Imposter for hire: How fake people can gain very real access December 11, 2025Fake employees are an emerging cybersecurity threat. Learn how they infiltrate organizations and what steps you can take to protect your business. The post Imposter for hire: How fake people can gain very real access appeared first on Microsoft Security Blog.Microsoft Incident Response