The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...

Update: In a statement to ZDNet, Fortinet criticized Rapid7 for releasing the study and said a patch would be released by the end of the month. "The security of our customers is always our first ...

Newly disclosed FTP injection vulnerabilities in Java and Python that are fueled by rather common XML External Entity (XXE) flaws allow for firewall bypasses. Newly disclosed FTP injection ...

The US government has urged software manufacturers to work towards the elimination of operating system (OS) command injection vulnerabilities. The alert from the Cybersecurity and Infrastructure ...

A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. The activity was discovered by ...

Cisco’s Ultra-Reliable Wireless Backhaul (URWB) hardware has been hit with a hard-to-ignore flaw that could allow attackers to hijack the access points’ web interface using a crafted HTTP request.

Moto G4 and Moto G5 model Motorola phones are vulnerable to kernel command line injection vulnerabilities. UPDATE Researchers say several Motorola handset models are vulnerable to a critical kernel ...

Several H3C Magic router models have critical vulnerabilities The vulnerabilities allow for privilege escalation and command injection No patch has so far been issued for the vulnerabilities Several ...