Skip to content

CVE

Critical Apache Tomcat Vulnerability: CVE-2025-24813 Enables RCE – Are You Vulnerable?

Critical Apache Tomcat Vulnerability: CVE-2025-24813 Enables RCE – Are You Vulnerable?

A Critical vulnerability, CVE-2025–24813, was discovered in Apache Tomcat, a widely used open-source Java servlet container. This vulnerability stems from improper handling of path normalization, allowing attackers to bypass security controls and achieve Remote Code Execution (RCE). With a high severity rating, this vulnerability poses a significant risk to organizations using affected versions of Apache… Read More »Critical Apache Tomcat Vulnerability: CVE-2025-24813 Enables RCE – Are You Vulnerable?

CVE-2025-0108: How Attackers Exploit Palo Alto PAN-OS: Are You Vulnerable?

In early 2025, a critical authentication bypass vulnerability, CVE-2025-0108, was discovered in Palo Alto Networks’ PAN-OS. This vulnerability allows attackers to bypass authentication and gain unauthorized access to the PAN-OS management interface by exploiting a path confusion issue between Nginx and Apache. With a high severity rating, this vulnerability poses a significant risk to organizations… Read More »CVE-2025-0108: How Attackers Exploit Palo Alto PAN-OS: Are You Vulnerable?

Critical CVEs: Fortinet, Oracle, PostgreSQL, WS_FTP Server and More

Critical CVEs: Fortinet, Oracle, PostgreSQL, WS_FTP Server and More

Critical CVEs: Fortinet, Oracle, PostgreSQL, WS_FTP Server and More This week, from February 19th to 23rd, the FireCompass research team identified a huge number of CVEs that are high in severity, along with ransomware, botnets, and threat actors creating havoc. Some of the CVEs identified are in popular commercial products used by various industries, and… Read More »Critical CVEs: Fortinet, Oracle, PostgreSQL, WS_FTP Server and More

Fortnightly Critical Vulnerabilities: February

Fortnightly Critical Vulnerabilities: February Part 1

Fortnightly Critical Vulnerabilities: February Part 1 The FireCompass research team identified a huge number of CVEs that are high in severity and ransomware, botnets, and threat actors creating Havoc. Some of the CVEs identified are of popular commercial products used by various industries and some new & well-known malware targeting industries for this week. In… Read More »Fortnightly Critical Vulnerabilities: February Part 1

Critical CVEs: FortiOS, Microsoft Exchange, vSphere, SolarWinds and More

Critical CVEs: FortiOS, Microsoft Exchange, vSphere, SolarWinds and More

Critical CVEs: FortiOS, Microsoft Exchange, vSphere, SolarWinds and More From February 12th to 16th, the FireCompass research team identified a huge number of CVEs that are high in severity and ransomware, botnets, and threat actors creating havoc. Some of the CVEs identified are of popular commercial products used by various industries and some new &… Read More »Critical CVEs: FortiOS, Microsoft Exchange, vSphere, SolarWinds and More