Vulnerability Management Platform

Understanding CVE-2025-34028, Commvault’s Critical Pre-Auth RCE Vulnerability

June 17, 2025July 21, 2025

In April 2025, a critical pre-auth Remote Code Execution vulnerability, CVE-2025-34028, was discovered in Commvault Command Center. This vulnerability allows attackers to achieve remote code execution without authentication by exploiting an Server-Side Request forgery (SSRF) and a path traversal issue that enables uploading and executing malicious ZIP files. With a CVSS score of 10.0, this… Read More »Understanding CVE-2025-34028, Commvault’s Critical Pre-Auth RCE Vulnerability

Top 20 Vulnerability Management Tools in 2025

February 3, 2025February 3, 2025

Let’s face it – choosing the right vulnerability management tool is like picking a security guard for your digital fortress. You want someone reliable, sharp, and preferably equipped with the latest tech. As we move through 2025, the options are more diverse than ever, but not all tools are created equal. Before we dive into… Read More »Top 20 Vulnerability Management Tools in 2025

Top 10 Continuous Vulnerability Management Tools for 2025

December 13, 2024October 27, 2025

Table of Contents Overview of Continuous Vulnerability Management Tools The Downsides of Traditional CVM Tools Why FireCompass Stands Out Top 10 Continuous Vulnerability Management Tools for 2025 1. FireCompass 2. Tenable Nessus 3. Qualys VMDR 4. Rapid7 InsightVM 5. Intruder 6. Acunetix 7. Burp Suite 8. OpenVAS 9. Tripwire IP360 10. Nmap Key Features to… Read More »Top 10 Continuous Vulnerability Management Tools for 2025

Deserialization Attacks Unleashed: How Exploiting Data Formats Can Break Your Security

December 6, 2024October 24, 2025

In the world of cybersecurity, new vulnerabilities are discovered almost every day, but some are more insidious than others. One such vulnerability, which has quietly caused havoc in countless applications, is the threat posed by deserialization attacks. Deserialization—the process of converting a data format into a usable object—seems like an innocent operation at first glance,… Read More »Deserialization Attacks Unleashed: How Exploiting Data Formats Can Break Your Security

Critical CVEs: Fortinet, Oracle, PostgreSQL, WS_FTP Server and More

February 26, 2024November 28, 2024

Critical CVEs: Fortinet, Oracle, PostgreSQL, WS_FTP Server and More This week, from February 19th to 23rd, the FireCompass research team identified a huge number of CVEs that are high in severity, along with ransomware, botnets, and threat actors creating havoc. Some of the CVEs identified are in popular commercial products used by various industries, and… Read More »Critical CVEs: Fortinet, Oracle, PostgreSQL, WS_FTP Server and More

Vulnerability Management Platform

Understanding CVE-2025-34028, Commvault’s Critical Pre-Auth RCE Vulnerability

Top 20 Vulnerability Management Tools in 2025

Top 10 Continuous Vulnerability Management Tools for 2025

Deserialization Attacks Unleashed: How Exploiting Data Formats Can Break Your Security

Critical CVEs: Fortinet, Oracle, PostgreSQL, WS_FTP Server and More

Use Cases

Technology

About

Partner

Resources