Tag: cve

Week 20 – Critical elevation of privilege vulnerability in Azure DevOps

12 – 18 May 2025 A critical elevation of privilege vulnerability has been found in Azure DevOps, published on May 8, 2025, and updated with more details 2 days later on May 10, 2025. It has a CVSS score of 10.0! It’s not often that 

Week-19 – A critical security vulnerability in the OpenCTI Platform

05 – 11 May 2025 A critical security vulnerability has been identified in the OpenCTI Platform which is designed to structure, store, organize and visualize technical and non-technical information about cyber threats. This vulnerability, tracked as CVE-2025-24977 is our new CVEofTheWeek with an assigned CVSS 

Week 18 – SAP NetWeaver’s Visual Composer component

Week 18 – SAP NetWeaver’s Visual Composer component

White Hat IT Security’s CVE Of The Week, CVE-2025-31324, is a critical zero-day vulnerability affecting SAP NetWeaver’s Visual Composer component

No Time for Antics with Semantics: Why CVEs Are Cybersecurity’s Lifeline

No Time for Antics with Semantics: Why CVEs Are Cybersecurity’s Lifeline

The cybersecurity world runs on shared language. We don’t often talk about it in those terms—but that’s exactly what the CVE (Common Vulnerabilities and Exposures) system is. A global taxonomy of flaws. A universal index of weakness. The quiet backbone that lets defenders coordinate responses 

Week 9 – Palo Alto PAN-OS Authentication Bypass

Week 9 – Palo Alto PAN-OS Authentication Bypass

03-10 March 2025 Palo Alto PAN-OS authentication bypass exploited in the wild: CVE-2025-0108 This week’s #CVEofTheWeek is about an actively exploited critical Authentication Bypass vulnerability in Palo Alto PAN-OS. PAN-OS is the software that runs all Palo Alto Networks Next-Generation Firewalls (NGFW). The high-level properties