Critical vulnerability discoveries, CVE research, and responsible disclosure reports
[*] Accessing category: CVE & Bug Bounty
[+] Database query returned 8 results
root@sekurity:~/categories/cve-bug-bounty$ _
Critical pre-auth double free in the Windows IKE Service Extensions (IKEEXT.dll) lets remote attackers reach SYSTEM over UDP/500 and UDP/4500 -- wormable, public PoC already online
Critical pre-authentication flaw in Cisco Integrated Management Controller lets remote attackers reset any admin password and seize full out-of-band control of UCS servers
Critical improper access control vulnerability in Fortinet FortiClient EMS actively exploited as zero-day - Unauthenticated API bypass leads to remote code execution
Critical authentication bypass vulnerability in Cisco Catalyst SD-WAN Manager actively exploited - Unauthenticated access with netadmin privileges possible
Critical zero-day vulnerability in Windows Shell allows attackers to bypass SmartScreen and Mark of the Web protections through a single malicious click
Critical vulnerability in OpenClaw AI Agent enables Remote Code Execution with just one click - Authentication token exfiltration through manipulated URLs
Critical zero-day vulnerability in Cisco Unified Communications Manager and Webex actively exploited - Root access via code injection possible
Critical path traversal vulnerability in node-tar allows arbitrary file overwrite through manipulated hardlinks and symlinks in TAR archives
root@sekurity:~/categories/cve-bug-bounty$ echo "Query complete"
Query complete
root@sekurity:~/categories/cve-bug-bounty$ _