CVE-2025-21226 - Unpacking the Windows Digital Media Elevation of Privilege Vulnerability
In June 2025, Microsoft disclosed and patched a critical elevation of privilege vulnerability impacting Windows' Digital Media service—catalogued as CVE-2025-21226. In this post,
CVE-2025-0053 - How Attackers Can Leak SAP NetWeaver System Info With a Simple URL Parameter
SAP NetWeaver Application Server (AS) for ABAP is the backbone of many large enterprise systems. Besides managing business logic, it often hosts crucial data and
CVE-2025-0401 - Critical Path Traversal Vulnerability in reggie 1. - How the “name” Argument in download() Opens Your Server to Attack
A new critical security flaw has been found in the open-source project reggie version 1., a popular Java-based backend. The flaw, now tracked as CVE-2025-0401,
CVE-2025-0202 - File Inclusion in TCS BaNCS 10’s /REPORTS/REPORTS_SHOW_FILE.jsp – Explained and Exploited
If you’re working in banking, you might have heard of TCS BaNCS, a widely-used banking software suite from Tata Consultancy Services. On June 2025,
CVE-2024-43762 - Local Privilege Escalation Due to Service Unbinding Logic Error
Date: June 2024
Severity: High
Impact: Local Privilege Escalation (LPE)
Component: System Bound Services (affected platforms not specified for exclusivity)
A new vulnerability, CVE-2024-43762, has
Episode
00:00:00
00:00:00