Stuxlab

Vulnerability: Impact: Exploitation of these hidden commands could lead to various security risks, including: CVE 2025-27840 CVSS 6.8 Published Date 8-Mar-2025 Impacted Devices IOT devices & Development Boards Exploit Availablity Yes It’s important to clarify… Read more: CVE-2025-27840 – Espressif ESP32 chips allow 29 hidden HCI commands

Overview: A critical security vulnerability has been disclosed in NVIDIA Container Toolkit v1.16.2 and NVIDIA GPU Operator v24.6.2. The critical security flaw, if exploited could allow threat actors to break out of the confines of… Read more: CVE-2024-0132: Critical Vulnerability in NVIDIA Container Toolkit

The internet relies on a system called BGP to route traffic. This system can be vulnerable to attacks that can redirect traffic or disrupt service. To address this, the US government has released a roadmap… Read more: US Gov. Releases Roadmap to Enhance Internet Routing Security (BGP)

Overview: Multiple vulnerabilities have been reported in Google Chrome, which could allow a remote attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the targeted system. CVE CVE-2024-7969CVE-2024-8193CVE-2024-8194CVE-2024-8198 CVSS v3 Highest… Read more: CVE-2024-7969: Multiple vulnerabilities in Google Chrome

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to… Read more: CVE-2024-3400 PAN-OS: Command Injection Vulnerability in GlobalProtect