Infosecurity Magazine

Critical WatchGuard Fireware OS Flaw Enables Remote Code Execution

A critical out-of-bounds write flaw (CVE-2025-9242) in WatchGuard Fireware OS could allow remote code execution ...
Bleeping Computer

DrayTek warns of remote code execution bug in Vigor routers

Networking hardware maker DrayTek released an advisory to warn about a security vulnerability in several Vigor router models that could allow remote, unauthenticated actors to execute perform ...
Bleeping Computer

Over 660,000 Rsync servers exposed to code execution attacks

Over 660,000 exposed Rsync servers are potentially vulnerable to six new vulnerabilities, including a critical-severity heap-buffer overflow flaw that allows remote code execution on servers. Rsync is ...
SDxCentral

VU#148244: PandasAI interactive prompt function can be exploited to run arbitrary Python code through prompt injection, which can lead to remote code execution (RCE)

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...

Two critical flaws put 7-Zip users at risk of remote code execution

Two recently discovered security flaws could make 7-Zip a serious risk to data and system security. These bugs had been known internally for months, and 7-Zip ...

DrayTek warns Vigor routers may have serious security flaws - here's what we know

In a security advisory, DrayTek said it discovered an “uninitialized variables in the firmware” vulnerability in DrayOS (the OS powering Vigor routers) which, if exploited, could result in memory ...