Link11 Highlights Growing Cybersecurity Risks and Introduces Integrated WAAP Platform

Frankfurt am Main, Germany, 20th August 2025, CyberNewsWire...

Akamai Beats Other WAAP Vendors in Third-Party Evaluation

...

CVE-2025-57788

A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk...

CVE-2024-57157

Incorrect access control in Jantent v1.1 allows attackers to bypass authentication and access sensitive APIs without a token...

Commvault 安全漏洞

Commvault is a data backup and recovery software from Commvault Corporation, USA. A security vulnerability exists in Commvault versions prior to 11.36.60 that stems from a known login mechanism that allows an unauthenticated attacker to execute API calls...

PT-2025-33898

Name of the Vulnerable Software and Affected Versions: Commvault versions prior to 11.36.60 Description: A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. Role-Based Access Control RBAC can limit exposure, but does...

Linux Distros Unpatched Vulnerability : CVE-2024-52337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequenc...

Sensitive Information Disclosure

OpenSearch is vulnerable to Sensitive Information Disclosure. The vulnerability is due to redacted values being retrievable through range queries and the fields option in the search API...

CVE-2025-55299

VaulTLS is a modern solution for managing mTLS mutual TLS certificates. Prior to 0.9.1, user accounts created through the User web UI have an empty but not NULL password set, attackers can use this to login with an empty password. This is combined with that fact, that previously disabling the...

CVE-2025-55299

VaulTLS has an authentication issue prior to 0.9.1: user accounts created via the User web UI may have an empty (non-NULL) password, enabling login with an empty password. This is exacerbated by API login still working after frontend password checks were disabled. The vulnerability is fixed in 0....

BIT-GITLAB-2024-10219 Incorrect Authorization in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 15.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that under certain conditions could have allowed authenticated users to bypass access controls and download private artifacts by accessing specific API endpoints...

Linux Distros Unpatched Vulnerability : CVE-2024-11828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service DoS condition was discovered in GitLab CE/EE affecting all versions from 13.2.4 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. B...

Linux Distros Unpatched Vulnerability : CVE-2024-7554

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17.0.6, all versions starting from 17.1 before 17.1.4, all version...

Linux Distros Unpatched Vulnerability : CVE-2022-1100

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions from 13.1 prior to 14.7.7, 14.8.0 prior to 14.8.5, and 14.9.0 prior to 14.9....

CVE-2025-5998

The PPWP – Password Protect Pages WordPress plugin before version 1.9.11 allows to put the site content behind a password authorization, however users with subscriber or greater roles can view content via the REST API...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unchecked dmaalloccoherent return value that could lead to DMA API abuse...

CVE-2024-10219

An issue has been discovered in GitLab CE/EE affecting all versions from 15.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that under certain conditions could have allowed authenticated users to bypass access controls and download private artifacts by accessing specific API endpoints...

Akamai Named an Overall Leader for API Security by KuppingerCole

...

Exploit for Injection in Cisco Secure_Firewall_Management_Center

cve2025-20265 Safe Python script to detect Cisco FMC instances...

PT-2025-33430 · WordPress · B Slider- Gutenberg Slider Block

Name of the Vulnerable Software and Affected Versions: B Slider- Gutenberg Slider Block for WP plugin for WordPress versions prior to 2.0.0 Description: The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Server-Side Request Forgery via the fs api request function...