193 matches found
⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More
This week had real hits. The key software got tampered with. Active bugs showed up in the tools people use every day. Some attacks didn’t even need much effort because the path was already there. One weak spot now spreads wider than before. What starts small can reach a lot of systems fast. New...
CVE-2025-52987
A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...
CVE-2025-52987
A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...
CVE-2025-52987
A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...
CVE-2025-52987
CVE-2025-52987 is a clickjacking vulnerability in Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) caused by the web portal failing to set proper X-Frame-Options and X-Content-Type headers. Affected are all Paragon Automation versions prior to 24.1.1. Practical impact described...
CVE-2025-52987 Paragon Automation: A clickjacking vulnerability in the web server configuration has been addressed
A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...
CVE-2025-52987 Paragon Automation: A clickjacking vulnerability in the web server configuration has been addressed
A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...
EUVD-2026-2709
A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...
CVE-2025-52987
A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...
Juniper Networks Paragon Automation security vulnerabilities
Juniper Networks Paragon Automation is an automation and operations platform provided by the American company Juniper Networks. Versions of Juniper Networks Paragon Automation prior to 24.1.1 contained security vulnerabilities. These vulnerabilities stemmed from the lack of appropriate...
PT-2026-3103
Name of the Vulnerable Software and Affected Versions Juniper Networks Paragon Automation Pathfinder, Planner, Insights versions prior to 24.1.1 Description A clickjacking issue exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights. This is due to the...
CVE-2025-58225
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Paragon paragon allows PHP Local File Inclusion.This issue affects Paragon: from n/a through = 1.1...
EUVD-2025-204193
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Paragon paragon allows PHP Local File Inclusion.This issue affects Paragon: from n/a through = 1.1...
CVE-2025-58225
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Paragon paragon allows PHP Local File Inclusion.This issue affects Paragon: from n/a through = 1.1...
CVE-2025-58225
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Paragon paragon allows PHP Local File Inclusion.This issue affects Paragon: from n/a through = 1.1...
CVE-2025-58225 WordPress Paragon theme <= 1.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Paragon paragon allows PHP Local File Inclusion.This issue affects Paragon: from n/a through = 1.1...
CVE-2025-58225
CVE-2025-58225 concerns an Improper Control of Filename for Include/Require Statement (PHP Remote File Inclusion) in axiomthemes Paragon/WordPress Paragon theme versions up to 1.1, enabling PHP Local File Inclusion. The Red Hat, ENISA, NVD, CVE List, and PatchStack entries corroborate the issue i...
CVE-2025-58225 WordPress Paragon theme <= 1.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Paragon paragon allows PHP Local File Inclusion.This issue affects Paragon: from n/a through = 1.1...
WordPress plugin Paragon 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
PT-2025-52053
Name of the Vulnerable Software and Affected Versions axiomthemes Paragon versions through 1.1 Description The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Remote File Inclusion. This allows for PHP Local File Inclusion. Recommendation...