CVE-2025
CVE (Common Vulnerabilities and Exposures) is a standardized system used to identify and categorize security vulnerabilities in software and hardware. Managed by the MITRE Corporation, each CVE entry provides a unique identifier for a specific vulnerability, making it easier for security professionals to share and track issues. The CVE system enables organizations to quickly identify known vulnerabilities, assess the risk to their systems, and implement patches or mitigations to protect against potential exploits.
-
CVE-2025-0107
CVE-2025-0107 is an OS command injection flaw (CWE-78) in Palo Alto Networks’ Expedition, the tool used to migrate firewall configurations into PAN-OS. The vulnerability was disclosed on 7 January 202...
-
CVE-2025-0108
CVE-2025-0108 is an authentication bypass vulnerability in the management web interface of Palo Alto Networks PAN-OS, disclosed on February 12, 2025. It allows an unauthenticated attacker with network...
-
CVE-2025-8286
CVE-2025-8286 affects the Güralp FMUS series seismic monitoring devices, exposing an unauthenticated Telnet-based command-line interface that could allow an attacker to modify hardware configurations,...
-
CVE-2025-2907
The Order Delivery Date WordPress plugin before 12.3.1 does not have authorization and CSRF checks when importing settings. Furthermore it also lacks proper checks to only update options relevant to t...
Every challenge you skip is a skill left unmastered. Dive in, dominate, and level up!
A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).
