##
Updated at UTC 2025-09-02T10:57:38.318776
CVE | CVSS | EPSS | Posts | Repos | Nuclei | Updated | Description |
---|---|---|---|---|---|---|---|
CVE-2025-41690 | 7.4 | 0.00% | 2 | 0 | 2025-09-02T08:15:30.583000 | A low-privileged attacker in bluetooth range may be able to access the password | |
CVE-2025-9748 | 8.8 | 0.05% | 1 | 0 | 2025-08-31T22:15:32.260000 | A vulnerability was determined in Tenda CH22 1.0.0.1. Affected by this issue is | |
CVE-2025-57819 | 0 | 37.91% | 5 | 4 | 2025-08-30T01:00:02 | FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, an | |
CVE-2024-46484 | 9.8 | 0.29% | 1 | 0 | 2025-08-29T21:32:09 | TRENDnet TV-IP410 vA1.0R was discovered to contain an OS command injection vulne | |
CVE-2025-52856 | None | 0.37% | 1 | 0 | 2025-08-29T18:31:01 | An improper authentication vulnerability has been reported to affect VioStor. If | |
CVE-2025-55177 | 8.0 | 0.03% | 7 | 0 | 2025-08-29T18:30:59 | Incomplete authorization of linked device synchronization messages in WhatsApp f | |
CVE-2025-5808 | 0 | 0.08% | 1 | 0 | 2025-08-29T16:24:29.730000 | Improper Input Validation vulnerability in OpenText Self Service Password Reset | |
CVE-2025-39247 | 8.6 | 0.04% | 1 | 0 | 2025-08-29T16:24:29.730000 | There is an Access Control Vulnerability in some HikCentral Professional version | |
CVE-2025-9584 | 6.3 | 1.06% | 1 | 0 | 2025-08-29T16:24:29.730000 | A vulnerability was found in Comfast CF-N1 2.6.0. Affected by this issue is the | |
CVE-2025-9577 | 2.5 | 0.01% | 1 | 0 | 2025-08-29T16:24:29.730000 | A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected | |
CVE-2025-57218 | 5.3 | 0.04% | 1 | 0 | 2025-08-29T16:24:29.730000 | Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a st | |
CVE-2025-55583 | 9.8 | 0.92% | 1 | 0 | 2025-08-29T16:24:29.730000 | D-Link DIR-868L B1 router firmware version FW2.05WWB02 contains an unauthenticat | |
CVE-2025-34160 | 0 | 0.64% | 1 | 0 | 2025-08-29T16:24:09.860000 | AnyShare contains a critical unauthenticated remote code execution vulnerability | |
CVE-2025-34161 | 0 | 0.90% | 1 | 1 | 2025-08-29T16:24:09.860000 | Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote code exec | |
CVE-2025-9527 | 8.8 | 0.08% | 1 | 0 | 2025-08-29T16:24:09.860000 | A vulnerability was found in Linksys E1700 1.0.0.4.003. This affects the functio | |
CVE-2025-6203 | 7.5 | 0.04% | 1 | 0 | 2025-08-29T16:22:49 | A malicious user may submit a specially-crafted complex payload that otherwise m | |
CVE-2025-9481 | 8.8 | 0.09% | 1 | 0 | 2025-08-29T16:22:31.970000 | A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE | |
CVE-2025-39246 | 5.3 | 0.03% | 1 | 0 | 2025-08-29T15:31:44 | There is an Unquoted Service Path Vulnerability in some HikCentral FocSign versi | |
CVE-2025-39245 | 4.7 | 0.03% | 1 | 0 | 2025-08-29T15:30:38 | There is a CSV Injection Vulnerability in some HikCentral Master Lite versions. | |
CVE-2025-9603 | 6.3 | 1.08% | 1 | 0 | 2025-08-29T03:30:57 | A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected ele | |
CVE-2025-57217 | 5.3 | 0.04% | 1 | 0 | 2025-08-28T21:32:32 | Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a st | |
CVE-2025-9586 | 6.3 | 1.06% | 1 | 0 | 2025-08-28T21:31:37 | A vulnerability was identified in Comfast CF-N1 2.6.0. This vulnerability affect | |
CVE-2025-9585 | 6.3 | 1.06% | 1 | 0 | 2025-08-28T21:31:37 | A vulnerability was determined in Comfast CF-N1 2.6.0. This affects the function | |
CVE-2025-9583 | 6.3 | 1.06% | 1 | 0 | 2025-08-28T21:31:37 | A vulnerability has been found in Comfast CF-N1 2.6.0. Affected by this vulnerab | |
CVE-2025-9582 | 6.3 | 1.06% | 1 | 0 | 2025-08-28T21:31:37 | A flaw has been found in Comfast CF-N1 2.6.0. Affected is the function ntp_timez | |
CVE-2025-9579 | 6.3 | 1.08% | 1 | 0 | 2025-08-28T21:31:37 | A weakness has been identified in LB-LINK BL-X26 1.2.8. The impacted element is | |
CVE-2025-9581 | 6.3 | 1.06% | 1 | 0 | 2025-08-28T21:31:37 | A vulnerability was detected in Comfast CF-N1 2.6.0. This impacts the function m | |
CVE-2025-57219 | 5.3 | 0.04% | 1 | 0 | 2025-08-28T21:31:36 | Incorrect access control in the endpoint /goform/ate of Tenda AC10 v4.0 firmware | |
CVE-2025-55582 | 7.8 | 0.01% | 1 | 0 | 2025-08-28T21:31:25 | D-Link DCS-825L firmware v1.08.01 contains a vulnerability in the watchdog scrip | |
CVE-2025-9575 | 6.3 | 0.92% | 1 | 0 | 2025-08-28T18:30:46 | A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 | |
CVE-2025-9576 | 2.5 | 0.01% | 1 | 0 | 2025-08-28T18:30:46 | A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Impacted is | |
CVE-2025-38676 | None | 0.04% | 1 | 1 | 2025-08-28T15:31:45 | In the Linux kernel, the following vulnerability has been resolved: iommu/amd: | |
CVE-2025-38617 | None | 0.04% | 1 | 0 | 2025-08-28T15:30:39 | In the Linux kernel, the following vulnerability has been resolved: net/packet: | |
CVE-2025-34158 | 7.2 | 0.04% | 3 | 0 | 2025-08-28T00:31:34 | Plex Media Server (PMS) versions 1.41.7.x through 1.42.0.x are affected by an un | |
CVE-2018-25115 | None | 0.22% | 1 | 0 | 2025-08-28T00:30:38 | Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610 | |
CVE-2023-7308 | None | 0.34% | 1 | 0 | 2025-08-28T00:30:30 | SecGate3600, a network firewall product developed by NSFOCUS, contains a sensiti | |
CVE-2025-7425 | 7.8 | 0.02% | 1 | 0 | 2025-08-28T00:30:29 | A flaw was found in libxslt where the attribute type, atype, flags are modified | |
CVE-2025-55495 | 6.5 | 0.03% | 1 | 0 | 2025-08-27T21:31:45 | Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the | |
CVE-2025-34159 | None | 0.54% | 1 | 1 | 2025-08-27T18:32:06 | Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code exec | |
CVE-2025-34157 | None | 0.09% | 1 | 1 | 2025-08-27T18:32:06 | Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a stored cross-sit | |
CVE-2025-20317 | 7.1 | 0.03% | 1 | 0 | 2025-08-27T18:32:01 | A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling | |
CVE-2025-53853 | 9.8 | 0.10% | 1 | 0 | 2025-08-27T18:12:28.503000 | A heap-based buffer overflow vulnerability exists in the ISHNE parsing functiona | |
CVE-2025-9478 | 8.8 | 0.07% | 1 | 1 | 2025-08-27T15:34:17 | Use after free in ANGLE in Google Chrome prior to 139.0.7258.154 allowed a remot | |
CVE-2025-55526 | 9.1 | 0.35% | 1 | 0 | 2025-08-27T15:34:16 | n8n-workflows Main Commit ee25413 allows attackers to execute a directory traver | |
CVE-2025-9533 | 7.3 | 0.08% | 1 | 0 | 2025-08-27T15:33:22 | A vulnerability has been found in TOTOLINK T10 4.1.8cu.5241_B20210927. Affected | |
CVE-2025-9528 | 4.7 | 0.20% | 1 | 0 | 2025-08-27T15:33:21 | A vulnerability was determined in Linksys E1700 1.0.0.4.003. This vulnerability | |
CVE-2025-9525 | 8.8 | 0.08% | 1 | 0 | 2025-08-27T15:33:21 | A flaw has been found in Linksys E1700 1.0.0.4.003. Affected by this vulnerabili | |
CVE-2025-9526 | 8.8 | 0.08% | 1 | 0 | 2025-08-27T15:33:21 | A vulnerability has been found in Linksys E1700 1.0.0.4.003. Affected by this is | |
CVE-2025-43728 | 9.7 | 0.10% | 1 | 0 | 2025-08-27T15:33:15 | Dell ThinOS 10, versions prior to 2508_10.0127, contain a Protection Mechanism F | |
CVE-2025-7775 | 9.8 | 12.25% | 35 | 3 | 2025-08-27T14:26:22.103000 | Memory overflow vulnerability leading to Remote Code Execution and/or Denial of | |
CVE-2025-29517 | 6.8 | 0.10% | 1 | 0 | 2025-08-26T21:32:13 | D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to cont | |
CVE-2025-23307 | 7.8 | 0.02% | 1 | 0 | 2025-08-26T21:31:17 | NVIDIA NeMo Curator for all platforms contains a vulnerability where a malicious | |
CVE-2025-29525 | 5.3 | 0.04% | 1 | 0 | 2025-08-26T18:32:22 | DASAN GPON ONU H660WM OS version H660WMR210825 Hardware version DS-E5-583-A1 was | |
CVE-2025-29524 | 6.5 | 0.03% | 1 | 0 | 2025-08-26T18:32:22 | Incorrect access control in the component /cgi-bin/system_diagnostic_main.asp of | |
CVE-2025-29521 | 5.3 | 0.04% | 1 | 0 | 2025-08-26T18:32:22 | Insecure default credentials for the Adminsitrator account of D-Link DSL-7740C w | |
CVE-2025-29522 | 6.5 | 4.33% | 1 | 0 | 2025-08-26T18:32:22 | D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to cont | |
CVE-2025-29520 | 5.3 | 0.04% | 1 | 0 | 2025-08-26T16:15:33.833000 | Incorrect access control in the Maintenance module of D-Link DSL-7740C with firm | |
CVE-2025-29519 | 5.3 | 4.00% | 1 | 0 | 2025-08-26T16:15:33.623000 | A command injection vulnerability in the EXE parameter of D-Link DSL-7740C with | |
CVE-2025-9482 | 8.8 | 0.09% | 1 | 0 | 2025-08-26T15:31:08 | A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 a | |
CVE-2025-8424 | None | 0.03% | 2 | 0 | 2025-08-26T15:31:07 | Improper access control on the NetScaler Management Interface in NetScaler ADC a | |
CVE-2025-8627 | None | 0.02% | 1 | 0 | 2025-08-26T15:30:57 | The TP-Link KP303 Smartplug can be issued unauthenticated protocol commands that | |
CVE-2025-50674 | 7.8 | 0.02% | 1 | 0 | 2025-08-26T15:30:56 | An issue was discovered in the changePassword method in file /usr/share/php/open | |
CVE-2025-48384 | 8.0 | 4.08% | 5 | 37 | 2025-08-26T14:45:27.957000 | Git is a fast, scalable, distributed revision control system with an unusually r | |
CVE-2024-8069 | 8.0 | 44.54% | 3 | 1 | 2025-08-26T14:44:23.440000 | Limited remote code execution with privilege of a NetworkService Account access | |
CVE-2025-7776 | 0 | 0.06% | 2 | 0 | 2025-08-26T13:41:58.950000 | Memory overflow vulnerability leading to unpredictable or erroneous behavior and | |
CVE-2025-43300 | 8.8 | 1.72% | 11 | 3 | 2025-08-26T06:30:59 | An out-of-bounds write issue was addressed with improved bounds checking. This i | |
CVE-2025-29523 | 7.2 | 0.24% | 1 | 0 | 2025-08-26T00:31:20 | D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to cont | |
CVE-2025-51281 | 7.0 | 0.05% | 1 | 0 | 2025-08-26T00:31:20 | D-Link DI-8100 16.07.26A1 is vulnerable to Buffer Overflow via the en`, `val and | |
CVE-2025-29516 | 7.2 | 0.24% | 1 | 0 | 2025-08-26T00:31:13 | D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to cont | |
CVE-2025-29514 | 9.8 | 0.05% | 1 | 0 | 2025-08-26T00:31:12 | Incorrect access control in the config.xgi function of D-Link DSL-7740C with fir | |
CVE-2025-44178 | 6.5 | 0.04% | 1 | 0 | 2025-08-25T20:24:45.327000 | DASAN GPON ONU H660WM H660WMR210825 is susceptible to improper access control un | |
CVE-2025-29515 | 9.8 | 0.05% | 1 | 0 | 2025-08-25T20:24:45.327000 | Incorrect access control in the DELT_file.xgi endpoint of D-Link DSL-7740C with | |
CVE-2025-5191 | 0 | 0.01% | 1 | 0 | 2025-08-25T20:24:45.327000 | An Unquoted Search Path vulnerability has been identified in the utility for Mox | |
CVE-2025-55230 | 7.8 | 0.05% | 1 | 1 | 2025-08-25T18:36:04.440000 | Untrusted pointer dereference in Windows MBT Transport driver allows an authoriz | |
CVE-2025-54462 | 9.8 | 0.10% | 1 | 0 | 2025-08-25T15:32:07 | A heap-based buffer overflow vulnerability exists in the Nex parsing functionali | |
CVE-2025-7426 | None | 0.03% | 1 | 0 | 2025-08-25T09:32:09 | Information disclosure and exposure of authentication FTP credentials over the d | |
CVE-2025-9118 | None | 0.37% | 4 | 0 | 2025-08-25T09:32:08 | A path traversal vulnerability in the NPM package installation process of Google | |
CVE-2025-26496 | 9.7 | 0.02% | 2 | 0 | 2025-08-22T21:31:25 | Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in S | |
CVE-2025-55746 | 9.3 | 0.05% | 1 | 0 | 2025-08-22T18:09:17.710000 | Directus is a real-time API and App dashboard for managing SQL database content. | |
CVE-2025-9074 | 0 | 0.02% | 13 | 1 | 2025-08-22T14:15:47.790000 | A vulnerability was identified in Docker Desktop that allows local running Linux | |
CVE-2025-55229 | 5.3 | 0.03% | 1 | 0 | 2025-08-21T21:32:13 | Improper verification of cryptographic signature in Windows Certificates allows | |
CVE-2025-8995 | 9.8 | 0.09% | 1 | 0 | 2025-08-21T21:32:02 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal | |
CVE-2025-4123 | 7.6 | 5.10% | 2 | 7 | template | 2025-08-15T19:37:01.457000 | A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining |
CVE-2025-25256 | 9.8 | 18.91% | 1 | 2 | template | 2025-08-15T18:15:27.583000 | An improper neutralization of special elements used in an OS command ('OS Comman |
CVE-2025-0309 | None | 0.01% | 1 | 1 | 2025-08-15T15:31:25 | An insufficient validation on the server connection endpoint in Netskope Client | |
CVE-2025-8714 | 8.8 | 0.06% | 1 | 1 | 2025-08-14T15:30:44 | Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser o | |
CVE-2025-32711 | 9.3 | 0.30% | 1 | 1 | 2025-08-04T18:31:35 | Ai command injection in M365 Copilot allows an unauthorized attacker to disclose | |
CVE-2025-54309 | 9.0 | 37.61% | 7 | 3 | template | 2025-07-23T17:51:56.027000 | CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is |
CVE-2025-7545 | 5.3 | 0.01% | 1 | 0 | 2025-07-14T00:31:13 | A vulnerability classified as problematic was found in GNU Binutils 2.45. Affect | |
CVE-2025-49870 | 7.5 | 0.04% | 2 | 0 | 2025-07-08T16:18:53.607000 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
CVE-2025-6543 | 9.8 | 3.86% | 2 | 3 | 2025-07-01T18:19:45.547000 | Memory overflow vulnerability leading to unintended control flow and Denial of S | |
CVE-2025-26647 | 8.1 | 0.22% | 1 | 0 | 2025-04-08T18:34:54 | Improper input validation in Windows Kerberos allows an unauthorized attacker to | |
CVE-2021-0920 | 6.4 | 0.51% | 1 | 0 | 2025-04-04T17:34:25.457000 | In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a | |
CVE-2023-46604 | 10.0 | 94.44% | 1 | 30 | template | 2025-02-13T19:20:38 | Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may all |
CVE-2019-3767 | 8.2 | 0.09% | 1 | 0 | 2024-11-21T04:42:29.523000 | Dell ImageAssist versions prior to 8.7.15 contain an information disclosure vuln | |
CVE-2024-8068 | None | 4.69% | 3 | 0 | 2024-11-14T18:30:34 | Privilege escalation to NetworkService Account access in Citrix Session Recordin | |
CVE-2024-39844 | 9.8 | 26.73% | 1 | 1 | 2024-07-08T15:31:55 | In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK. | |
CVE-2023-4759 | 8.8 | 1.21% | 1 | 0 | 2024-04-11T19:37:36 | Arbitrary File Overwrite in Eclipse JGit <= 6.6.0 In Eclipse JGit, all versions | |
CVE-2019-12280 | 7.8 | 0.73% | 1 | 0 | 2024-04-04T01:02:58 | PC-Doctor Toolbox before 7.3 has an Uncontrolled Search Path Element. | |
CVE-2009-1897 | None | 3.34% | 1 | 0 | 2023-02-20T05:05:40 | The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in the Linux | |
CVE-2010-0104 | None | 10.75% | 1 | 0 | 2023-01-31T05:08:53 | Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x | |
CVE-2025-9812 | 0 | 0.00% | 1 | 0 | N/A | ||
CVE-2025-9815 | 0 | 0.00% | 1 | 0 | N/A | ||
CVE-2025-9813 | 0 | 0.00% | 1 | 0 | N/A | ||
CVE-2025-58178 | 0 | 0.00% | 1 | 0 | N/A | ||
CVE-2025-20707 | 0 | 0.02% | 1 | 0 | N/A | ||
CVE-2025-6507 | 0 | 0.07% | 1 | 0 | N/A | ||
CVE-2025-20708 | 0 | 0.06% | 1 | 0 | N/A | ||
CVE-2025-54857 | 0 | 0.60% | 1 | 0 | N/A | ||
CVE-2025-9569 | 0 | 0.04% | 1 | 0 | N/A | ||
CVE-2025-0165 | 0 | 0.09% | 1 | 0 | N/A | ||
CVE-2025-52861 | 0 | 0.22% | 1 | 0 | N/A | ||
CVE-2025-53693 | 0 | 0.00% | 1 | 1 | N/A | ||
CVE-2025-53691 | 0 | 0.00% | 1 | 2 | N/A | ||
CVE-2025-53694 | 0 | 0.00% | 1 | 2 | N/A | ||
CVE-2024-28080 | 0 | 0.00% | 1 | 0 | N/A | ||
CVE-2025-8067 | 0 | 0.01% | 2 | 0 | N/A | ||
CVE-2025-48964 | 0 | 0.06% | 1 | 0 | N/A |
updated 2025-09-02T08:15:30.583000
2 posts
🔒 CVE-2025-41690 (HIGH): Endress+Hauser Promag 10 w/ HART—Bluetooth-proximate attackers can extract Maintenance passwords from event logs, risking config tampering. Restrict Bluetooth, audit logs, and monitor access. https://radar.offseq.com/threat/cve-2025-41690-cwe-532-insertion-of-sensitive-info-d7b4fc8b #OffSeq #ICS #Bluetooth #Vuln
###OT #Advisory VDE-2025-068
Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions
#CVE CVE-2025-41690
https://certvde.com/en/advisories/VDE-2025-068
#CSAF https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-068.json
##updated 2025-08-31T22:15:32.260000
1 posts
🚩 CVE-2025-9748 (HIGH): Tenda CH22 v1.0.0.1 stack-based buffer overflow in /goform/IPSECsave can lead to remote code exec. No patch yet — segment networks, restrict remote mgmt, monitor for abuse. https://radar.offseq.com/threat/cve-2025-9748-stack-based-buffer-overflow-in-tenda-0b456634 #OffSeq #Cybersecurity #Vuln
##updated 2025-08-30T01:00:02
5 posts
4 repos
https://github.com/blueisbeautiful/CVE-2025-57819
https://github.com/net-hex/CVE-2025-57819
@technadu fuck yeah, it's no longer my job to fix CVE-2025-57819.
(hopefully I didn't write the vulnerable code...)
##🚨 Cybersecurity Updates 🚨
- WhatsApp zero-day (CVE-2025-55177) patched after active exploitation.
- CISA KEV adds Sangoma FreePBX auth-bypass (CVE-2025-57819).
- U.S. seizes VerifTools fake ID hub tied to $6.4M fraud.
Stay patched. Stay aware.
##🚨 CISA adds CVE-2025-57819 (Sangoma FreePBX auth bypass) to KEV Catalog.
- Actively exploited ⚠️
- BOD 22-01 requires FCEB agencies to patch
- CISA urges all orgs to remediate
💬 How fast does your org patch KEV-listed CVEs?
🔒 Follow @technadu for daily cyber alerts.
CVE ID: CVE-2025-57819
Vendor: Sangoma
Product: FreePBX
Date Added: 2025-08-29
Notes: https://github.com/FreePBX/security-reporting/security/advisories/GHSA-m42g-xg4c-5f3h ; https://nvd.nist.gov/vuln/detail/CVE-2025-57819
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-57819
CISA has updated the KEV catalogue.
CVE-2025-57819: Sangoma FreePBX Authentication Bypass Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-57819
From yesterday:
Nine Industrial Control Systems Advisories https://www.cisa.gov/news-events/alerts/2025/08/28/cisa-releases-nine-industrial-control-systems-advisories #CISA #cybersecurity #infosec
##updated 2025-08-29T21:32:09
1 posts
updated 2025-08-29T18:31:01
1 posts
QNAP patches multible security vulnerabilities in legacy VioStor NVR systems
QNAP Systems patched two critical vulnerabilities in legacy VioStor NVR surveillance systems: an authentication bypass flaw (CVE-2025-52856) allowing remote unauthorized access and a path traversal vulnerability (CVE-2025-52861) enabling access to sensitive system files once admin access is gained.
**If you have QNAP Legacy VioStor NVR systems, first make sure they are isolated from the internet and accessible only from trusted networks or VPN. Then plan a quick update update to QVR 5.1.6 build 20250621 or later. And set up regular firmware update schedules to stay protected against future security flaws.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/qnap-patches-multible-security-vulnerabilities-in-legacy-viostor-nvr-systems-w-r-g-f-o/gD2P6Ple2L
updated 2025-08-29T18:30:59
7 posts
WhatsApp corrige une faille Zero-Click ciblant les utilisateurs d’iOS et de macOS : CVE-2025-55177 https://www.it-connect.fr/whatsapp-faille-zero-click-cve-2025-55177/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #WhatsApp
##Jen několik dní poté, co Apple opravil kritickou zranitelnost v iOS a macOS, která mohla být hackery zneužita, vychází najevo nové informace. Útočníci podle zjištění kombinovali chybu v operačních systémech Applu (CVE-2025-43300) s nyní již opravenou chybou ve WhatsAppu (CVE-2025-55177).
https://www.letemsvetemapplem.eu/2025/09/01/hackeri-spojili-chyby-v-ios-a-whatsappu-zvladli-diky-tomu-spehovat-uzivatele/
WhatsApp corrige une faille Zero-Click ciblant les utilisateurs d’iOS et de macOS : CVE-2025-55177 https://www.it-connect.fr/whatsapp-faille-zero-click-cve-2025-55177/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #WhatsApp
##🚨 Cybersecurity Updates 🚨
- WhatsApp zero-day (CVE-2025-55177) patched after active exploitation.
- CISA KEV adds Sangoma FreePBX auth-bypass (CVE-2025-57819).
- U.S. seizes VerifTools fake ID hub tied to $6.4M fraud.
Stay patched. Stay aware.
##WhatsApp vulnerability actively exploited in targeted spyware campaign
WhatsApp patched CVE-2025-55177, a zero-click vulnerability actively exploited in state-sponsored surveillance attacks targeting fewer than 200 journalists, activists, and human rights defenders through sophisticated spyware campaigns. The attack combines WhatsApp and Apple OS vulnerabilities.
**Update your WhatsApp on your computer and your phone NOW. Even if you are not immediately targeted, the flaw is now public and more attackers will try to explot it. So don't be lazy, the update is trivial. If you've been notified by WhatsApp that you were directly targeted, wipe and factory reset the phone.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/whatsapp-vulnerability-actively-exploited-in-targeted-spyware-campaign-7-x-g-u-0/gD2P6Ple2L
🚨 WhatsApp patches CVE-2025-55177 zero-day exploited with Apple CVE-2025-43300 in advanced spyware attacks.
WhatsApp has urged some users to perform a factory reset + OS updates.
Are messaging apps the frontline of spyware warfare now?
💬 Share your thoughts & follow @technadu for daily zero-day + infosec updates.
Meta says it patched a zero-click exploit (CVE-2025-55177) that appears to have been used together with a recent iOS zero-day (CVE-2025-43300)
##updated 2025-08-29T16:24:29.730000
1 posts
Auth bypass in OpenText Self-Service Password Reset.
https://www.cve.org/CVERecord?id=CVE-2025-5808
##Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Authentication Bypass.This issue affects Self Service Password Reset from before 4.8 patch 3.
updated 2025-08-29T16:24:29.730000
1 posts
It's been a bit since I've public seen Hikvision vulns.
https://www.cve.org/CVERecord?id=CVE-2025-39245
https://www.cve.org/CVERecord?id=CVE-2025-39246
##updated 2025-08-29T16:24:29.730000
1 posts
updated 2025-08-29T16:24:29.730000
1 posts
updated 2025-08-29T16:24:29.730000
1 posts
updated 2025-08-29T16:24:29.730000
1 posts
updated 2025-08-29T16:24:09.860000
1 posts
A perfect 10 in AnyShare? Hell yes, please. 🥳
https://stack.chaitin.com/vuldb/detail/b4640952-9be9-4bfa-9d7f-a0be72b35e18
##AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/start_service accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is interpreted by the backend, enabling arbitrary command execution. The vulnerability is presumed to affect builds released prior to August 2025 and is said to be remediated in newer versions of the product, though the exact affected range remains undefined.
updated 2025-08-29T16:24:09.860000
1 posts
1 repos
Go hack some Coolify shit.
https://www.cve.org/CVERecord?id=CVE-2025-34157
https://www.cve.org/CVERecord?id=CVE-2025-34159
https://www.cve.org/CVERecord?id=CVE-2025-34161
##The project maintainer has confirmed that this vulnerability was remediated in version 4.0.0.-beta.420.7 despite not being acknowledged in the release notes.
updated 2025-08-29T16:24:09.860000
1 posts
updated 2025-08-29T16:22:49
1 posts
updated 2025-08-29T16:22:31.970000
1 posts
I think I already shared the repo for these Linksys ones, but here are some CVEs.
https://www.cve.org/CVERecord?id=CVE-2025-9481
https://www.cve.org/CVERecord?id=CVE-2025-9482
And a Mistrastar fiber modem one to make up for it:
https://gist.github.com/geraldog/2d07fdedbbb79d822e9df4b75f882a63
##updated 2025-08-29T15:31:44
1 posts
It's been a bit since I've public seen Hikvision vulns.
https://www.cve.org/CVERecord?id=CVE-2025-39245
https://www.cve.org/CVERecord?id=CVE-2025-39246
##updated 2025-08-29T15:30:38
1 posts
It's been a bit since I've public seen Hikvision vulns.
https://www.cve.org/CVERecord?id=CVE-2025-39245
https://www.cve.org/CVERecord?id=CVE-2025-39246
##updated 2025-08-29T03:30:57
1 posts
updated 2025-08-28T21:32:32
1 posts
updated 2025-08-28T21:31:37
1 posts
updated 2025-08-28T21:31:37
1 posts
updated 2025-08-28T21:31:37
1 posts
updated 2025-08-28T21:31:37
1 posts
updated 2025-08-28T21:31:37
1 posts
updated 2025-08-28T21:31:37
1 posts
updated 2025-08-28T21:31:36
1 posts
updated 2025-08-28T21:31:25
1 posts
updated 2025-08-28T18:30:46
1 posts
updated 2025-08-28T18:30:46
1 posts
updated 2025-08-28T15:31:45
1 posts
1 repos
ZOMG stack buffer overflow from Linux kernel cmdline. 😉
https://www.cve.org/CVERecord?id=CVE-2025-38676
##In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is considered trusted in most environments, avoid writing 1 byte past the end of "acpiid" if the "str" argument is maximum length.
updated 2025-08-28T15:30:39
1 posts
updated 2025-08-28T00:31:34
3 posts
🚨 300k+ Plex Media Server instances still vulnerable to CVE-2025-34158.
- Max CVSS
- Remote unauth exploit
- Full compromise risk
Plex urges users: patch → v1.42.1.10060+
💬 Why do people delay updates, even after warnings?
300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158 for which Plex has issued a fix for earlier this month.
The flaw’s CVSS score is the highest possible, and can be exploited remotely over the internet, without user interaction or attackers having to authenticate first #selfhosting #plex #cve
https://www.helpnetsecurity.com/2025/08/27/plex-media-server-cve-2025-34158-attack/
##300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158 https://www.helpnetsecurity.com/2025/08/27/plex-media-server-cve-2025-34158-attack/ #PlexMediaServer #streamingdevice #securityupdate #vulnerability #Don'tmiss #Hotstuff #Censys #News
##updated 2025-08-28T00:30:38
1 posts
Hey, DA, I've got a treat for you. An 8 year old perfect 10 in a D-Link that just got published and the PoC is still on GitHub.
https://www.cve.org/CVERecord?id=CVE-2018-25115
And a SecGate one for fun.
##updated 2025-08-28T00:30:30
1 posts
Hey, DA, I've got a treat for you. An 8 year old perfect 10 in a D-Link that just got published and the PoC is still on GitHub.
https://www.cve.org/CVERecord?id=CVE-2018-25115
And a SecGate one for fun.
##updated 2025-08-28T00:30:29
1 posts
updated 2025-08-27T21:31:45
1 posts
updated 2025-08-27T18:32:06
1 posts
1 repos
Go hack some Coolify shit.
https://www.cve.org/CVERecord?id=CVE-2025-34157
https://www.cve.org/CVERecord?id=CVE-2025-34159
https://www.cve.org/CVERecord?id=CVE-2025-34161
##The project maintainer has confirmed that this vulnerability was remediated in version 4.0.0.-beta.420.7 despite not being acknowledged in the release notes.
updated 2025-08-27T18:32:06
1 posts
1 repos
Go hack some Coolify shit.
https://www.cve.org/CVERecord?id=CVE-2025-34157
https://www.cve.org/CVERecord?id=CVE-2025-34159
https://www.cve.org/CVERecord?id=CVE-2025-34161
##The project maintainer has confirmed that this vulnerability was remediated in version 4.0.0.-beta.420.7 despite not being acknowledged in the release notes.
updated 2025-08-27T18:32:01
1 posts
Cisco published ten new CVEs. Two are sev:HIGH
and eight are sev:MED
.
https://sec.cloudapps.cisco.com/security/center/publicationListing.x
Nothing too juicy but CVE-2025-20317 looks interesting.
##A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to redirect a user to a malicious website.
updated 2025-08-27T18:12:28.503000
1 posts
Cisco has tagged GCC Productions Inc. for zero-day reports, impacting CVE-2025-54462 and CVE-2025-53853 https://talosintelligence.com/vulnerability_info @TalosSecurity #cybersecurity #Infosec #zeroday
##updated 2025-08-27T15:34:17
1 posts
1 repos
Google releases emergency update for Chrome, patches critical flaw in ANGLE graphics library
Google released an urgent Chrome security update on August 26, 2025, to patch CVE-2025-9478, a critical use-after-free vulnerability in the ANGLE graphics library that allows attackers to execute arbitrary code on systems through malicious web pages.
**Once again - an urgent patch for Chrome - Google is patching an actively exploited flaw in Chrome, and exploitation is just a visit to a malicious site. Update all your Chrome and Chromium browsers (Edge, Opera, Brave, Vivaldi...). Updating the browser is easy, all your tabs reopen after the patch.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/google-releases-emergency-update-for-chrome-patches-critical-flaw-in-angle-graphics-library-3-3-6-2-x/gD2P6Ple2L
updated 2025-08-27T15:34:16
1 posts
updated 2025-08-27T15:33:22
1 posts
updated 2025-08-27T15:33:21
1 posts
updated 2025-08-27T15:33:21
1 posts
updated 2025-08-27T15:33:21
1 posts
updated 2025-08-27T15:33:15
1 posts
Ooh, maybe go hack / patch some Dell ThinOS shit.
https://www.dell.com/support/kbdoc/en-us/000359619/dsa-2025-331
sev:CRIT 9.6 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
##Dell ThinOS 10, versions prior to 2508_10.0127, contain a Protection Mechanism Failure vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass.
updated 2025-08-27T14:26:22.103000
35 posts
3 repos
https://github.com/rxerium/CVE-2025-7775
.@shadowserver results on CVE-2025-7775 patchin'
A take away - realistically, about 1/3rds of boxes don't get patched for in the wild exploited vulns in remote access systems after a week.
##URGENT: 183,900 Citrix NetScaler systems under active attack! CVE-2025-7775 (9.2/10) being exploited now. Immediate patching required for ADC/Gateway 14.1, 13.1 versions. EOL users must upgrade ASAP! Update to secure versions now! #CitrixSecurity #CriticalVuln #CVE
##Updated scan results for CVE-2025-7775 aka CitrixDeelb
https://github.com/GossiTheDog/scanning/blob/main/CVE-2025-7775-Citrix-Netscaler.csv
Next results probably Tuesday
##.@shadowserver results on CVE-2025-7775 patchin'
A take away - realistically, about 1/3rds of boxes don't get patched for in the wild exploited vulns in remote access systems after a week.
##Updated scan results for CVE-2025-7775 aka CitrixDeelb
https://github.com/GossiTheDog/scanning/blob/main/CVE-2025-7775-Citrix-Netscaler.csv
Next results probably Tuesday
##Updated scan results for CVE-2025-7775 aka CitrixDeelb https://raw.githubusercontent.com/GossiTheDog/scanning/refs/heads/main/CVE-2025-7775-Citrix-Netscaler.csv
Next results on Sunday
##New by me - Citrix have forgot to tell you a zero day was under exploitation earlier this year to successfully backdoor devices at "critical" organisations, and no vendor released technical details.
More to come, including on CVE-2025-7775 too.
doublepulsar.com/citrix-forgo...
Citrix forgot to tell you CVE-...
Shadowserver's statistics were updated yesterday: https://dashboard.shadowserver.org/statistics/combined/tree/?date_range=1&source=exchange&source=exchange6&source=http_vulnerable&source=http_vulnerable6&tag=cve-2025-7775%2B&data_set=count&scale=log&auto_update=on
The Register: Thousands of Citrix NetScaler boxes still sitting ducks despite patches https://www.theregister.com/2025/08/28/thousands_of_citrix_netscaler_boxes/ @theregister #Citrix #cybersecurity #infosec
##CVE-2025-7775 Vulnerability: A New Critical NetScaler RCE Zero-Day Under Active Exploitation – Source: socprime.com https://ciso2ciso.com/cve-2025-7775-vulnerability-a-new-critical-netscaler-rce-zero-day-under-active-exploitation-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #CitrixNetScaler #CVE-2025-7775 #Latestthreats #Vulnerability #socprimecom #socprime #Blog #CVE
##Lemme save you the trouble: this is just slop.
##I've published scan results for CVE-2025-7775 (CitrixDeelb - which Bleed is spelt backwards as the CVE number is reverse of CitrixBleed2 :catjam: )
Columns = IP, SSL hostnames, firmware version, vulnerable to CVE-2025-7775 exploitation.
##Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE-2025-7775 – Source: securityaffairs.com https://ciso2ciso.com/over-28000-citrix-instances-remain-exposed-to-critical-rce-flaw-cve-2025-7775-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #CVE-2025-7775 #BreakingNews #SecurityNews #hackingnews #Security #hacking #Citrix
##Cloud Software Group, who own Netscaler, have published their own blog about CVE-2025-7775 (CitrixDeelb)
...however they've incorrectly said it applies to IPv6 setups only. This is wrong. They've missed the "OR" statements from their own advisory.
##The NCSC have published an advisory on CVE-2025-7775 (CitrixDeelb), saying it is highly likely it will be mass exploited:
https://advisories.ncsc.nl/2025/ncsc-2025-0268.html
They've also published a script to check for post exploitation, i.e. backdoor access which persists post patching: https://github.com/NCSC-NL/citrix-2025/blob/main/live-host-bash-check/TLPCLEAR_check_script_cve-2025-6543-v1.8.sh
##Over 28,000 Citrix devices vulnerable to new exploited RCE flaw
More than 28,200 Citrix instances are vulnerable to a critical remote code execution vulnerability tracked as CVE-2025-7775 that is already being...
🔗️ [Bleepingcomputer] https://link.is.it/gkYlgJ
##The CVE-2025-7775 flaw is a memory overflow bug that can lead to unauthenticated, remote code execution on vulnerable devices. https://www.bleepingcomputer.com/news/security/citrix-fixes-critical-netscaler-rce-flaw-exploited-in-zero-day-attacks/
##Nice dashboard for current CVE-2025-7775 RCE vulnerability.
https://dashboard.shadowserver.org/statistics/combined/tree/?date_range=1&source=exchange&source=exchange6&source=http_vulnerable&source=http_vulnerable6&tag=cve-2025-7775%2B&data_set=count&scale=log&auto_update=on
#citrix #netscaler #cybersecurity
Citrix NetScaler – CVE-2025-7775 : une nouvelle zero-day exploitée dans des attaques ! https://www.it-connect.fr/citrix-netscaler-cve-2025-7775-une-nouvelle-zero-day-exploitee-dans-des-attaques/ #ActuCybersécurité #Vulnérabilités #Cybersécurité #Citrix
##Citrix patches multiple flaws in NetScaler, including one actively exploited
Citrix released emergency patches for three NetScaler ADC and Gateway vulnerabilities, including a critical zero-day (CVE-2025-7775) that is being actively exploited and allows remote code execution. CISA added the flaw it to the Known Exploited Vulnerabilities catalog.
**If you have Citrix NetScaler ADC or Gateway appliances, time for an urgent patch. There's another flaw in NetScaler that's actively exploited. And hackers love Citrix. You can't hide it from the internet because it's a gateway, so you better start patching.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/citrix-patches-multiple-flaws-in-netscaler-including-one-actively-exploited-4-v-1-5-2/gD2P6Ple2L
🚨 NetScaler Zero-Day Exploited 🚨
Citrix confirms CVE-2025-7775 (pre-auth RCE/DoS) is being exploited in the wild.
🔹 Exploits deliver webshells → persistent backdoors
🔹 No workarounds, patches only
🔹 Multiple NetScaler zero-days have been hammered this year
Why do you think Citrix appliances are such a repeated attack surface?
🚨 New KEV Alert from CISA:
CVE-2025-7775 – Citrix NetScaler Memory Overflow Vulnerability has been added to the Known Exploited Vulnerabilities catalog.
⚠️ Actively exploited.
⚠️ Significant risk to federal enterprise and beyond.
💬 How fast should orgs move when a KEV is published?
Follow @technadu for ongoing cyber risk coverage.
CVE-2025-7775: Citrix NetScaler ADC and NetScaler Gateway Zero-Day Remote Code Execution Vulnerability Exploited in the Wild – Source: securityboulevard.com https://ciso2ciso.com/cve-2025-7775-citrix-netscaler-adc-and-netscaler-gateway-zero-day-remote-code-execution-vulnerability-exploited-in-the-wild-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #CyberSecurityNews #SecurityBoulevard
##Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775 – Source:thehackernews.com https://ciso2ciso.com/citrix-patches-three-netscaler-flaws-confirms-active-exploitation-of-cve-2025-7775-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #TheHackerNews #Citrix
##Citrix fixes critical NetScaler RCE flaw exploited in zero-day attacks
Citrix fixed three NetScaler ADC and NetScaler Gateway flaws today, including a critical remote code execution flaw tracked as CVE-2025-7775 that...
🔗️ [Bleepingcomputer] https://link.is.it/ZUZ5Hr
##CVE ID: CVE-2025-7775
Vendor: Citrix
Product: NetScaler
Date Added: 2025-08-26
Notes: https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938 ; https://nvd.nist.gov/vuln/detail/CVE-2025-7775
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-7775
Internet scanning for hosts vulnerable to CVE-2025-7775 (CitrixDeelb) has begun, will put up results tomorrow or Friday.
##Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775 https://thehackernews.com/2025/08/citrix-patches-three-netscaler-flaws.html
##Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775 https://thehackernews.com/2025/08/citrix-patches-three-netscaler-flaws.html
##Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775 https://thehackernews.com/2025/08/citrix-patches-three-netscaler-flaws.html
##Citrix: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424 https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938&articleTitle=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_7775_CVE_2025_7776_and_CVE_2025_8424
The Hacker News: Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775 https://thehackernews.com/2025/08/citrix-patches-three-netscaler-flaws.html @thehackernews #cybersecurity #infosec
##New Citrix #NetScaler 0day pokes its head above the wall. CVE-2025-7775 has been added to VulnCheck KEV (it's free!)
https://www.vulncheck.com/blog/new-citrix-netscaler-zero-day-vulnerability-exploited-in-the-wild
##NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) https://www.helpnetsecurity.com/2025/08/26/netscaler-adc-gateway-zero-day-exploited-by-attackers-cve-2025-7775/ #Don'tmiss #NetScaler #Hotstuff #backdoor #webshell #Citrix #0-day #News
##⚠️ Alerte CERT-FR ⚠️
La vulnérabilité CVE-2025-7775 est activement exploitée et permet d'effectuer une exécution de code arbitraire à distance sur toutes les versions de Citrix NetScaler ADC et NetScaler Gateway. Un correctif est disponible.
##The new NetScaler CVEs for the EITW 0days are published. No, not those ones. No, not those ones either. These are new ones. Yes, newer than those new ones you're thinking of.
##There’s a bunch of new Netscaler vulns being exploited as zero days. Patches just out now.
Preauth RCE being used to drop webshells to backdoor orgs. CVE-2025-7775 is the main problem.
Orgs will need to do IR afterwards as technical details emerge of backdoor.
##updated 2025-08-26T21:32:13
1 posts
updated 2025-08-26T21:31:17
1 posts
Two new listings by Nvidia:
High severity: NVIDIA NeMo Curator -CVE-2025-23307, code injection vulnerability affecting Windows. Linux, MacOS https://nvidia.custhelp.com/app/answers/detail/a_id/5690
High severity: NVIDIA NeMo Framework, affecting several CVEs: https://nvidia.custhelp.com/app/answers/detail/a_id/5689 #Nvidia #cybersecurity #infosec
##updated 2025-08-26T18:32:22
1 posts
And more D-Link:
https://www.cve.org/CVERecord?id=CVE-2025-29520
https://www.cve.org/CVERecord?id=CVE-2025-29521
https://www.cve.org/CVERecord?id=CVE-2025-29522
https://www.cve.org/CVERecord?id=CVE-2025-51281
And a few DASAN ones to mix it up:
https://www.cve.org/CVERecord?id=CVE-2025-29524
##updated 2025-08-26T18:32:22
1 posts
And more D-Link:
https://www.cve.org/CVERecord?id=CVE-2025-29520
https://www.cve.org/CVERecord?id=CVE-2025-29521
https://www.cve.org/CVERecord?id=CVE-2025-29522
https://www.cve.org/CVERecord?id=CVE-2025-51281
And a few DASAN ones to mix it up:
https://www.cve.org/CVERecord?id=CVE-2025-29524
##updated 2025-08-26T18:32:22
1 posts
And more D-Link:
https://www.cve.org/CVERecord?id=CVE-2025-29520
https://www.cve.org/CVERecord?id=CVE-2025-29521
https://www.cve.org/CVERecord?id=CVE-2025-29522
https://www.cve.org/CVERecord?id=CVE-2025-51281
And a few DASAN ones to mix it up:
https://www.cve.org/CVERecord?id=CVE-2025-29524
##updated 2025-08-26T18:32:22
1 posts
And more D-Link:
https://www.cve.org/CVERecord?id=CVE-2025-29520
https://www.cve.org/CVERecord?id=CVE-2025-29521
https://www.cve.org/CVERecord?id=CVE-2025-29522
https://www.cve.org/CVERecord?id=CVE-2025-51281
And a few DASAN ones to mix it up:
https://www.cve.org/CVERecord?id=CVE-2025-29524
##updated 2025-08-26T16:15:33.833000
1 posts
And more D-Link:
https://www.cve.org/CVERecord?id=CVE-2025-29520
https://www.cve.org/CVERecord?id=CVE-2025-29521
https://www.cve.org/CVERecord?id=CVE-2025-29522
https://www.cve.org/CVERecord?id=CVE-2025-51281
And a few DASAN ones to mix it up:
https://www.cve.org/CVERecord?id=CVE-2025-29524
##updated 2025-08-26T16:15:33.623000
1 posts
updated 2025-08-26T15:31:08
1 posts
I think I already shared the repo for these Linksys ones, but here are some CVEs.
https://www.cve.org/CVERecord?id=CVE-2025-9481
https://www.cve.org/CVERecord?id=CVE-2025-9482
And a Mistrastar fiber modem one to make up for it:
https://gist.github.com/geraldog/2d07fdedbbb79d822e9df4b75f882a63
##updated 2025-08-26T15:31:07
2 posts
Citrix: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424 https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938&articleTitle=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_7775_CVE_2025_7776_and_CVE_2025_8424
The Hacker News: Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775 https://thehackernews.com/2025/08/citrix-patches-three-netscaler-flaws.html @thehackernews #cybersecurity #infosec
##Ope, there's another one published.
##updated 2025-08-26T15:30:57
1 posts
updated 2025-08-26T15:30:56
1 posts
Finding and Exploiting CVE-2025-50674 in OpenMediaVault https://xbz0n.sh/blog/CVE-2025-50674
##updated 2025-08-26T14:45:27.957000
5 posts
37 repos
https://github.com/ppd520/CVE-2025-48384
https://github.com/f1shh/CVE-2025-48384
https://github.com/kallydev/cve-2025-48384-hook
https://github.com/wzx5002/CVE-2025-48384
https://github.com/beishanxueyuan/CVE-2025-48384-test
https://github.com/nguyentranbaotran/cve-2025-48384-poc
https://github.com/altm4n/cve-2025-48384-hub
https://github.com/p1026/CVE-2025-48384
https://github.com/fishyyh/CVE-2025-48384
https://github.com/ECHO6789/CVE-2025-48384-submodule
https://github.com/butyraldehyde/CVE-2025-48384-PoC
https://github.com/acheong08/CVE-2025-48384
https://github.com/liamg/CVE-2025-48384-submodule
https://github.com/beishanxueyuan/CVE-2025-48384
https://github.com/greatyy/CVE-2025-48384-p
https://github.com/jideasn/cve-2025-48384
https://github.com/fluoworite/CVE-2025-48384
https://github.com/jacobholtz/CVE-2025-48384-submodule
https://github.com/simplyfurious/CVE-2025-48384-submodule_test
https://github.com/wzx5002/totallynotsuspicious
https://github.com/admin-ping/CVE-2025-48384-RCE
https://github.com/Anezatraa/CVE-2025-48384-submodule
https://github.com/replicatorbot/CVE-2025-48384
https://github.com/elprogramadorgt/CVE-2025-48384
https://github.com/butyraldehyde/CVE-2025-48384-PoC-Part2
https://github.com/fluoworite/CVE-2025-48384-sub
https://github.com/jacobholtz/CVE-2025-48384-poc
https://github.com/NigelX/CVE-2025-48384
https://github.com/testdjshan/CVE-2025-48384
https://github.com/IK-20211125/CVE-2025-48384
https://github.com/fishyyh/CVE-2025-48384-POC
https://github.com/vinieger/vinieger-CVE-2025-48384-Dockerfile
https://github.com/liamg/CVE-2025-48384
https://github.com/altm4n/cve-2025-48384
https://github.com/replicatorbot/CVE-2025-48384-POC
CISA warns of active exploits targeting a Git flaw (CVE-2025-48384) enabling arbitrary code execution via malicious submodules 🧠
Git mishandles \r in config files—attackers can hijack machines when users clone tainted repos ⚠️
Patch deadline for U.S. agencies: Sept 15 ⏳
Fixes available in Git 2.43.7+ 🔧
Also added: Citrix Session Recording RCE & privilege escalation bugs 🖥️
#CyberSecurity #Git #CISA #InfoSec #ZeroDay #DevSecOps #Code #Citrix #Security #OpenSource #CVE
##CISA warns of active exploitation of Git flaw
CISA is warning of active exploitation of CVE-2025-48384, a Git vulnerability that allows attackers to achieve arbitrary file writes and code execution when users clone malicious repositories containing submodules by exploiting inconsistent carriage return handling in configuration files.
**Update your local Git to the latest patched version (v2.50.1 or newer). This exploit allows attackers to execute malicious code when you clone repositories. Until patched, avoid using git clone --recursive on any repositories from untrusted sources, and be extra cautious when cloning repos with submodules from external developers or public repositories.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-warns-of-active-exploitation-of-git-flaw-t-l-0-b-d/gD2P6Ple2L
Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384) https://www.helpnetsecurity.com/2025/08/26/git-vulnerability-exploited-cve-2025-48384/ #softwaredevelopment #vulnerability #Don'tmiss #Hotstuff #News #CISA #Git #PoC
##CVE ID: CVE-2025-48384
Vendor: Git
Product: Git
Date Added: 2025-08-25
Notes: This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9 ; https://access.redhat.com/errata/RHSA-2025:13933 ; https://alas.aws.amazon.com/AL2/ALAS2-2025-2941.html ; https://linux.oracle.com/errata/ELSA-2025-11534.html ; https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48384 ; https://nvd.nist.gov/vuln/detail/CVE-2025-48384
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-48384
CISA added CVE-2025-48384, CVE-2024-8069, and CVE-2024-8068 to the KEV Catalog.
##updated 2025-08-26T14:44:23.440000
3 posts
1 repos
https://github.com/XiaomingX/cve-2024-8069-exp-Citrix-Virtual-Apps-XEN
Cisa warns of actively exploited flaws in Citrix
CISA is warning of active exploitation of two Citrix Session Recording vulnerabilities (CVE-2024-8069 and CVE-2024-8068) that allow authenticated attackers to achieve code execution and privilege escalation within corporate networks. Despite patches being available since November 2024, many organizations are vulnerable to ongoing attacks.
**If you are using Citrix and Virtual apps, the time for debate is over. Yes, the severity is low, but the flaws are being exploited. So don't wait, update your Citrix installations NOW!**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-issues-alert-on-citrix-flaws-actively-exploited-by-hackers-gbhackers-7-g-h-3-2/gD2P6Ple2L
CVE ID: CVE-2024-8069
Vendor: Citrix
Product: Session Recording
Date Added: 2025-08-25
Notes: https://support.citrix.com/external/article/691941/citrix-session-recording-security-bullet.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-8069
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-8069
CISA added CVE-2025-48384, CVE-2024-8069, and CVE-2024-8068 to the KEV Catalog.
##updated 2025-08-26T13:41:58.950000
2 posts
Citrix: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424 https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938&articleTitle=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_7775_CVE_2025_7776_and_CVE_2025_8424
The Hacker News: Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775 https://thehackernews.com/2025/08/citrix-patches-three-netscaler-flaws.html @thehackernews #cybersecurity #infosec
##The new NetScaler CVEs for the EITW 0days are published. No, not those ones. No, not those ones either. These are new ones. Yes, newer than those new ones you're thinking of.
##updated 2025-08-26T06:30:59
11 posts
3 repos
https://github.com/XiaomingX/CVE-2025-43300-exp
Jen několik dní poté, co Apple opravil kritickou zranitelnost v iOS a macOS, která mohla být hackery zneužita, vychází najevo nové informace. Útočníci podle zjištění kombinovali chybu v operačních systémech Applu (CVE-2025-43300) s nyní již opravenou chybou ve WhatsAppu (CVE-2025-55177).
https://www.letemsvetemapplem.eu/2025/09/01/hackeri-spojili-chyby-v-ios-a-whatsappu-zvladli-diky-tomu-spehovat-uzivatele/
🚨 WhatsApp patches CVE-2025-55177 zero-day exploited with Apple CVE-2025-43300 in advanced spyware attacks.
WhatsApp has urged some users to perform a factory reset + OS updates.
Are messaging apps the frontline of spyware warfare now?
💬 Share your thoughts & follow @technadu for daily zero-day + infosec updates.
Meta says it patched a zero-click exploit (CVE-2025-55177) that appears to have been used together with a recent iOS zero-day (CVE-2025-43300)
##Apple has released a critical security update for a zero-day flaw (CVE-2025-43300) affecting iPhones, iPads, and Macs. The bug, which is being actively exploited, allows a malicious image to compromise your device. Update now. https://pupuweb.com/apple-released-critical-security-updates-fix-zero-day-vulnerability-ios-ipados-macos/ #Apple #CyberSecurity #InfoSec
##iOS 18.6.1 0-click RCE POC
Link: https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md
Discussion: https://news.ycombinator.com/item?id=45019671
iOS 18.6.1 0-click RCE POC
Link: https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md
Discussion: https://news.ycombinator.com/item?id=45019671
iOS 18.6.1 0-click RCE POC
https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md
##iOS 18.6.1 zero-click remote code execution proof-of-concept
https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md
#HackerNews #iOS #zero-click #security #remote #code #execution #proof-of-concept #vulnerability
##iOS 18.6.1 0-click RCE POC https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md
##Detecting CVE-2025-43300: A Deep Dive into Apple's DNG Processing Vulnerability | Matt Suiche https://www.msuiche.com/posts/detecting-cve-2025-43300-a-deep-dive-into-apples-dng-processing-vulnerability/
##Pilna aktualizacja dla iPhone’ów. Apple i polskie wojsko ostrzegają przed groźną luką w iOS
Apple udostępniła krytyczną aktualizację bezpieczeństwa do wersji iOS 18.6.2. Zarówno producent, jak i polskie Wojska Obrony Cyberprzestrzeni, wzywają do jej natychmiastowej instalacji. Powodem jest groźna luka w oprogramowaniu, która jest już aktywnie wykorzystywana przez hakerów w cyberatakach.
Komunikat o zagrożeniu został opublikowany m.in. na oficjalnych kanałach Wojsk Obrony Cyberprzestrzeni. Eksperci wojskowi podkreślają, że wykryta luka jest już wykorzystywana w atakach, a kilkuminutowa aktualizacja „może ochronić dane i prywatność” użytkowników. To rzadka sytuacja, w której krajowa jednostka ds. cyberbezpieczeństwa wydaje tak bezpośrednie zalecenie dotyczące oprogramowania konsumenckiego.
🚨 PILNE⁰W systemie iOS wykryto poważną lukę bezpieczeństwa, która jest już aktywnie wykorzystywana w cyberatakach.
📲 Apple udostępniło aktualizację iOS 18.6.2 – warto zainstalować ją jak najszybciej. To tylko kilka minut, które mogą ochronić dane i prywatność.#CyberSecurity… pic.twitter.com/NiEck7GfNX
— Karol Molenda (@MolendaKarol) August 23, 2025
Samo Apple potwierdziło powagę sytuacji, informując w nocie bezpieczeństwa, że jest „świadome raportów mówiących o wykorzystaniu tej luki w atakach na konkretne osoby”. Taka deklaracja oznacza, że mamy do czynienia z podatnością typu zero-day – czyli taką, o której cyberprzestępcy dowiedzieli się przed producentem i zdążyli ją wykorzystać, zanim powstała oficjalna poprawka. Z ujawnionych informacji wynika, że luka (CVE-2025-43300) tkwi w systemowym frameworku ImageIO i może zostać aktywowana przez przetworzenie złośliwie spreparowanego pliku graficznego.
Ani Apple, ani wojsko nie precyzują, kto jest celem ataków. Jednak ze względu na charakter luki, zalecenie aktualizacji dotyczy wszystkich użytkowników. Narażone są modele iPhone XS i nowsze.
Aby zainstalować aktualizację, należy wejść w Ustawienia > Ogólne > Uaktualnienia i wybrać opcję instalacji iOS 18.6.2. Jeśli włączone są aktualizacje automatyczne, urządzenie powinno samo pobrać i zainstalować łatkę. Ze względu na powagę zagrożenia, nie warto jednak z tym zwlekać.
#aktualizacja #Apple #Bezpieczeństwo #cyberbezpieczeństwo #hakerzy #iOS #iPhone #lukaBezpieczeństwa #news #WojskaObronyCyberprzestrzeni #zeroDay
##updated 2025-08-26T00:31:20
1 posts
updated 2025-08-26T00:31:20
1 posts
And more D-Link:
https://www.cve.org/CVERecord?id=CVE-2025-29520
https://www.cve.org/CVERecord?id=CVE-2025-29521
https://www.cve.org/CVERecord?id=CVE-2025-29522
https://www.cve.org/CVERecord?id=CVE-2025-51281
And a few DASAN ones to mix it up:
https://www.cve.org/CVERecord?id=CVE-2025-29524
##updated 2025-08-26T00:31:13
1 posts
updated 2025-08-26T00:31:12
1 posts
updated 2025-08-25T20:24:45.327000
1 posts
And more D-Link:
https://www.cve.org/CVERecord?id=CVE-2025-29520
https://www.cve.org/CVERecord?id=CVE-2025-29521
https://www.cve.org/CVERecord?id=CVE-2025-29522
https://www.cve.org/CVERecord?id=CVE-2025-51281
And a few DASAN ones to mix it up:
https://www.cve.org/CVERecord?id=CVE-2025-29524
##updated 2025-08-25T20:24:45.327000
1 posts
updated 2025-08-25T20:24:45.327000
1 posts
Moxa PrivEsc.
##An Unquoted Search Path vulnerability has been identified in the utility for Moxa’s industrial computers (Windows). Due to the unquoted path configuration in the SerialInterfaceService.exe utility, a local attacker with limited privileges could place a malicious executable in a higher-priority directory within the search path. When the Serial Interface service starts, the malicious executable could be run with SYSTEM privileges. Successful exploitation could allow privilege escalation or enable an attacker to maintain persistence on the affected system. While successful exploitation can severely impact the confidentiality, integrity, and availability of the affected device itself, there is no loss of confidentiality, integrity, or availability within any subsequent systems.
updated 2025-08-25T18:36:04.440000
1 posts
1 repos
Microsoft announced critical patches for two Windows security flaws (CVE-2025-55229 & CVE-2025-55230), but the updates are missing. Confused? Here's what you need to do to stay safe until the official fix is released. #WindowsSecurity #CyberSec #InfoSec #CVE
https://pupuweb.com/what-windows-certificate-spoofing-flaws-cve-2025-55229-mdt-cve-2025-55230/
##updated 2025-08-25T15:32:07
1 posts
Cisco has tagged GCC Productions Inc. for zero-day reports, impacting CVE-2025-54462 and CVE-2025-53853 https://talosintelligence.com/vulnerability_info @TalosSecurity #cybersecurity #Infosec #zeroday
##updated 2025-08-25T09:32:09
1 posts
I keep getting surprised by how many different FTP services there are out there. But I only find out about them via vulns like this.
https://www.cve.org/CVERecord?id=CVE-2025-7426
##Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of automated business processes (e.g. EDI or data integration), this could lead to data manipulation, extraction, or abuse. Debug ports 1602, 1603 and 1636 also expose service architecture information and system activity logs
updated 2025-08-25T09:32:08
4 posts
Critical Google Cloud Dataform path traversal flaw enables cross-tenant data access
Google patched a critical path traversal vulnerability (CVE-2025-9118) in Google Cloud Dataform's NPM package installation process that allowed unauthenticated attackers to bypass multi-tenant security boundaries and read/write files in other customers' repositories. The flaw affected all Dataform environments using NPM package installation before August 21, 2025.
**If you use Google Cloud Dataform, be aware of this vulnerability. You can't do anything about it, it's already patched. But still be aware of the flaw for vendor evaluation, and to review your Dataform repositories for any unexpected changes or unknown code that may have been added before August 21, 2025, when the fix was deployed.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-google-cloud-dataform-path-traversal-flaw-enables-cross-tenant-data-access-t-f-v-c-0/gD2P6Ple2L
🚨CVE-2025-9118: Google Cloud Dataform NPM Path Traversal Vulnerability
CVSS: 10
https://darkwebinformer.com/cve-2025-9118-google-cloud-dataform-npm-path-traversal-vulnerability/
##A "perfect 10" ../
in a Google Cloud product is not how I expected to start my Monday but I'll take it. 🥳 Too bad it appears the advisory is behind a login.
https://cloud.devsite.corp.google.com/dataform/docs/security-bulletins#gcp-2025-045
sev:CRIT 10.0 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H
##A path traversal vulnerability in the NPM package installation process of Google Cloud Dataform allows a remote attacker to read and write files in other customers' repositories via a maliciously crafted package.json file.
🚨 CVE-2025-9118 (CRITICAL): Google Cloud Dataform path traversal in NPM install lets remote attackers access & modify files in other customers' repos via crafted package.json. Audit deployments now. https://radar.offseq.com/threat/cve-2025-9118-cwe-22-improper-limitation-of-a-path-ff8f06cd #OffSeq #CloudSecurity #PathTraversal
##updated 2025-08-22T21:31:25
2 posts
🚨CVE-2025-26496: Salesforce Tableau Server and Desktop Type Confusion Vulnerability Allows Local Code Inclusion via File Upload
CVSS: 9.6
ZoomEye Dork: app="Tableau Server"
ZoomEye Link: https://www.zoomeye.ai/searchResult?q=YXBwPSJUYWJsZWF1IFNlcnZlciI%3D&from=25082501
Results: 169,926
GitHub Advisory: https://github.com/advisories/GHSA-pf6x-cjmp-qqqq
———————
Follow @zoomeye_team's official Twitter/X account and send the message “Dark Web Informer” via DM to receive a 7-day trial Professional membership, a $1,090/Year USD value. 💙
##Salesforce patches multiple flaws in Tableau Server, at least one critical
Salesforce has patched multiple critical vulnerabilities in Tableau Server and Desktop, including a severe type confusion flaw (CVE-2025-26496) that enables authenticated attackers to execute malicious code and several path traversal vulnerabilities that allow writing files to arbitrary server locations.
**If you use Tableau Server or Tableau Desktop, plan an update to the latest version - especially if you have external untrusted users on the server. Even if you only have internal users, it's still wise to patch, because user accounts can be hacked via infostealers, phishing or malware. Or just have a disgruntled employee.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/salesforce-patches-multiple-flaws-in-tableau-server-at-least-one-critical-k-t-i-0-c/gD2P6Ple2L
updated 2025-08-22T18:09:17.710000
1 posts
Critical Directus vulnerability enables unauthenticated file upload and remote code execution
Directus has disclosed CVE-2025-55746 , a critical path traversal vulnerability affecting versions 10.8.0 through 11.9.2 that allows unauthenticated attackers to upload arbitrary files and achieve complete system compromise using only network access and a single file UUID.
**If you're running Directus, immediately upgrade to version 11.9.3 or later. There's a critical flaw and your system is probably exposed on the internet. Attackers will automate exploitation very quickly. If you can't upgrade immediately, isolate your Directus instance from internet access until you can patch.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-directus-vulnerability-enables-unauthenticated-file-upload-and-remote-code-execution-d-d-z-c-x/gD2P6Ple2L
updated 2025-08-22T14:15:47.790000
13 posts
1 repos
Docker patches a critical #DockerDesktop vulnerability (CVE-2025-9074) that allowed attackers to escape containers and seize host control on Windows and macOS.
Read: https://hackread.com/docker-desktop-vulnerability-host-takeover-windows-macos/
##Tracked as CVE-2025-9074 (CVSS score of 9.3), the flaw is a container escape issue that impacts the Windows and macOS iterations of the application. securityweek.com/docker-desktop-vulnerability-leads-to-host-compromise/
##CVE-2025-9074 : cette faille critique dans Docker Desktop permet de pirater Windows https://www.it-connect.fr/cve-2025-9074-cette-faille-critique-dans-docker-desktop-permet-de-pirater-windows/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #Windows #Docker #Apple
##I played in a little team with Valkerie and others looking at hypervisor escapes back forever ago. Hardcore shit, that.
Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3
https://thehackernews.com/2025/08/docker-fixes-cve-2025-9074-critical.html
##Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3 – Source:thehackernews.com https://ciso2ciso.com/docker-fixes-cve-2025-9074-critical-container-escape-vulnerability-with-cvss-score-9-3-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #TheHackerNews #docker
##Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3 https://thehackernews.com/2025/08/docker-fixes-cve-2025-9074-critical.html
##Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3 https://thehackernews.com/2025/08/docker-fixes-cve-2025-9074-critical.html
##Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3 https://thehackernews.com/2025/08/docker-fixes-cve-2025-9074-critical.html
##When a SSRF is enough: Full Docker Escape on Windows Docker Desktop (CVE-2025-9074)); Unprotected API https://blog.qwertysecurity.com/Articles/blog3.html
##Benutzt hier jemand Docker Desktop?
##updated 2025-08-21T21:32:13
1 posts
Microsoft announced critical patches for two Windows security flaws (CVE-2025-55229 & CVE-2025-55230), but the updates are missing. Confused? Here's what you need to do to stay safe until the official fix is released. #WindowsSecurity #CyberSec #InfoSec #CVE
https://pupuweb.com/what-windows-certificate-spoofing-flaws-cve-2025-55229-mdt-cve-2025-55230/
##updated 2025-08-21T21:32:02
1 posts
not sure if cR0w posted this but go hack drupal alogin (if you can craft an exploit, b/c there's no public one. maybe check the update diffs?)
##updated 2025-08-15T19:37:01.457000
2 posts
7 repos
https://github.com/kk12-30/CVE-2025-4123
https://github.com/imbas007/CVE-2025-4123-template
https://github.com/ynsmroztas/CVE-2025-4123-Exploit-Tool-Grafana-
https://github.com/punitdarji/Grafana-cve-2025-4123
https://github.com/B1ack4sh/Blackash-CVE-2025-4123
CVE-2025-4123: Critical XSS Vulnerability in Grafana Explained with PoC
Credit: youtube.com/@certcubelabs
##CVE-2025-4123: Critical XSS Vulnerability in Grafana Explained with PoC
Credit: youtube.com/@certcubelabs
##updated 2025-08-15T18:15:27.583000
1 posts
2 repos
https://github.com/watchtowrlabs/watchTowr-vs-FortiSIEM-CVE-2025-25256
Should #Security Solutions Be Secure? Maybe We're All Wrong - #Fortinet #FortiSIEM Pre-Auth Command Injection (CVE-2025-25256)
##updated 2025-08-15T15:31:25
1 posts
1 repos
Netskope Client for Windows - Local Privilege Escalation via Rogue Server (CVE-2025-0309) https://blog.amberwolf.com/blog/2025/august/advisory---netskope-client-for-windows---local-privilege-escalation-via-rogue-server/
##updated 2025-08-14T15:30:44
1 posts
1 repos
SQL dumps created with current releases of "pg_dump" (namely 17.6, 16.10, 15.14, 14.19 or 13.22) can no longer be loaded with earlier versions of "psql" because they contain new "\restrict" commands that did not exist in earlier versions and will cause "invalid command" errors. The reason for this change is CVE-2025-8714. Strange to see breaking changes in a project like #Postgres #PostgreSQL
##updated 2025-08-04T18:31:35
1 posts
1 repos
Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot.
Aim Labs reported CVE-2025-32711 against Microsoft 365 Copilot back in January, and the fix is now rolled out.
This is an extended variant of the prompt injection exfiltration attacks we've seen in a dozen different products already:
an attacker gets malicious instructions into an LLM system which cause it to access private data and then embed that in the URL of a Markdown link,
hence stealing that data (to the attacker's own logging server) when that link is clicked
https://simonwillison.net/2025/Jun/11/echoleak/
updated 2025-07-23T17:51:56.027000
7 posts
3 repos
https://github.com/blueisbeautiful/CVE-2025-54309
https://github.com/watchtowrlabs/watchTowr-vs-CrushFTP-Authentication-Bypass-CVE-2025-54309
Using CrushFTP? A critical zero-day flaw gives attackers full server control without a password. It's being actively exploited. Learn how to check your version and apply the urgent patch now with our guide. #CrushFTP #CyberSecurity #Vulnerability
https://pupuweb.com/how-to-check-and-fix-critical-crushftp-security-flaw-cve-2025-54309/
##🚨 Hackers are exploiting a CrushFTP Zero-Day (CVE-2025-54309) to gain admin access and take over servers. Update to v10.8.5 or v11.3.4 now!
Read: https://hackread.com/hackers-exploit-crushftp-zero-day-take-over-servers/
##PoC Exploit Released for CrushFTP 0-day Vulnerability (CVE-2025-54309) https://cybersecuritynews.com/poc-exploit-crushftp-0-day-vulnerability/ #CyberSecurityNews #VulnerabilityNews #cybersecuritynews #Vulnerabilities #cybersecurity #vulnerability
##New.
WatchTower: The One Where We Just Steal The Vulnerabilities (CrushFTP CVE-2025-54309) https://labs.watchtowr.com/the-one-where-we-just-steal-the-vulnerabilities-crushftp-cve-2025-54309/ #cybersecurity #infosec
##Jerks... put it back!
https://labs.watchtowr.com/the-one-where-we-just-steal-the-vulnerabilities-crushftp-cve-2025-54309/
##watchTowr has a write-up on last month's CrushFTP vuln CVE-2025-54309. Always a good way to start your day. Or end it or whatever, IDK where you are.
https://labs.watchtowr.com/the-one-where-we-just-steal-the-vulnerabilities-crushftp-cve-2025-54309/
##The One Where We Just Steal The Vulnerabilities (CrushFTP CVE-2025-54309) - watchTowr Labs https://labs.watchtowr.com/the-one-where-we-just-steal-the-vulnerabilities-crushftp-cve-2025-54309
##updated 2025-07-14T00:31:13
1 posts
updated 2025-07-08T16:18:53.607000
2 posts
🚨 CVE-2025-49870: High-risk SQLi in WordPress Paid Membership Subscriptions plugin (10K+ sites).
✅ Fixed in v2.15.2
❌ Exploitable without login
💥 Attackers could query or tamper with DB data
Still shocking to see SQL injection so prevalent in 2025.
💬 Are devs overlooking basics, or is plugin culture the real issue?
🔔 Follow @technadu for more threat intel.
#WordPress #SQLInjection #Vulnerability #PluginSecurity #WebSecurity #DataExposure #CMSecurity
##🚨 CVE-2025-49870: High-risk SQLi in WordPress Paid Membership Subscriptions plugin (10K+ sites).
✅ Fixed in v2.15.2
❌ Exploitable without login
💥 Attackers could query or tamper with DB data
Still shocking to see SQL injection so prevalent in 2025.
💬 Are devs overlooking basics, or is plugin culture the real issue?
🔔 Follow @technadu for more threat intel.
#WordPress #SQLInjection #Vulnerability #PluginSecurity #WebSecurity #DataExposure #CMSecurity
##updated 2025-07-01T18:19:45.547000
2 posts
3 repos
https://github.com/lex1010/CVE-2025-6543
https://github.com/grupooruss/Citrix-cve-2025-6543
https://github.com/abrewer251/CVE-2025-6543_CitrixNetScaler_PoC
New by me - Citrix have forgot to tell you a zero day was under exploitation earlier this year to successfully backdoor devices at "critical" organisations, and no vendor released technical details.
More to come, including on CVE-2025-7775 too.
doublepulsar.com/citrix-forgo...
Citrix forgot to tell you CVE-...
New by me: Citrix forgot to tell you there was a zero day RCE vulnerability used widely since at least May in Netscaler.
Nobody released any technical information until now.
It has been used to pop "critical" organisations in the Netherlands and worldwide.
What to do:
##updated 2025-04-08T18:34:54
1 posts
Struggling with Kerberos errors after the CVE-2025-26647 patch? Audit Mode might be silent, but Enforcement Mode can still break network authentication. Find the hidden certificate issues before the October deadline. Your fix is here. #WindowsServer #SysAdmin #Kerberos
https://pupuweb.com/why-windows-allowntauthpolicybypass-block-network-fix-cve-2025-26647-errors/
##updated 2025-04-04T17:34:25.457000
1 posts
updated 2025-02-13T19:20:38
1 posts
30 repos
https://github.com/infokek/activemq-honeypot
https://github.com/X1r0z/ActiveMQ-RCE
https://github.com/SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ
https://github.com/minhangxiaohui/ActiveMQ_CVE-2023-46604
https://github.com/trganda/ActiveMQ-RCE
https://github.com/hh-hunter/cve-2023-46604
https://github.com/mranv/honeypot.rs
https://github.com/vulncheck-oss/cve-2023-46604
https://github.com/cuanh2333/CVE-2023-46604
https://github.com/CCIEVoice2009/CVE-2023-46604
https://github.com/tomasmussi/activemq-cve-2023-46604
https://github.com/nitzanoligo/CVE-2023-46604-demo
https://github.com/stegano5/ExploitScript-CVE-2023-46604
https://github.com/skrkcb2/CVE-2023-46604
https://github.com/justdoit-cai/CVE-2023-46604-Apache-ActiveMQ-RCE-exp
https://github.com/evkl1d/CVE-2023-46604
https://github.com/vjayant93/CVE-2023-46604-POC
https://github.com/NKeshawarz/CVE-2023-46604-RCE
https://github.com/duck-sec/CVE-2023-46604-ActiveMQ-RCE-pseudoshell
https://github.com/thinkycx/activemq-rce-cve-2023-46604
https://github.com/h3x3h0g/ActiveMQ-RCE-CVE-2023-46604-Write-up
https://github.com/ImuSpirit/ActiveMQ_RCE_Pro_Max
https://github.com/Mudoleto/Broker_ApacheMQ
https://github.com/dcm2406/CVE-2023-46604
https://github.com/LiritoShawshark/CVE-2023-46604_ActiveMQ_RCE_Recurrence
https://github.com/pulentoski/CVE-2023-46604
https://github.com/Arlenhiack/ActiveMQ-RCE-Exploit
https://github.com/Anekant-Singhai/Exploits
🧨 Another week, another “old” vuln under active exploitation:
"Apache ActiveMQ Flaw Exploited to Deploy DripDropper Malware on Cloud Linux Systems" - The Hacker News
CVE-2023-46604 in Apache ActiveMQ isn’t new - but attackers still use it to get RCE through a single, unauthenticated request.
If you’re in charge of vulnerability monitoring or reporting, here’s the frustrating part:
🚩 The vuln looks patched in some setups
🚩 Detection often stops at banner grabs
🚩 You still need to prove exploitability with evidence
That’s why we built an exploit for it back in 2023 which is part of our Sniper: Auto-Exploiter.
With Pentest-Tools.com, you can:
✅ Detect vulnerable ActiveMQ targets
✅ Confirm exploitability with real PoC payloads
✅ Collect evidence (local users, local files and processes)
No ambiguity. No guessing. Just proof.
Check out the news, the CVE details & more:
🔎 CVE-2023-46604 specs: https://pentest-tools.com/vulnerabilities-exploits/apache-activemq-remote-code-execution_22490
🗞️ Read the news: https://thehackernews.com/2025/08/apache-activemq-flaw-exploited-to.html
💪 Get proof: https://pentest-tools.com/exploit-helpers/sniper
##updated 2024-11-21T04:42:29.523000
1 posts
Dell has issued a security update for CVE-2019-3767 - Dell ImageAssist for an Information Disclosure Vulnerability https://www.dell.com/support/kbdoc/en-us/000137539/dsa-2019-139-dell-imageassist-security-update-for-an-information-disclosure-vulnerability
Dell SupportAssist for Business PCs and Dell SupportAssist for Home PCs Security Update for PC Doctor Vulnerability CVE-2019-12280 https://www.dell.com/support/kbdoc/en-us/000140046/dsa-2019-084-dell-supportassist-for-business-pcs-and-dell-supportassist-for-home-pcs-security-update-for-pc-doctor-vulnerability
Critical, from yesterday, affecting multiple CVEs:
Security Update for Dell PowerProtect Data Manager for Multiple Security Vulnerabilities https://www.dell.com/support/kbdoc/en-us/000223556/dsa-2024-132-security-update-dell-power-protect-data-manager-for-multiple-security-vulnerabilities
More here: https://www.dell.com/support/security/en-us #Dell #cybersecurity #Infosec
##updated 2024-11-14T18:30:34
3 posts
Cisa warns of actively exploited flaws in Citrix
CISA is warning of active exploitation of two Citrix Session Recording vulnerabilities (CVE-2024-8069 and CVE-2024-8068) that allow authenticated attackers to achieve code execution and privilege escalation within corporate networks. Despite patches being available since November 2024, many organizations are vulnerable to ongoing attacks.
**If you are using Citrix and Virtual apps, the time for debate is over. Yes, the severity is low, but the flaws are being exploited. So don't wait, update your Citrix installations NOW!**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-issues-alert-on-citrix-flaws-actively-exploited-by-hackers-gbhackers-7-g-h-3-2/gD2P6Ple2L
CVE ID: CVE-2024-8068
Vendor: Citrix
Product: Session Recording
Date Added: 2025-08-25
Notes: https://support.citrix.com/external/article/691941/citrix-session-recording-security-bullet.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-8068
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-8068
CISA added CVE-2025-48384, CVE-2024-8069, and CVE-2024-8068 to the KEV Catalog.
##updated 2024-07-08T15:31:55
1 posts
1 repos
So, uh, fuck canonical, once again. Guess I made the mistake of believing the "5years with current lts" thing....
https://ubuntu.com/security/CVE-2024-39844 - its been pretty much a year now & while fixes are available for LTS ... that only applies if you are on 22.04 specifically or on (paid) Ubuntu Pro. Notably still vulnerable (one year later!!!) is 24.04 LTS. Because why patch the recent one....
##updated 2024-04-11T19:37:36
1 posts
A bridge too far 😆. Broadcom has listed two new vulnerabilities, and a login is needed for details:
Endevor Bridge for Git 2.15.13 vulnerabilities - false positives
Endevor Bridge for Git 2.15.13 - JGit CVE-2023-4759 https://support.broadcom.com/web/ecx/security-advisory #cybersecurity #infosec #Broadcom
updated 2024-04-04T01:02:58
1 posts
Dell has issued a security update for CVE-2019-3767 - Dell ImageAssist for an Information Disclosure Vulnerability https://www.dell.com/support/kbdoc/en-us/000137539/dsa-2019-139-dell-imageassist-security-update-for-an-information-disclosure-vulnerability
Dell SupportAssist for Business PCs and Dell SupportAssist for Home PCs Security Update for PC Doctor Vulnerability CVE-2019-12280 https://www.dell.com/support/kbdoc/en-us/000140046/dsa-2019-084-dell-supportassist-for-business-pcs-and-dell-supportassist-for-home-pcs-security-update-for-pc-doctor-vulnerability
Critical, from yesterday, affecting multiple CVEs:
Security Update for Dell PowerProtect Data Manager for Multiple Security Vulnerabilities https://www.dell.com/support/kbdoc/en-us/000223556/dsa-2024-132-security-update-dell-power-protect-data-manager-for-multiple-security-vulnerabilities
More here: https://www.dell.com/support/security/en-us #Dell #cybersecurity #Infosec
##updated 2023-02-20T05:05:40
1 posts
Ah, I've been reminded of my favourite vulnerability ever: CVE-2009-1897
Most old links detailing it appear dead now, but here's a high level overview from RedHat: https://www.redhat.com/en/blog/security-flaws-caused-compiler-optimizations
I remember this one blowing my goddamn mind when I was a wee young thing working on my MSc in cyber.
Correct code in C resulting in a vulnerability when executed due to compiler optimisations altering the expected behaviour.
##updated 2023-01-31T05:08:53
1 posts
@vaurora old research (
CVE-2010-0104) by @corsac @guedou Olivier Levillain and Loïc Duflot: https://cyber.gouv.fr/sites/default/files/IMG/pdf/csw-trustnetworkcard.pdf
Result: RCE on host
Further reseach by Guillaume Delugré on how to build a debugger using the NIC:
##CVE-2025-9812: HIGH risk buffer overflow in Tenda CH22 1.0.0.1 (/goform/exeCommand). Exploit code is out — remote code exec possible! Restrict interface exposure, monitor requests, and isolate devices. Details: https://radar.offseq.com/threat/cve-2025-9812-buffer-overflow-in-tenda-ch22-badfe5e2 #OffSeq #CVE2025 #IoTSecurity
##⚠️ CVE-2025-9815 (HIGH): alaneuler batteryKid ≤2.1 on macOS has a missing authentication bug in PrivilegeHelper/NSXPCListener. Public exploit available—local attackers can escalate privileges. Restrict access & monitor systems! https://radar.offseq.com/threat/cve-2025-9815-missing-authentication-in-alaneuler--8493c95a #OffSeq #macOS #Infosec
##🚨 CVE-2025-9813: HIGH buffer overflow in Tenda CH22 v1.0.0.1 via /goform/SetSambaConf. Remote exploit is public. Segment affected routers, monitor traffic, and restrict access until patched. https://radar.offseq.com/threat/cve-2025-9813-buffer-overflow-in-tenda-ch22-eaa1878d #OffSeq #Vulnerability #Tenda #Security
##🚨 CVE-2025-58178: HIGH severity command injection in SonarQube Scan GitHub Action (v4–5.3.0). Risk of arbitrary code execution in CI/CD. Patch to 5.3.1+ and audit workflows now! https://radar.offseq.com/threat/cve-2025-58178-cwe-77-improper-neutralization-of-s-b2a23e51 #OffSeq #SonarQube #Vulnerability #CI_CD
##🛡️ HIGH severity: CVE-2025-20707 — Use-after-free in MediaTek geniezone (Android 13–15, MT6853/6877/8893 etc.) allows local privilege escalation if System access is obtained. Patch ALPS09924201 recommended. https://radar.offseq.com/threat/cve-2025-20707-cwe-416-use-after-free-in-mediatek--f9db8a95 #OffSeq #Vuln #Android #MediaTek
##🚨 CVE-2025-6507 (CRITICAL, CVSS 9.8): h2oai/h2o-3 vulnerable to remote code execution & file read via deserialization flaw in JDBC handling. Upgrade to 3.46.0.8+ ASAP! https://radar.offseq.com/threat/cve-2025-6507-cwe-502-deserialization-of-untrusted-fcb4a255 #OffSeq #CVE20256507 #AIsecurity #Deserialization
##🔴 CRITICAL: CVE-2025-20708 impacts MediaTek modems (MT2735–MT8893, NR15–NR17R). Rogue base stations can exploit out-of-bounds write for remote privilege escalation—no user action needed. Patch MOLY01123853 ASAP! https://radar.offseq.com/threat/cve-2025-20708-cwe-787-out-of-bounds-write-in-medi-a4a70418 #OffSeq #Vuln #MediaTek
##🚨 CRITICAL: CVE-2025-54857 in Seiko SkyBridge BASIC MB-A130 (≤1.5.8) allows remote unauthenticated OS command injection with root privileges. No patch yet — urgently isolate and monitor affected systems. https://radar.offseq.com/threat/cve-2025-54857-improper-neutralization-of-special--0c9250a5 #OffSeq #Vulnerability #ICS #OTSecurity
##MEDIUM severity: CVE-2025-9569 in Sunnet eHRD CTMS enables unauthenticated reflected XSS—remote attackers may execute JS in browsers via phishing. Patch when available! https://radar.offseq.com/threat/cve-2025-9569-cwe-79-improper-neutralization-of-in-6481b125 #OffSeq #XSS #Sunnet #Infosec
##Authenticated Attackers Could Exploit IBM Watsonx Vulnerability to Access Sensitive Data https://thecyberexpress.com/decoding-cve-2025-0165-flaw/ #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE20250165 #IBMCloudPak #IBMWatsonx #CyberNews
##QNAP patches multible security vulnerabilities in legacy VioStor NVR systems
QNAP Systems patched two critical vulnerabilities in legacy VioStor NVR surveillance systems: an authentication bypass flaw (CVE-2025-52856) allowing remote unauthorized access and a path traversal vulnerability (CVE-2025-52861) enabling access to sensitive system files once admin access is gained.
**If you have QNAP Legacy VioStor NVR systems, first make sure they are isolated from the internet and accessible only from trusted networks or VPN. Then plan a quick update update to QVR 5.1.6 build 20250621 or later. And set up regular firmware update schedules to stay protected against future security flaws.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/qnap-patches-multible-security-vulnerabilities-in-legacy-viostor-nvr-systems-w-r-g-f-o/gD2P6Ple2L
🚨 New Sitecore exploit chain disclosed 🚨
- CVE-2025-53693 → HTML cache poisoning
- CVE-2025-53691 → RCE
- CVE-2025-53694 → Info disclosure
⚡ Chained → hijacked pages & code execution, even on patched systems.
💬 What’s your CMS patching approach?
Follow @technadu for more InfoSec alerts.
##1 posts
2 repos
https://github.com/blueisbeautiful/CVE-2025-53694-to-CVE-2025-53691
🚨 New Sitecore exploit chain disclosed 🚨
- CVE-2025-53693 → HTML cache poisoning
- CVE-2025-53691 → RCE
- CVE-2025-53694 → Info disclosure
⚡ Chained → hijacked pages & code execution, even on patched systems.
💬 What’s your CMS patching approach?
Follow @technadu for more InfoSec alerts.
##1 posts
2 repos
https://github.com/blueisbeautiful/CVE-2025-53694-to-CVE-2025-53691
🚨 New Sitecore exploit chain disclosed 🚨
- CVE-2025-53693 → HTML cache poisoning
- CVE-2025-53691 → RCE
- CVE-2025-53694 → Info disclosure
⚡ Chained → hijacked pages & code execution, even on patched systems.
💬 What’s your CMS patching approach?
Follow @technadu for more InfoSec alerts.
##Rage Against the Authentication State Machine (CVE-2024-28080) https://blog.silentsignal.eu/2025/06/14/gitblit-cve-CVE-2024-28080/
##LPE in Udisks.
https://access.redhat.com/security/cve/CVE-2025-8067
##A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor list and index specifying the file where the loop device should be backed. The function itself validates the index value to ensure it isn't bigger than the maximum value allowed. However, it fails to validate the lower bound, allowing the index parameter to be a negative value. Under these circumstances, an attacker can cause the UDisks daemon to crash or perform a local privilege escalation by gaining access to files owned by privileged users.