| CVE | CVSS | EPSS | Posts | Repos | Nuclei | Updated | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-49091 | 8.2 | 0.00% | 4 | 0 | 2025-06-11T01:15:20.547000 | KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. I | |
| CVE-2025-33053 | 8.8 | 0.00% | 11 | 0 | 2025-06-11T01:00:01.443000 | External control of file name or path in WebDAV allows an unauthorized attacker | |
| CVE-2025-24016 | 9.9 | 78.54% | 9 | 7 | template | 2025-06-11T01:00:01.443000 | Wazuh is a free and open source platform used for threat prevention, detection, |
| CVE-2025-2884 | None | 0.00% | 3 | 0 | 2025-06-10T21:31:22 | TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerabl | |
| CVE-2025-3052 | 8.2 | 0.00% | 7 | 0 | 2025-06-10T21:15:22.450000 | An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for co | |
| CVE-2025-27817 | 7.5 | 0.02% | 1 | 0 | 2025-06-10T20:41:37 | A possible arbitrary file read and SSRF vulnerability has been identified in Apa | |
| CVE-2025-27819 | 8.8 | 0.02% | 1 | 0 | 2025-06-10T20:21:19 | In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS J | |
| CVE-2025-37100 | 7.7 | 0.00% | 1 | 0 | 2025-06-10T18:33:27 | A vulnerability in the APIs of HPE Aruba Networking Private 5G Core could potent | |
| CVE-2025-43699 | 5.3 | 0.01% | 1 | 0 | 2025-06-10T18:33:27 | Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (Fle | |
| CVE-2025-43700 | 7.5 | 0.01% | 1 | 0 | 2025-06-10T18:33:27 | Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (Fle | |
| CVE-2025-43701 | 7.5 | 0.01% | 1 | 0 | 2025-06-10T18:33:27 | Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (Fle | |
| CVE-2025-33112 | 8.4 | 0.00% | 2 | 0 | 2025-06-10T18:32:36 | IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged | |
| CVE-2023-20599 | 7.9 | 0.00% | 2 | 0 | 2025-06-10T18:32:30 | Improper register access control in ASP may allow a privileged attacker to perfo | |
| CVE-2025-2474 | 9.8 | 0.00% | 2 | 0 | 2025-06-10T18:15:30.477000 | Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 | |
| CVE-2025-0052 | 0 | 0.00% | 2 | 0 | 2025-06-10T18:15:30.180000 | Improper input validation performed during the authentication process of FlashBl | |
| CVE-2025-0051 | 0 | 0.00% | 2 | 0 | 2025-06-10T18:15:30.030000 | Improper input validation performed during the authentication process of FlashAr | |
| CVE-2025-27818 | 8.8 | 0.02% | 1 | 0 | 2025-06-10T16:15:36.917000 | A possible security vulnerability has been identified in Apache Kafka. This requ | |
| CVE-2025-27531 | 9.8 | 0.02% | 1 | 0 | 2025-06-10T16:15:36.583000 | Deserialization of Untrusted Data vulnerability in Apache InLong. This issue a | |
| CVE-2025-47827 | 8.4 | 0.02% | 1 | 1 | 2025-06-10T15:31:45 | In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver | |
| CVE-2025-26395 | 7.0 | 0.00% | 1 | 0 | 2025-06-10T15:30:53 | SolarWinds Observability Self-Hosted was susceptible to a cross-site scripting | |
| CVE-2025-5335 | 7.8 | 0.00% | 1 | 0 | 2025-06-10T15:30:53 | A maliciously crafted binary file when downloaded could lead to escalation of pr | |
| CVE-2025-5353 | 8.8 | 0.00% | 2 | 0 | 2025-06-10T15:30:53 | A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a l | |
| CVE-2025-22455 | 8.8 | 0.00% | 2 | 0 | 2025-06-10T15:30:53 | A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a lo | |
| CVE-2025-22463 | 7.3 | 0.00% | 2 | 0 | 2025-06-10T15:30:53 | A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a l | |
| CVE-2025-5606 | 6.3 | 2.89% | 1 | 0 | 2025-06-10T15:30:41 | A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as cri | |
| CVE-2025-5600 | 9.8 | 0.10% | 1 | 0 | 2025-06-10T15:30:40 | A vulnerability, which was classified as critical, has been found in TOTOLINK EX | |
| CVE-2025-26394 | 4.8 | 0.00% | 1 | 0 | 2025-06-10T15:15:23.543000 | SolarWinds Observability Self-Hosted is susceptible to an open redirection vul | |
| CVE-2025-5604 | 7.3 | 0.04% | 1 | 0 | 2025-06-10T15:08:53.860000 | A vulnerability was found in Campcodes Hospital Management System 1.0 and classi | |
| CVE-2025-5654 | 6.3 | 0.03% | 1 | 0 | 2025-06-10T15:04:45.870000 | A vulnerability was found in PHPGurukul Complaint Management System 2.0 and clas | |
| CVE-2025-5685 | 8.8 | 0.05% | 1 | 0 | 2025-06-10T15:01:39.320000 | A vulnerability, which was classified as critical, was found in Tenda CH22 1.0.0 | |
| CVE-2025-43698 | 0 | 0.01% | 1 | 0 | 2025-06-10T12:15:24.227000 | Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (Fle | |
| CVE-2025-43697 | 0 | 0.01% | 1 | 0 | 2025-06-10T12:15:24.097000 | Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (Dat | |
| CVE-2025-1041 | 10.0 | 0.06% | 1 | 0 | 2025-06-10T06:31:44 | An improper input validation discovered in Avaya Call Management System could | |
| CVE-2025-42989 | 9.6 | 0.04% | 2 | 0 | 2025-06-10T01:15:22.183000 | RFC inbound processing�does not perform necessary authorization checks for an au | |
| CVE-2024-42009 | 9.3 | 68.50% | 2 | 4 | 2025-06-10T01:00:02.087000 | A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x throug | |
| CVE-2025-3461 | 9.1 | 0.05% | 1 | 0 | 2025-06-09T19:15:24.923000 | The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by defau | |
| CVE-2025-3460 | 7.7 | 0.11% | 1 | 0 | 2025-06-09T19:15:24.810000 | The Quantenna Wi-Fi chipset ships with a local control script, set_tx_pow, that | |
| CVE-2025-5794 | 8.8 | 0.09% | 1 | 0 | 2025-06-09T19:08:21.053000 | A vulnerability, which was classified as critical, has been found in Tenda AC5 1 | |
| CVE-2025-5798 | 8.8 | 0.09% | 1 | 0 | 2025-06-09T19:08:05.903000 | A vulnerability was found in Tenda AC8 16.03.34.09. It has been classified as cr | |
| CVE-2025-3357 | 9.8 | 0.40% | 1 | 0 | 2025-06-09T18:56:33.710000 | IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19 could allow a remo | |
| CVE-2025-31022 | 9.8 | 0.06% | 2 | 0 | 2025-06-09T18:32:16 | Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU I | |
| CVE-2025-5799 | 8.8 | 0.09% | 1 | 0 | 2025-06-09T15:32:48 | A vulnerability was found in Tenda AC8 16.03.34.09. It has been declared as crit | |
| CVE-2025-5399 | 7.5 | 0.04% | 1 | 0 | 2025-06-09T15:32:48 | Due to a mistake in libcurl's WebSocket code, a malicious server can send a part | |
| CVE-2025-5795 | 8.8 | 0.09% | 1 | 0 | 2025-06-09T15:31:42 | A vulnerability, which was classified as critical, was found in Tenda AC5 1.0/15 | |
| CVE-2025-5592 | 7.3 | 0.04% | 1 | 0 | 2025-06-09T15:31:37 | A vulnerability, which was classified as critical, has been found in FreeFloat F | |
| CVE-2025-5715 | 3.8 | 0.02% | 1 | 0 | 2025-06-09T14:15:24.393000 | A vulnerability was found in Signal App 7.41.4 on Android. It has been declared | |
| CVE-2025-3835 | 9.7 | 0.15% | 3 | 0 | 2025-06-09T12:31:18 | Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnera | |
| CVE-2025-36528 | 8.3 | 0.03% | 1 | 0 | 2025-06-09T12:31:18 | Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to aut | |
| CVE-2025-27709 | 8.3 | 0.03% | 1 | 0 | 2025-06-09T12:31:12 | Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to aut | |
| CVE-2025-41444 | 8.3 | 0.03% | 1 | 0 | 2025-06-09T12:15:47.880000 | Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to aut | |
| CVE-2025-35005 | 7.1 | 0.10% | 1 | 0 | 2025-06-09T12:15:47.880000 | Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulner | |
| CVE-2025-35008 | 7.1 | 0.10% | 1 | 0 | 2025-06-09T12:15:47.880000 | Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulner | |
| CVE-2025-49113 | 10.0 | 0.54% | 9 | 7 | template | 2025-06-09T06:30:22 | Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execu |
| CVE-2025-35007 | 7.1 | 0.10% | 1 | 0 | 2025-06-08T21:30:37 | Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulner | |
| CVE-2025-35009 | 7.1 | 0.10% | 1 | 0 | 2025-06-08T21:30:37 | Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulner | |
| CVE-2025-35010 | 7.1 | 0.10% | 1 | 0 | 2025-06-08T21:30:37 | Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulner | |
| CVE-2025-35006 | 7.1 | 0.10% | 1 | 0 | 2025-06-08T21:30:37 | Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulner | |
| CVE-2025-3459 | 7.7 | 0.11% | 1 | 0 | 2025-06-08T21:30:37 | The Quantenna Wi-Fi chipset ships with a local control script, transmit_file, th | |
| CVE-2025-32457 | 7.7 | 0.11% | 1 | 0 | 2025-06-08T21:30:37 | The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh | |
| CVE-2025-35004 | 7.1 | 0.10% | 1 | 0 | 2025-06-08T21:30:30 | Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulner | |
| CVE-2025-32459 | 7.7 | 0.11% | 1 | 0 | 2025-06-08T21:30:30 | The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh | |
| CVE-2025-32458 | 7.7 | 0.11% | 1 | 0 | 2025-06-08T21:30:30 | The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh | |
| CVE-2025-32455 | 7.7 | 0.11% | 1 | 0 | 2025-06-08T21:30:29 | The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh | |
| CVE-2025-32456 | 7.7 | 0.11% | 1 | 0 | 2025-06-08T21:30:29 | The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh | |
| CVE-2025-5652 | 6.3 | 0.03% | 1 | 0 | 2025-06-06T21:31:29 | A vulnerability, which was classified as critical, was found in PHPGurukul Compl | |
| CVE-2025-5639 | 7.3 | 0.03% | 1 | 0 | 2025-06-06T21:31:29 | A vulnerability was found in PHPGurukul Notice Board System 1.0 and classified a | |
| CVE-2025-5619 | 8.8 | 0.12% | 1 | 0 | 2025-06-06T21:31:29 | A vulnerability, which was classified as critical, has been found in Tenda CH22 | |
| CVE-2025-5572 | 8.8 | 0.04% | 1 | 0 | 2025-06-06T21:31:29 | A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as cr | |
| CVE-2025-5616 | 6.3 | 0.04% | 1 | 0 | 2025-06-06T20:10:46.310000 | A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has | |
| CVE-2025-5573 | 6.3 | 0.10% | 1 | 0 | 2025-06-06T18:48:46.463000 | A vulnerability was found in D-Link DCS-932L 2.18.01. It has been rated as criti | |
| CVE-2025-5624 | 9.8 | 0.07% | 1 | 0 | 2025-06-06T18:31:34 | A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been declared as c | |
| CVE-2025-5621 | 7.3 | 0.34% | 1 | 0 | 2025-06-06T18:31:34 | A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as cri | |
| CVE-2025-5788 | 8.8 | 0.13% | 1 | 0 | 2025-06-06T18:30:38 | A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rate | |
| CVE-2025-5623 | 9.8 | 0.07% | 1 | 0 | 2025-06-06T18:30:30 | A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been classified as | |
| CVE-2025-5622 | 9.8 | 0.07% | 1 | 0 | 2025-06-06T18:30:29 | A vulnerability was found in D-Link DIR-816 1.10CNB05 and classified as critical | |
| CVE-2025-5620 | 7.3 | 0.34% | 1 | 0 | 2025-06-06T18:30:29 | A vulnerability, which was classified as critical, was found in D-Link DIR-816 1 | |
| CVE-2025-41646 | 9.8 | 0.35% | 1 | 0 | 2025-06-06T15:31:04 | An unauthorized remote attacker can bypass the authentication of the affected so | |
| CVE-2025-49425 | 7.1 | 0.01% | 1 | 0 | 2025-06-06T15:31:00 | Cross-Site Request Forgery (CSRF) vulnerability in Adrian Hanft Konami Easter Eg | |
| CVE-2025-47966 | 9.8 | 0.12% | 3 | 0 | 2025-06-06T14:07:28.330000 | Exposure of sensitive information to an unauthorized actor in Power Automate all | |
| CVE-2025-5737 | 8.8 | 0.08% | 1 | 0 | 2025-06-06T14:07:28.330000 | A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been decl | |
| CVE-2025-5738 | 8.8 | 0.08% | 1 | 0 | 2025-06-06T14:07:28.330000 | A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rate | |
| CVE-2025-3321 | 0 | 0.01% | 1 | 0 | 2025-06-06T14:07:28.330000 | A predefined administrative account is not documented and cannot be deactivated. | |
| CVE-2025-5734 | 8.8 | 0.08% | 1 | 0 | 2025-06-06T09:30:33 | A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classifi | |
| CVE-2025-3365 | 9.8 | 0.05% | 1 | 0 | 2025-06-06T09:30:33 | A missing protection against path traversal allows to access any file on the ser | |
| CVE-2025-5736 | 8.8 | 0.08% | 1 | 0 | 2025-06-06T09:30:32 | A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been clas | |
| CVE-2025-5739 | 8.8 | 0.08% | 1 | 0 | 2025-06-06T09:30:32 | A vulnerability classified as critical has been found in TOTOLINK X15 1.0.0-B202 | |
| CVE-2025-5735 | 8.8 | 0.08% | 1 | 0 | 2025-06-06T09:30:26 | A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as | |
| CVE-2025-3322 | None | 0.45% | 1 | 0 | 2025-06-06T09:30:26 | An improper neutralization of inputs used in expression language allows remote c | |
| CVE-2011-10007 | 8.8 | 0.05% | 1 | 0 | 2025-06-06T04:15:41.237000 | File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution | |
| CVE-2025-5702 | 5.6 | 0.04% | 1 | 0 | 2025-06-05T21:15:22.873000 | The strcmp implementation optimized for the Power10 processor in the GNU C Libra | |
| CVE-2025-1793 | 9.8 | 0.04% | 2 | 0 | 2025-06-05T20:12:23.777000 | Multiple vector store integrations in run-llama/llama_index version v0.12.21 hav | |
| CVE-2025-49007 | 0 | 0.06% | 1 | 0 | 2025-06-05T20:12:23.777000 | Rack is a modular Ruby web server interface. Starting in version 3.1.0 and prior | |
| CVE-2025-27445 | 0 | 0.08% | 1 | 0 | 2025-06-05T20:12:23.777000 | A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla | |
| CVE-2025-5642 | 2.5 | 0.01% | 1 | 0 | 2025-06-05T20:12:23.777000 | A vulnerability classified as problematic has been found in Radare2 5.9.9. Affec | |
| CVE-2025-3054 | 8.8 | 0.24% | 1 | 1 | 2025-06-05T20:12:23.777000 | The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file up | |
| CVE-2025-5640 | 3.3 | 0.01% | 1 | 0 | 2025-06-05T20:12:23.777000 | A vulnerability was found in PX4-Autopilot 1.12.3. It has been classified as pro | |
| CVE-2025-5608 | 8.8 | 0.05% | 1 | 0 | 2025-06-05T20:12:23.777000 | A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. | |
| CVE-2025-22245 | 5.9 | 0.03% | 1 | 0 | 2025-06-05T20:12:23.777000 | VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the rou | |
| CVE-2025-5607 | 8.8 | 0.05% | 1 | 0 | 2025-06-05T20:12:23.777000 | A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critic | |
| CVE-2025-27753 | None | 0.03% | 1 | 0 | 2025-06-05T15:31:39 | A SQLi vulnerability in RSMediaGallery component 1.7.4 - 2.1.6 for Joomla was di | |
| CVE-2025-30084 | None | 0.03% | 1 | 0 | 2025-06-05T15:31:38 | A stored XSS vulnerability in RSMail! component 1.19.20 - 1.22.26 for Joomla was | |
| CVE-2025-27754 | 6.5 | 0.04% | 1 | 0 | 2025-06-05T15:31:38 | A stored XSS vulnerability in RSBlog! component 1.11.6 - 1.14.4 for Joomla was d | |
| CVE-2025-5658 | 6.3 | 0.03% | 1 | 0 | 2025-06-05T15:31:38 | A vulnerability classified as critical has been found in PHPGurukul Complaint Ma | |
| CVE-2025-49002 | 9.8 | 0.05% | 1 | 0 | 2025-06-05T14:07:36.847000 | DataEase is an open source business intelligence and data visualization tool. Ve | |
| CVE-2025-5701 | 9.8 | 0.07% | 1 | 2 | 2025-06-05T12:31:20 | The HyperComments plugin for WordPress is vulnerable to unauthorized modificatio | |
| CVE-2025-5653 | 6.3 | 0.03% | 1 | 0 | 2025-06-05T12:31:15 | A vulnerability has been found in PHPGurukul Complaint Management System 2.0 and | |
| CVE-2025-5648 | 2.5 | 0.01% | 1 | 0 | 2025-06-05T09:30:33 | A vulnerability was found in Radare2 5.9.9. It has been classified as problemati | |
| CVE-2025-5647 | 2.5 | 0.01% | 1 | 0 | 2025-06-05T09:30:33 | A vulnerability was found in Radare2 5.9.9 and classified as problematic. This i | |
| CVE-2025-5646 | 2.5 | 0.01% | 1 | 0 | 2025-06-05T09:30:33 | A vulnerability has been found in Radare2 5.9.9 and classified as problematic. T | |
| CVE-2025-5641 | 2.5 | 0.01% | 1 | 0 | 2025-06-05T09:30:33 | A vulnerability was found in Radare2 5.9.9. It has been rated as problematic. Th | |
| CVE-2025-5643 | 2.5 | 0.01% | 1 | 0 | 2025-06-05T09:30:33 | A vulnerability classified as problematic was found in Radare2 5.9.9. Affected b | |
| CVE-2025-5644 | 2.5 | 0.01% | 1 | 0 | 2025-06-05T09:30:33 | A vulnerability, which was classified as problematic, has been found in Radare2 | |
| CVE-2025-5645 | 2.5 | 0.01% | 1 | 0 | 2025-06-05T09:30:33 | A vulnerability, which was classified as problematic, was found in Radare2 5.9.9 | |
| CVE-2025-4598 | 4.7 | 0.01% | 1 | 0 | 2025-06-05T09:30:24 | A vulnerability was found in systemd-coredump. This flaw allows an attacker to f | |
| CVE-2025-3055 | 8.1 | 0.53% | 1 | 0 | 2025-06-05T06:30:33 | The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file de | |
| CVE-2025-5614 | 6.3 | 0.03% | 1 | 0 | 2025-06-05T00:31:24 | A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has | |
| CVE-2025-5615 | 6.3 | 0.03% | 1 | 0 | 2025-06-05T00:31:24 | A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has | |
| CVE-2025-5690 | 6.5 | 0.03% | 1 | 0 | 2025-06-05T00:31:20 | PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked | |
| CVE-2025-48935 | None | 0.05% | 1 | 0 | 2025-06-04T22:57:14 | ## Summary It is possible to bypass Deno's read/write permission checks by usin | |
| CVE-2025-48934 | None | 0.07% | 1 | 0 | 2025-06-04T22:57:04 | ### Summary The [Deno.env.toObject](https://docs.deno.com/api/deno/~/Deno.Env.to | |
| CVE-2025-48888 | None | 0.05% | 1 | 0 | 2025-06-04T22:56:55 | ### Summary `deno run --allow-read --deny-read main.ts` results in allowed, eve | |
| CVE-2025-5610 | 6.3 | 0.03% | 1 | 0 | 2025-06-04T21:31:23 | A vulnerability, which was classified as critical, has been found in CodeAstro R | |
| CVE-2025-5609 | 8.8 | 0.05% | 1 | 0 | 2025-06-04T21:31:22 | A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affe | |
| CVE-2025-22244 | 6.9 | 0.04% | 1 | 0 | 2025-06-04T21:31:22 | VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gat | |
| CVE-2025-22243 | 7.5 | 0.03% | 1 | 0 | 2025-06-04T21:31:15 | VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attac | |
| CVE-2025-5583 | 7.3 | 0.04% | 1 | 0 | 2025-06-04T18:32:00 | A vulnerability classified as critical has been found in CodeAstro Real Estate M | |
| CVE-2025-5596 | 7.3 | 0.05% | 1 | 0 | 2025-06-04T18:31:05 | A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as | |
| CVE-2025-20286 | 9.9 | 0.13% | 4 | 1 | 2025-06-04T18:30:58 | A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud | |
| CVE-2025-5578 | 7.3 | 0.04% | 1 | 0 | 2025-06-04T18:30:57 | A vulnerability has been found in PHPGurukul Dairy Farm Shop Management System 1 | |
| CVE-2025-5579 | 7.3 | 0.04% | 1 | 0 | 2025-06-04T18:30:57 | A vulnerability was found in PHPGurukul Dairy Farm Shop Management System 1.3 an | |
| CVE-2025-5577 | 7.3 | 0.04% | 1 | 0 | 2025-06-04T18:28:13.103000 | A vulnerability, which was classified as critical, was found in PHPGurukul Dairy | |
| CVE-2025-27038 | 7.5 | 3.72% | 1 | 0 | 2025-06-04T17:23:58.387000 | Memory corruption while rendering graphics using Adreno GPU drivers in Chrome. | |
| CVE-2025-20188 | 10.0 | 4.36% | 1 | 0 | template | 2025-06-04T15:31:32 | A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of C |
| CVE-2025-48960 | 5.9 | 0.00% | 1 | 0 | 2025-06-04T15:30:46 | Weak server key used for TLS encryption. The following products are affected: Ac | |
| CVE-2025-1701 | None | 0.03% | 1 | 0 | 2025-06-04T15:30:46 | CVE-2025-1701 is a high-severity vulnerability in the MIM Admin service. An atta | |
| CVE-2025-48962 | 4.3 | 0.03% | 1 | 0 | 2025-06-04T15:30:41 | Sensitive information disclosure due to SSRF. The following products are affecte | |
| CVE-2024-36486 | 7.8 | 0.02% | 1 | 0 | 2025-06-04T14:54:33.783000 | A privilege escalation vulnerability exists in the virtual machine archive resto | |
| CVE-2024-52561 | 7.8 | 0.01% | 1 | 0 | 2025-06-04T14:54:33.783000 | A privilege escalation vulnerability exists in the Snapshot functionality of Par | |
| CVE-2025-30415 | 7.5 | 0.08% | 1 | 0 | 2025-06-04T14:54:33.783000 | Denial of service due to improper handling of malformed input. The following pro | |
| CVE-2025-20991 | 4.0 | 0.02% | 1 | 0 | 2025-06-04T14:54:33.783000 | Improper export of Android application components in Bluetooth prior to SMR Jun- | |
| CVE-2025-5601 | 7.8 | 0.02% | 1 | 0 | 2025-06-04T12:30:42 | Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows d | |
| CVE-2025-5584 | 2.4 | 0.03% | 1 | 0 | 2025-06-04T12:30:42 | A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has b | |
| CVE-2024-13967 | 8.8 | 0.05% | 1 | 0 | 2025-06-04T09:31:35 | This vulnerability allows the successful attacker to gain unauthorized access to | |
| CVE-2025-5571 | 6.3 | 0.84% | 1 | 0 | 2025-06-04T06:30:38 | A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as | |
| CVE-2025-5569 | 6.3 | 0.04% | 1 | 0 | 2025-06-04T06:30:37 | A vulnerability was found in IdeaCMS up to 1.7 and classified as critical. This | |
| CVE-2025-5562 | 7.3 | 0.04% | 1 | 0 | 2025-06-04T06:30:37 | A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It | |
| CVE-2025-25022 | 9.7 | 0.04% | 1 | 0 | 2025-06-03T18:30:52 | IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Secur | |
| CVE-2025-45542 | 7.3 | 0.17% | 1 | 0 | 2025-06-03T16:15:25.397000 | SQL injection vulnerability in the registrationform endpoint of CloudClassroom-P | |
| CVE-2025-5419 | 8.8 | 3.78% | 9 | 1 | 2025-06-03T15:32:28 | Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allow | |
| CVE-2025-31359 | 8.8 | 0.05% | 1 | 0 | 2025-06-03T12:30:37 | A directory traversal vulnerability exists in the PVMP package unpacking functio | |
| CVE-2024-54189 | 7.8 | 0.02% | 1 | 0 | 2025-06-03T12:30:37 | A privilege escalation vulnerability exists in the Snapshot functionality of Par | |
| CVE-2025-21479 | 8.6 | 3.40% | 1 | 0 | 2025-06-03T09:32:11 | Memory corruption due to unauthorized command execution in GPU micronode while e | |
| CVE-2025-21480 | 8.6 | 3.40% | 1 | 0 | 2025-06-03T06:31:22 | Memory corruption due to unauthorized command execution in GPU micronode while e | |
| CVE-2025-23247 | 4.4 | 0.01% | 1 | 0 | 2025-06-02T18:31:36 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump | |
| CVE-2023-39780 | 8.8 | 51.22% | 1 | 0 | 2025-06-02T18:30:26 | ASUS RT-AX55 v3.0.0.4.386.51598 was discovered to contain an authenticated comma | |
| CVE-2025-37093 | 9.8 | 0.07% | 1 | 0 | 2025-06-02T17:32:17.397000 | An authentication bypass vulnerability exists in HPE StoreOnce Software. | |
| CVE-2025-5054 | 4.7 | 0.01% | 1 | 1 | 2025-05-30T18:31:27 | Race condition in Canonical apport up to and including 2.32.0 allows a local att | |
| CVE-2025-21204 | 7.8 | 0.20% | 1 | 1 | 2025-05-29T14:15:34.340000 | Improper link resolution before file access ('link following') in Windows Update | |
| CVE-2025-4009 | None | 0.24% | 1 | 0 | 2025-05-28T09:31:27 | The Evertz SVDN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Vi | |
| CVE-2025-37899 | 0 | 0.02% | 1 | 2 | 2025-05-24T19:15:23.640000 | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix | |
| CVE-2025-32813 | 7.2 | 0.15% | 1 | 0 | 2025-05-23T21:32:17 | An issue was discovered in Infoblox NETMRI before 7.6.1. Remote Unauthenticated | |
| CVE-2025-32814 | 9.8 | 0.04% | 1 | 0 | 2025-05-22T21:30:46 | An issue was discovered in Infoblox NETMRI before 7.6.1. Unauthenticated SQL Inj | |
| CVE-2025-47934 | 0 | 0.02% | 11 | 0 | 2025-05-21T20:25:16.407000 | OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. Startinf in v | |
| CVE-2023-38950 | 7.5 | 86.74% | 1 | 0 | template | 2025-05-21T18:34:59.360000 | A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows |
| CVE-2025-36560 | 8.6 | 0.04% | 1 | 0 | 2025-05-19T13:35:20.460000 | Server-side request forgery vulnerability exists in a-blog cms multiple versions | |
| CVE-2025-32756 | 9.8 | 8.83% | 3 | 5 | 2025-05-16T19:41:05.917000 | A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice ver | |
| CVE-2025-30712 | 8.1 | 0.04% | 1 | 0 | 2025-05-16T15:31:39 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (comp | |
| CVE-2025-4664 | 4.3 | 0.06% | 1 | 2 | 2025-05-14T21:31:18 | Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.1 | |
| CVE-2025-37797 | 0 | 0.06% | 1 | 0 | 2025-05-05T20:54:45.973000 | In the Linux kernel, the following vulnerability has been resolved: net_sched: | |
| CVE-2025-37798 | None | 0.03% | 1 | 0 | 2025-05-02T15:31:57 | In the Linux kernel, the following vulnerability has been resolved: codel: remo | |
| CVE-2025-22869 | 7.5 | 0.05% | 1 | 0 | 2025-04-14T15:39:01 | SSH servers which implement file transfer protocols are vulnerable to a denial o | |
| CVE-2025-32395 | None | 0.02% | 1 | 3 | 2025-04-11T14:06:06 | ### Summary The contents of arbitrary files can be returned to the browser if th | |
| CVE-2013-0156 | 0 | 93.15% | 1 | 8 | 2025-04-11T00:51:21.963000 | active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0. | |
| CVE-2025-29927 | 9.1 | 93.16% | 1 | 95 | template | 2025-04-08T14:15:33.973000 | Next.js is a React framework for building full-stack web applications. Starting |
| CVE-2025-2992 | 5.3 | 0.18% | 1 | 78 | 2025-04-07T14:40:55.240000 | A vulnerability classified as critical was found in Tenda FH1202 1.2.0.14(408). | |
| CVE-2025-1829 | 6.3 | 1.09% | 1 | 0 | 2025-04-03T18:31:56 | A vulnerability was found in TOTOLINK X18 9.1.0cu.2024_B20220329. It has been de | |
| CVE-2023-52926 | 7.8 | 0.01% | 1 | 0 | 2025-03-24T17:34:43.630000 | In the Linux kernel, the following vulnerability has been resolved: IORING_OP_R | |
| CVE-2024-24919 | 8.6 | 94.33% | 1 | 60 | template | 2025-01-27T21:42:18.743000 | Potentially allowing an attacker to read certain information on Check Point Secu |
| CVE-2024-56770 | 5.5 | 0.03% | 1 | 0 | 2025-01-10T18:31:39 | In the Linux kernel, the following vulnerability has been resolved: net/sched: | |
| CVE-2024-53164 | None | 0.09% | 1 | 0 | 2025-01-09T18:32:13 | In the Linux kernel, the following vulnerability has been resolved: net: sched: | |
| CVE-2024-53125 | None | 0.09% | 1 | 0 | 2024-12-19T21:32:18 | In the Linux kernel, the following vulnerability has been resolved: bpf: sync_l | |
| CVE-2023-52922 | 7.8 | 0.03% | 1 | 0 | 2024-12-11T15:32:22 | In the Linux kernel, the following vulnerability has been resolved: can: bcm: F | |
| CVE-2024-45318 | 8.1 | 0.25% | 1 | 0 | 2024-12-05T18:32:07 | A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows r | |
| CVE-2024-53702 | 5.3 | 0.04% | 1 | 0 | 2024-12-05T18:32:07 | Use of cryptographically weak pseudo-random number generator (PRNG) vulnerabilit | |
| CVE-2024-40763 | 7.5 | 0.11% | 1 | 0 | 2024-12-05T18:31:03 | Heap-based buffer overflow vulnerability in the SonicWall SMA100 SSLVPN due to t | |
| CVE-2024-45319 | 6.3 | 0.05% | 1 | 0 | 2024-12-05T17:15:12.040000 | A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and ear | |
| CVE-2024-53703 | 8.1 | 0.10% | 1 | 1 | 2024-12-05T15:31:09 | A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earli | |
| CVE-2024-9143 | 4.3 | 0.42% | 1 | 0 | 2024-11-08T18:31:50 | Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted e | |
| CVE-2017-0199 | 7.8 | 94.37% | 1 | 26 | 2024-07-24T18:32:16 | Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, | |
| CVE-2024-3721 | 6.3 | 51.14% | 8 | 0 | 2024-04-13T12:30:30 | A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classi | |
| CVE-2023-39910 | 7.5 | 0.14% | 1 | 1 | 2024-04-04T06:43:16 | The cryptocurrency wallet entropy seeding mechanism used in Libbitcoin Explorer | |
| CVE-2023-25194 | 8.8 | 94.19% | 1 | 4 | template | 2023-07-21T18:01:39 | A possible security vulnerability has been identified in Apache Kafka Connect AP |
| CVE-2025-4275 | 0 | 0.00% | 1 | 1 | N/A | ||
| CVE-2025-32433 | 0 | 46.37% | 2 | 25 | template | N/A | |
| CVE-2025-49001 | 0 | 0.05% | 1 | 0 | N/A | ||
| CVE-2025-48999 | 0 | 0.04% | 1 | 0 | N/A | ||
| CVE-2025-48062 | 0 | 0.03% | 1 | 0 | N/A | ||
| CVE-2025-5688 | 0 | 0.02% | 2 | 0 | N/A | ||
| CVE-2025-49012 | 0 | 0.07% | 1 | 0 | N/A |
updated 2025-06-11T01:15:20.547000
4 posts
RCE in KDE Konsole.
https://kde.org/info/security/advisory-20250609-1.txt
sev:HIGH 8.2 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L
##KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet:// or rlogin:// URL. This can be executed regardless of whether the ssh, telnet, or rlogin binary is available. In this mode, there is a code path where if that binary is not available, Konsole falls back to using /bin/bash for the given arguments (i.e., the URL) provided. This allows an attacker to execute arbitrary code.
Code execution from web browser using URL schemes handled by KDE's KTelnetService and Konsole (CVE-2025-49091) https://proofnet.de/publikationen/konsole_rce.html
##RCE in KDE Konsole.
https://kde.org/info/security/advisory-20250609-1.txt
sev:HIGH 8.2 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L
##KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet:// or rlogin:// URL. This can be executed regardless of whether the ssh, telnet, or rlogin binary is available. In this mode, there is a code path where if that binary is not available, Konsole falls back to using /bin/bash for the given arguments (i.e., the URL) provided. This allows an attacker to execute arbitrary code.
Code execution from web browser using URL schemes handled by KDE's KTelnetService and Konsole (CVE-2025-49091) https://proofnet.de/publikationen/konsole_rce.html
##updated 2025-06-11T01:00:01.443000
11 posts
So here's a dumb question. Does CVE-2025-33053 actually affect Apache #mod_dav after all?
#CISA #KEV seems to be implying this: "This vulnerability could affect various products that implement WebDAV, including but not limited to Microsoft Windows."
Like, is it a protocol bug, or a product bug? The CVE only lists Microsoft products as affected.
##CVE-2025-33053, Stealth Falcon and Horus: A Saga of Middle Eastern Cyber Espionage
#StealthFalcon #CVE_2025_33053 #HorusAgent
https://research.checkpoint.com/2025/stealth-falcon-zero-day/
Write-up from Check Point Research on CVE-2025-33053: https://research.checkpoint.com/2025/stealth-falcon-zero-day/
##CVE-2025-33053 has already been added to the KEV Catalog.
##CVE ID: CVE-2025-33053
Vendor: Web Distributed Authoring and Versioning
Product: Web Distributed Authoring and Versioning (WebDAV)
Date Added: 2025-06-10
Notes: This vulnerability affects a common open-source project, third-party library, or a protocol used by different products. For more information, please see: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-33053 ; https://nvd.nist.gov/vuln/detail/CVE-2025-33053
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-33053
This month, Microsoft patched 67 vulnerabilities, including one actively exploited zero-days—CVE-2025-33053, a WebDAV RCE discovered by Check Point
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-33053
##So here's a dumb question. Does CVE-2025-33053 actually affect Apache #mod_dav after all?
#CISA #KEV seems to be implying this: "This vulnerability could affect various products that implement WebDAV, including but not limited to Microsoft Windows."
Like, is it a protocol bug, or a product bug? The CVE only lists Microsoft products as affected.
##Write-up from Check Point Research on CVE-2025-33053: https://research.checkpoint.com/2025/stealth-falcon-zero-day/
##CVE-2025-33053 has already been added to the KEV Catalog.
##CVE ID: CVE-2025-33053
Vendor: Web Distributed Authoring and Versioning
Product: Web Distributed Authoring and Versioning (WebDAV)
Date Added: 2025-06-10
Notes: This vulnerability affects a common open-source project, third-party library, or a protocol used by different products. For more information, please see: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-33053 ; https://nvd.nist.gov/vuln/detail/CVE-2025-33053
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-33053
This month, Microsoft patched 67 vulnerabilities, including one actively exploited zero-days—CVE-2025-33053, a WebDAV RCE discovered by Check Point
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-33053
##updated 2025-06-11T01:00:01.443000
9 posts
7 repos
https://github.com/celsius026/poc_CVE-2025-24016
https://github.com/0xjessie21/CVE-2025-24016
https://github.com/cybersecplayground/CVE-2025-24016-Wazuh-Remote-Code-Execution-RCE-PoC
https://github.com/huseyinstif/CVE-2025-24016-Nuclei-Template
https://github.com/rxerium/CVE-2025-24016
I've created a passive detection script for this Wazuh vulnerability. It is currently being exploited in the wild (as reported by CISA). The script can be found here:
https://github.com/rxerium/CVE-2025-24016
Original article:
https://thehackernews.com/2025/06/botnet-wazuh-server-vulnerability.html
https://nvd.nist.gov/vuln/detail/CVE-2025-24016 has been added to the KEV Catalog too.
##CVE ID: CVE-2025-24016
Vendor: Wazuh
Product: Wazuh Server
Date Added: 2025-06-10
Notes: https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh ; https://nvd.nist.gov/vuln/detail/CVE-2025-24016
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-24016
https://nvd.nist.gov/vuln/detail/CVE-2025-24016 has been added to the KEV Catalog too.
##CVE ID: CVE-2025-24016
Vendor: Wazuh
Product: Wazuh Server
Date Added: 2025-06-10
Notes: https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh ; https://nvd.nist.gov/vuln/detail/CVE-2025-24016
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-24016
Akamai, which first discovered the exploitation efforts in late March 2025, said the malicious campaign targets CVE-2025-24016 (CVSS score: 9.9), an unsafe deserialization vulnerability that allows for remote code execution on Wazuh servers. https://thehackernews.com/2025/06/botnet-wazuh-server-vulnerability.html
##Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016) https://www.helpnetsecurity.com/2025/06/10/unpatched-wazuh-servers-targeted-by-mirai-botnets-cve-2025-24016/ #vulnerability #Don'tmiss #Hotstuff #Akamai #botnet #Wazuh #News #SIEM #PoC #XDR
##Akamai has spotted two Mirai botnets abusing a recently patched RCE (CVE-2025-24016) in the Wazuh SIEM
##Critical Wazuh Server vulnerability exploited by Mirai Botnet
A critical vulnerability (CVE-2025-24016, CVSS 9.9) in the widely-used Wazuh SIEM platform is being actively exploited by threat actors to deploy Mirai botnet variants for DDoS attacks.
**If you're running Wazuh server versions 4.4.0 through 4.9.0, first make sure to estrict API access to only essential authorized users. Then plan a quick update to version 4.9.1 or later. Exposed Wazuh instances will quickly become part of a botnet.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/critical-wazuh-server-vulnerability-exploited-by-mirai-botnet-4-o-c-r-n/gD2P6Ple2L
updated 2025-06-10T21:31:22
3 posts
AMD published a couple security bulletins today.
CVE-2023-20599 - Unauthorized Access to AMD Secure Processor’s Crypto-Co-Processor: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7039.html
CVE-2025-2884 - TPM Reference Implementation: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4011.html
##AMD published a couple security bulletins today.
CVE-2023-20599 - Unauthorized Access to AMD Secure Processor’s Crypto-Co-Processor: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7039.html
CVE-2025-2884 - TPM Reference Implementation: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4011.html
##AMD: TPM reference implementation out of bounds read vulnerability (medium) - CVE-2025-2884 https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4011.html #AMD #cybersecurity #Infosec
##updated 2025-06-10T21:15:22.450000
7 posts
Critical Windows Vulnerability Exposes Nearly All Secure Boot-Enabled Devices to Bootkit Attacks
Introduction: A New Threat Targets the Heart of Secure Boot A severe new security flaw has shaken the core of modern PC and server security. Known as CVE-2025-3052, this vulnerability allows attackers to bypass Secure Boot—a fundamental defense mechanism on Windows systems—by exploiting a flaw in a BIOS update tool signed with Microsoft’s own UEFI certificate. The…
##Another major Secure Boot bypass (CVE-2025-3052) affects UEFI devices, letting attackers run unsigned code during boot via unsafe NVRAM variable handling. Microsoft’s Patch Tuesday adds 14 new dbx hashes to mitigate.
https://www.binarly.io/blog/another-crack-in-the-chain-of-trust
##New Secure Boot flaw lets attackers install bootkit malware, patch now
Security researchers have disclosed a new Secure Boot bypass tracked as CVE-2025-3052 that can be used to turn off security on PCs and servers and...
🔗️ [Bleepingcomputer] https://link.is.it/OO3fqh
##New Secure Boot bypass (CVE-2025-3052) lets attackers install bootkit malware by breaking UEFI trust. Patches are out, but firmware issues complicate fixes. Critical update for admins. Details: https://redteamnews.com/red-team/cve/new-secure-boot-bypass-cve-2025-3052-enables-bootkit-malware-installation/
##Secure Boot firmado... pero vulnerable (CVE-2025-3052) https://www.hackplayers.com/2025/06/secure-boot-firmado-pero-vulnerable-cve.html #vulnerabilidades #amenazas #boot
##Another major Secure Boot bypass (CVE-2025-3052) affects UEFI devices, letting attackers run unsigned code during boot via unsafe NVRAM variable handling. Microsoft’s Patch Tuesday adds 14 new dbx hashes to mitigate.
https://www.binarly.io/blog/another-crack-in-the-chain-of-trust
##New Secure Boot flaw lets attackers install bootkit malware, patch now
Security researchers have disclosed a new Secure Boot bypass tracked as CVE-2025-3052 that can be used to turn off security on PCs and servers and...
🔗️ [Bleepingcomputer] https://link.is.it/OO3fqh
##updated 2025-06-10T20:41:37
1 posts
Three new Apache Kafka CVEs with some specific configurations.
https://kafka.apache.org/cve-list
##CVE-2025-27819 Apache Kafka: Possible RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration
In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration in Kafka Connect API. But not only Kafka Connect API is vulnerable to this attack, the Apache Kafka brokers also have this vulnerability. To exploit this vulnerability, the attacker needs to be able to connect to the Kafka cluster and have the AlterConfigs permission on the cluster resource.
Since Apache Kafka 3.4.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule" is disabled in Apache Kafka 3.4.0, and "com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule" is disabled by default in Apache Kafka 3.9.1/4.0.0.
CVE-2025-27818 Apache Kafka: Possible RCE attack via SASL JAAS LdapLoginModule configuration
A possible security vulnerability has been identified in Apache Kafka. This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config and a SASL-based security protocol, which has been possible on Kafka clusters since Apache Kafka 2.0.0 (Kafka Connect 2.3.0). When configuring the broker via config file or AlterConfig command, or connector via the Kafka Kafka Connect REST API, an authenticated operator can set the
sasl.jaas.configproperty for any of the connector's Kafka clients to "com.sun.security.auth.module.LdapLoginModule", which can be done via theproducer.override.sasl.jaas.config,consumer.override.sasl.jaas.config, oradmin.override.sasl.jaas.configproperties. This will allow the server to connect to the attacker's LDAP server and deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server. Attacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath.Since Apache Kafka 3.9.1/4.0.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule" are disabled in Apache Kafka Connect 3.9.1/4.0.0.
CVE-2025-27817 Apache Kafka Client: Arbitrary file read and SSRF vulnerability
A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url". Apache Kafka allows clients to read an arbitrary file and return the content in the error log, or sending requests to an unintended location. In applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use the "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url" configuration to read arbitrary contents of the disk and environment variables or make requests to an unintended location. In particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment/URL access, which may be undesirable in certain environments, including SaaS products.
Since Apache Kafka 3.9.1/4.0.0, we have added a system property ("-Dorg.apache.kafka.sasl.oauthbearer.allowed.urls") to set the allowed urls in SASL JAAS configuration. In 3.9.1, it accepts all urls by default for backward compatibility. However in 4.0.0 and newer, the default value is empty list and users have to set the allowed urls explicitly.
updated 2025-06-10T20:21:19
1 posts
Three new Apache Kafka CVEs with some specific configurations.
https://kafka.apache.org/cve-list
##CVE-2025-27819 Apache Kafka: Possible RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration
In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration in Kafka Connect API. But not only Kafka Connect API is vulnerable to this attack, the Apache Kafka brokers also have this vulnerability. To exploit this vulnerability, the attacker needs to be able to connect to the Kafka cluster and have the AlterConfigs permission on the cluster resource.
Since Apache Kafka 3.4.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule" is disabled in Apache Kafka 3.4.0, and "com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule" is disabled by default in Apache Kafka 3.9.1/4.0.0.
CVE-2025-27818 Apache Kafka: Possible RCE attack via SASL JAAS LdapLoginModule configuration
A possible security vulnerability has been identified in Apache Kafka. This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config and a SASL-based security protocol, which has been possible on Kafka clusters since Apache Kafka 2.0.0 (Kafka Connect 2.3.0). When configuring the broker via config file or AlterConfig command, or connector via the Kafka Kafka Connect REST API, an authenticated operator can set the
sasl.jaas.configproperty for any of the connector's Kafka clients to "com.sun.security.auth.module.LdapLoginModule", which can be done via theproducer.override.sasl.jaas.config,consumer.override.sasl.jaas.config, oradmin.override.sasl.jaas.configproperties. This will allow the server to connect to the attacker's LDAP server and deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server. Attacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath.Since Apache Kafka 3.9.1/4.0.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule" are disabled in Apache Kafka Connect 3.9.1/4.0.0.
CVE-2025-27817 Apache Kafka Client: Arbitrary file read and SSRF vulnerability
A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url". Apache Kafka allows clients to read an arbitrary file and return the content in the error log, or sending requests to an unintended location. In applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use the "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url" configuration to read arbitrary contents of the disk and environment variables or make requests to an unintended location. In particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment/URL access, which may be undesirable in certain environments, including SaaS products.
Since Apache Kafka 3.9.1/4.0.0, we have added a system property ("-Dorg.apache.kafka.sasl.oauthbearer.allowed.urls") to set the allowed urls in SASL JAAS configuration. In 3.9.1, it accepts all urls by default for backward compatibility. However in 4.0.0 and newer, the default value is empty list and users have to set the allowed urls explicitly.
updated 2025-06-10T18:33:27
1 posts
Info disclosure in HPE Aruba Private 5G Core APIs.
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04883en_us&docLocale=en_US
sev:HIGH 7.7 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
##A vulnerability in the APIs of HPE Aruba Networking Private 5G Core could potentially expose sensitive information to unauthorized users.
A successful exploitation could allow an attacker to iteratively navigate through the filesystem and ultimately download protected system files containing sensitive information.
updated 2025-06-10T18:33:27
1 posts
Five CVEs in Salesforce OmniStudio.
https://help.salesforce.com/s/articleView?id=004980323&type=1
##Datamapper CVE:
CVE-2025-43697: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio’s DataMapper feature allows exposure of encrypted data. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score 7.5 (High)
Flexcard CVEs:
CVE-2025-43698: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of field-level security controls for Salesforce objects. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 7.5 (High)
CVE-2025-43699: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of field-level security controls for OmniUICard objects. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 5.3 (Medium)
CVE-2025-43700: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows exposure of encrypted data. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 7.5 (High)
CVE-2025-43701: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows exposure of Custom Settings data. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 7.5 (High)
updated 2025-06-10T18:33:27
1 posts
Five CVEs in Salesforce OmniStudio.
https://help.salesforce.com/s/articleView?id=004980323&type=1
##Datamapper CVE:
CVE-2025-43697: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio’s DataMapper feature allows exposure of encrypted data. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score 7.5 (High)
Flexcard CVEs:
CVE-2025-43698: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of field-level security controls for Salesforce objects. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 7.5 (High)
CVE-2025-43699: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of field-level security controls for OmniUICard objects. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 5.3 (Medium)
CVE-2025-43700: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows exposure of encrypted data. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 7.5 (High)
CVE-2025-43701: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows exposure of Custom Settings data. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 7.5 (High)
updated 2025-06-10T18:33:27
1 posts
Five CVEs in Salesforce OmniStudio.
https://help.salesforce.com/s/articleView?id=004980323&type=1
##Datamapper CVE:
CVE-2025-43697: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio’s DataMapper feature allows exposure of encrypted data. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score 7.5 (High)
Flexcard CVEs:
CVE-2025-43698: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of field-level security controls for Salesforce objects. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 7.5 (High)
CVE-2025-43699: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of field-level security controls for OmniUICard objects. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 5.3 (Medium)
CVE-2025-43700: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows exposure of encrypted data. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 7.5 (High)
CVE-2025-43701: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows exposure of Custom Settings data. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 7.5 (High)
updated 2025-06-10T18:32:36
2 posts
../ -> command exec in IBM AIX.
https://www.ibm.com/support/pages/node/7236103
sev:HIGH 8.4 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
##Vulnerability in AIX's Perl could allow an attacker to execute arbitrary commands (CVE-2025-33112). AIX uses Perl in various operating system components.
../ -> command exec in IBM AIX.
https://www.ibm.com/support/pages/node/7236103
sev:HIGH 8.4 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
##Vulnerability in AIX's Perl could allow an attacker to execute arbitrary commands (CVE-2025-33112). AIX uses Perl in various operating system components.
updated 2025-06-10T18:32:30
2 posts
AMD published a couple security bulletins today.
CVE-2023-20599 - Unauthorized Access to AMD Secure Processor’s Crypto-Co-Processor: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7039.html
CVE-2025-2884 - TPM Reference Implementation: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4011.html
##AMD published a couple security bulletins today.
CVE-2023-20599 - Unauthorized Access to AMD Secure Processor’s Crypto-Co-Processor: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7039.html
CVE-2025-2884 - TPM Reference Implementation: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4011.html
##updated 2025-06-10T18:15:30.477000
2 posts
This looks like a fun one to dig into from Blackberry.
https://support.blackberry.com/pkb/s/article/140646
sev:CRIT 9.8 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
##Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec.
This looks like a fun one to dig into from Blackberry.
https://support.blackberry.com/pkb/s/article/140646
sev:CRIT 9.8 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
##Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec.
updated 2025-06-10T18:15:30.180000
2 posts
Pure Storage published a bulletin a few days ago which is supposed to include a couple DoS CVEs that were published today, but I don't see the CVEs in the bulletin. Good thing Pure Storage is never targeted or anything...
https://nvd.nist.gov/vuln/detail/CVE-2025-0051
##Pure Storage published a bulletin a few days ago which is supposed to include a couple DoS CVEs that were published today, but I don't see the CVEs in the bulletin. Good thing Pure Storage is never targeted or anything...
https://nvd.nist.gov/vuln/detail/CVE-2025-0051
##updated 2025-06-10T18:15:30.030000
2 posts
Pure Storage published a bulletin a few days ago which is supposed to include a couple DoS CVEs that were published today, but I don't see the CVEs in the bulletin. Good thing Pure Storage is never targeted or anything...
https://nvd.nist.gov/vuln/detail/CVE-2025-0051
##Pure Storage published a bulletin a few days ago which is supposed to include a couple DoS CVEs that were published today, but I don't see the CVEs in the bulletin. Good thing Pure Storage is never targeted or anything...
https://nvd.nist.gov/vuln/detail/CVE-2025-0051
##updated 2025-06-10T16:15:36.917000
1 posts
Three new Apache Kafka CVEs with some specific configurations.
https://kafka.apache.org/cve-list
##CVE-2025-27819 Apache Kafka: Possible RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration
In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration in Kafka Connect API. But not only Kafka Connect API is vulnerable to this attack, the Apache Kafka brokers also have this vulnerability. To exploit this vulnerability, the attacker needs to be able to connect to the Kafka cluster and have the AlterConfigs permission on the cluster resource.
Since Apache Kafka 3.4.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule" is disabled in Apache Kafka 3.4.0, and "com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule" is disabled by default in Apache Kafka 3.9.1/4.0.0.
CVE-2025-27818 Apache Kafka: Possible RCE attack via SASL JAAS LdapLoginModule configuration
A possible security vulnerability has been identified in Apache Kafka. This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config and a SASL-based security protocol, which has been possible on Kafka clusters since Apache Kafka 2.0.0 (Kafka Connect 2.3.0). When configuring the broker via config file or AlterConfig command, or connector via the Kafka Kafka Connect REST API, an authenticated operator can set the
sasl.jaas.configproperty for any of the connector's Kafka clients to "com.sun.security.auth.module.LdapLoginModule", which can be done via theproducer.override.sasl.jaas.config,consumer.override.sasl.jaas.config, oradmin.override.sasl.jaas.configproperties. This will allow the server to connect to the attacker's LDAP server and deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server. Attacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath.Since Apache Kafka 3.9.1/4.0.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule" are disabled in Apache Kafka Connect 3.9.1/4.0.0.
CVE-2025-27817 Apache Kafka Client: Arbitrary file read and SSRF vulnerability
A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url". Apache Kafka allows clients to read an arbitrary file and return the content in the error log, or sending requests to an unintended location. In applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use the "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url" configuration to read arbitrary contents of the disk and environment variables or make requests to an unintended location. In particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment/URL access, which may be undesirable in certain environments, including SaaS products.
Since Apache Kafka 3.9.1/4.0.0, we have added a system property ("-Dorg.apache.kafka.sasl.oauthbearer.allowed.urls") to set the allowed urls in SASL JAAS configuration. In 3.9.1, it accepts all urls by default for backward compatibility. However in 4.0.0 and newer, the default value is empty list and users have to set the allowed urls explicitly.
updated 2025-06-10T16:15:36.583000
1 posts
Apache InLong: An arbitrary file read vulnerability for JDBC
https://lists.apache.org/thread/r62lkqrr739wvcb60j6ql6q63rh4bxx5
##Deserialization of Untrusted Data vulnerability in Apache InLong.
This issue affects Apache InLong: from 1.13.0 before 2.1.0, this issue would allow an authenticated attacker to read arbitrary files by double writing the param.
updated 2025-06-10T15:31:45
1 posts
1 repos
IGEL OS Secure Boot bypass with PoC.
https://github.com/Zedeldi/CVE-2025-47827
##In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image.
updated 2025-06-10T15:30:53
1 posts
SolarWinds released Observability Self-Hosted 2025.2 which patched some CVEs:
sev:MED )sev:HIGH )sev:MED )sev:HIGH )updated 2025-06-10T15:30:53
1 posts
PrivEsc in Autodesk Installer.
https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0010
sev:HIGH 7.8 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
##A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the Autodesk Installer application. Exploitation of this vulnerability may lead to code execution.
updated 2025-06-10T15:30:53
2 posts
Ivanti: Security Advisory Ivanti Workspace Control (CVE-2025-5353, CVE- CVE-2025-22463, CVE-2025-22455) https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-CVE-2025-5353-CVE-CVE-2025-22463-CVE-2025-22455?language=en_US #cybersecurity #Infosec #Ivanti @cR0w
##Fucking Ivanti. What, do they think they're Cisco or something?
sev:HIGH 8.8 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL credentials.
sev:HIGH 7.3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L`
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password.
sev:HIGH 8.8 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
##A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials.
updated 2025-06-10T15:30:53
2 posts
Ivanti: Security Advisory Ivanti Workspace Control (CVE-2025-5353, CVE- CVE-2025-22463, CVE-2025-22455) https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-CVE-2025-5353-CVE-CVE-2025-22463-CVE-2025-22455?language=en_US #cybersecurity #Infosec #Ivanti @cR0w
##Fucking Ivanti. What, do they think they're Cisco or something?
sev:HIGH 8.8 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL credentials.
sev:HIGH 7.3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L`
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password.
sev:HIGH 8.8 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
##A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials.
updated 2025-06-10T15:30:53
2 posts
Ivanti: Security Advisory Ivanti Workspace Control (CVE-2025-5353, CVE- CVE-2025-22463, CVE-2025-22455) https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-CVE-2025-5353-CVE-CVE-2025-22463-CVE-2025-22455?language=en_US #cybersecurity #Infosec #Ivanti @cR0w
##Fucking Ivanti. What, do they think they're Cisco or something?
sev:HIGH 8.8 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL credentials.
sev:HIGH 7.3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L`
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password.
sev:HIGH 8.8 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
##A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials.
updated 2025-06-10T15:30:41
1 posts
updated 2025-06-10T15:30:40
1 posts
updated 2025-06-10T15:15:23.543000
1 posts
SolarWinds released Observability Self-Hosted 2025.2 which patched some CVEs:
sev:MED )sev:HIGH )sev:MED )sev:HIGH )updated 2025-06-10T15:08:53.860000
1 posts
updated 2025-06-10T15:04:45.870000
1 posts
updated 2025-06-10T15:01:39.320000
1 posts
New sev:CRIT Tenda CVE.
updated 2025-06-10T12:15:24.227000
1 posts
Five CVEs in Salesforce OmniStudio.
https://help.salesforce.com/s/articleView?id=004980323&type=1
##Datamapper CVE:
CVE-2025-43697: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio’s DataMapper feature allows exposure of encrypted data. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score 7.5 (High)
Flexcard CVEs:
CVE-2025-43698: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of field-level security controls for Salesforce objects. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 7.5 (High)
CVE-2025-43699: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of field-level security controls for OmniUICard objects. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 5.3 (Medium)
CVE-2025-43700: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows exposure of encrypted data. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 7.5 (High)
CVE-2025-43701: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows exposure of Custom Settings data. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 7.5 (High)
updated 2025-06-10T12:15:24.097000
1 posts
Five CVEs in Salesforce OmniStudio.
https://help.salesforce.com/s/articleView?id=004980323&type=1
##Datamapper CVE:
CVE-2025-43697: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio’s DataMapper feature allows exposure of encrypted data. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score 7.5 (High)
Flexcard CVEs:
CVE-2025-43698: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of field-level security controls for Salesforce objects. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 7.5 (High)
CVE-2025-43699: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of field-level security controls for OmniUICard objects. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 5.3 (Medium)
CVE-2025-43700: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows exposure of encrypted data. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 7.5 (High)
CVE-2025-43701: Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows exposure of Custom Settings data. This impacts OmniStudio versions prior to Spring ‘25. CVSS 3.1 Scoring Link Base Score: 7.5 (High)
updated 2025-06-10T06:31:44
1 posts
Avaya coming up just short of perfect here with command exec in their Call Management System.
https://support.avaya.com/css/public/documents/101093084
sev:CRIT 9.9 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
##An improper input validation discovered in Avaya Call Management System could allow an unauthorized remote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0.
updated 2025-06-10T01:15:22.183000
2 posts
Tracked as CVE-2025-42989 (CVSS score of 9.6), the critical bug is described as a missing authorization check in the NetWeaver application server for ABAP. https://www.securityweek.com/critical-vulnerability-patched-in-sap-netweaver/
##SAP Patch Tuesday has begun. I'm too tired to go through them all but here's a taste if you're interested in a sev:CRIT:
updated 2025-06-10T01:00:02.087000
2 posts
4 repos
https://github.com/DaniTheHack3r/CVE-2024-42009-PoC
https://github.com/Foxer131/CVE-2024-42008-9-exploit
If you missed this, CISA added these vulnerabilities to the KEV catalogue yesterday.
- CVE-2025-32433: Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-32433
- CVE-2024-42009: RoundCube Webmail Cross-Site Scripting Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-42009 #CISA #cybersecurity #Infosec
##CVE ID: CVE-2024-42009
Vendor: Roundcube
Product: Webmail
Date Added: 2025-06-09
Vulnerability: RoundCube Webmail Cross-Site Scripting Vulnerability
Notes: https://roundcube.net/news/2024/08/04/security-updates-1.6.8-and-1.5.8 ; https://nvd.nist.gov/vuln/detail/CVE-2024-42009
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-42009
updated 2025-06-09T19:15:24.923000
1 posts
Austin Hackers Anonymous with several good disclosures today for Quantana and Microhard gear.
https://takeonme.org/cves/cve-2025-32455/
https://takeonme.org/cves/cve-2025-32456/
https://takeonme.org/cves/cve-2025-32457/
https://takeonme.org/cves/cve-2025-32458/
https://takeonme.org/cves/cve-2025-32459/
https://takeonme.org/cves/cve-2025-3459/
https://takeonme.org/cves/cve-2025-3460/
https://takeonme.org/cves/cve-2025-3461/
https://takeonme.org/cves/cve-2025-35004/
https://takeonme.org/cves/cve-2025-35005/
https://takeonme.org/cves/cve-2025-35006/
https://takeonme.org/cves/cve-2025-35007/
https://takeonme.org/cves/cve-2025-35008/
##updated 2025-06-09T19:15:24.810000
1 posts
Austin Hackers Anonymous with several good disclosures today for Quantana and Microhard gear.
https://takeonme.org/cves/cve-2025-32455/
https://takeonme.org/cves/cve-2025-32456/
https://takeonme.org/cves/cve-2025-32457/
https://takeonme.org/cves/cve-2025-32458/
https://takeonme.org/cves/cve-2025-32459/
https://takeonme.org/cves/cve-2025-3459/
https://takeonme.org/cves/cve-2025-3460/
https://takeonme.org/cves/cve-2025-3461/
https://takeonme.org/cves/cve-2025-35004/
https://takeonme.org/cves/cve-2025-35005/
https://takeonme.org/cves/cve-2025-35006/
https://takeonme.org/cves/cve-2025-35007/
https://takeonme.org/cves/cve-2025-35008/
##updated 2025-06-09T19:08:21.053000
1 posts
More Tenda:
https://nvd.nist.gov/vuln/detail/CVE-2025-5795 - https://lavender-bicycle-a5a.notion.site/Tenda-AC5-fromadvsetlanip-20a53a41781f805389dcd51fa04bc530
https://nvd.nist.gov/vuln/detail/CVE-2025-5798 - https://lavender-bicycle-a5a.notion.site/Tenda-AC8-fromSetSysTime-20a53a41781f807b9489fff42f262e11
https://nvd.nist.gov/vuln/detail/CVE-2025-5799 - https://lavender-bicycle-a5a.notion.site/Tenda-AC8-fromSetWirelessRepeat-20a53a41781f803d9156f0babaf94fca
https://nvd.nist.gov/vuln/detail/CVE-2025-5794 - https://lavender-bicycle-a5a.notion.site/Tenda-AC5-formSetPPTPUserList-20a53a41781f806faf61cef61ed929c0
##updated 2025-06-09T19:08:05.903000
1 posts
More Tenda:
https://nvd.nist.gov/vuln/detail/CVE-2025-5795 - https://lavender-bicycle-a5a.notion.site/Tenda-AC5-fromadvsetlanip-20a53a41781f805389dcd51fa04bc530
https://nvd.nist.gov/vuln/detail/CVE-2025-5798 - https://lavender-bicycle-a5a.notion.site/Tenda-AC8-fromSetSysTime-20a53a41781f807b9489fff42f262e11
https://nvd.nist.gov/vuln/detail/CVE-2025-5799 - https://lavender-bicycle-a5a.notion.site/Tenda-AC8-fromSetWirelessRepeat-20a53a41781f803d9156f0babaf94fca
https://nvd.nist.gov/vuln/detail/CVE-2025-5794 - https://lavender-bicycle-a5a.notion.site/Tenda-AC5-formSetPPTPUserList-20a53a41781f806faf61cef61ed929c0
##updated 2025-06-09T18:56:33.710000
1 posts
IBM Tivoli Monitoring critical vulnerability allows remote code execution
IBM addressed a critical vulnerability (CVE-2025-3357) in its Tivoli Monitoring infrastructure software that allows unauthenticated remote attackers to execute arbitrary code through improper validation of dynamically allocated array index values. Organizations should immediately upgrade to IBM Tivoli Monitoring version 6.3.0.7-SP0020. No workarounds are available.
**If you are running IBM Tivoli Monitoring, make sure it's isolated from the internet and accessible only from trusted networks. Then plan a quick patch cycle. Don't ignore this one, someone will find a way to exploit it.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/ibm-tivoli-monitoring-critical-vulnerability-allows-remote-code-execution-0-e-f-1-g/gD2P6Ple2L
updated 2025-06-09T18:32:16
2 posts
This is critical CVE-2025-31022 vulnerability. There's no patch.
“If you’re a PayU CommercePro user, please deactivate and delete the plugin.”
Infosecurity-Magazine: PayU Plugin Flaw Allows Account Takeover on 5000 WordPress Sites https://www.infosecurity-magazine.com/news/payu-plugin-flaw-wordpress-account/ #cybersecurity #Infosec #WordPress
##Critical account takeover flaw reported in WordPress PayU India plugin
A critical vulnerability (CVE-2025-31022) in the WordPress PayU India plugin allows unauthenticated attackers to hijack any user account, including administrators, through exploitation of insecure API routes and hardcoded email validation that enables token generation and session manipulation.
**If you are PayU India plugin, be aware that it's critically vulnerable with no fixes. Immediately deactivate and the plugin from your WordPress installations.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-account-takeover-flaw-reported-in-wordpress-payu-india-plugin-b-x-v-q-h/gD2P6Ple2L
updated 2025-06-09T15:32:48
1 posts
More Tenda:
https://nvd.nist.gov/vuln/detail/CVE-2025-5795 - https://lavender-bicycle-a5a.notion.site/Tenda-AC5-fromadvsetlanip-20a53a41781f805389dcd51fa04bc530
https://nvd.nist.gov/vuln/detail/CVE-2025-5798 - https://lavender-bicycle-a5a.notion.site/Tenda-AC8-fromSetSysTime-20a53a41781f807b9489fff42f262e11
https://nvd.nist.gov/vuln/detail/CVE-2025-5799 - https://lavender-bicycle-a5a.notion.site/Tenda-AC8-fromSetWirelessRepeat-20a53a41781f803d9156f0babaf94fca
https://nvd.nist.gov/vuln/detail/CVE-2025-5794 - https://lavender-bicycle-a5a.notion.site/Tenda-AC5-formSetPPTPUserList-20a53a41781f806faf61cef61ed929c0
##updated 2025-06-09T15:32:48
1 posts
The new #curl CVE-2025-5399 is an infinite loop in the WebSocket code: https://curl.se/docs/CVE-2025-5399.html
##updated 2025-06-09T15:31:42
1 posts
More Tenda:
https://nvd.nist.gov/vuln/detail/CVE-2025-5795 - https://lavender-bicycle-a5a.notion.site/Tenda-AC5-fromadvsetlanip-20a53a41781f805389dcd51fa04bc530
https://nvd.nist.gov/vuln/detail/CVE-2025-5798 - https://lavender-bicycle-a5a.notion.site/Tenda-AC8-fromSetSysTime-20a53a41781f807b9489fff42f262e11
https://nvd.nist.gov/vuln/detail/CVE-2025-5799 - https://lavender-bicycle-a5a.notion.site/Tenda-AC8-fromSetWirelessRepeat-20a53a41781f803d9156f0babaf94fca
https://nvd.nist.gov/vuln/detail/CVE-2025-5794 - https://lavender-bicycle-a5a.notion.site/Tenda-AC5-formSetPPTPUserList-20a53a41781f806faf61cef61ed929c0
##updated 2025-06-09T15:31:37
1 posts
updated 2025-06-09T14:15:24.393000
1 posts
Make sure Signal is up to date, especially on Android. This seems like an unlikely vuln to have much impact, but different threat models, etc.
##A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
updated 2025-06-09T12:31:18
3 posts
Critical vulnerability discovered in ManageEngine Exchange Reporter Plus
ManageEngine addressed a critical vulnerability (CVE-2025-3835) in its Exchange Reporter Plus email monitoring solution that allows authenticated attackers to execute arbitrary commands through the Content Search module, affecting all builds numbered 5721 and below.
**If you're running ManageEngine Exchange Reporter Plus build 5721 or older, you have a critical vulnerability that lets attackers take over your server completely. You are not safe just because this tool is internal to your organizations - hackers can breach credentials, and malicious insiders can abuse the system. Update to build 5722 or later ASAP.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-vulnerability-discovered-in-manageengine-exchange-reporter-plus-c-x-a-d-0/gD2P6Ple2L
Critical vulnerability discovered in ManageEngine Exchange Reporter Plus
ManageEngine addressed a critical vulnerability (CVE-2025-3835) in its Exchange Reporter Plus email monitoring solution that allows authenticated attackers to execute arbitrary commands through the Content Search module, affecting all builds numbered 5721 and below.
**If you're running ManageEngine Exchange Reporter Plus build 5721 or older, you have a critical vulnerability that lets attackers take over your server completely. You are not safe just because this tool is internal to your organizations - hackers can breach credentials, and malicious insiders can abuse the system. Update to build 5722 or later ASAP.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-vulnerability-discovered-in-manageengine-exchange-reporter-plus-c-x-a-d-0/gD2P6Ple2L
Zohocorp ManageEngine with a sev:CRIT and three sev:HIGH CVEs.
https://www.manageengine.com/products/exchange-reports/advisory/CVE-2025-3835.html
https://www.manageengine.com/products/active-directory-audit/cve-2025-41444.html
https://www.manageengine.com/products/active-directory-audit/cve-2025-27709.html
https://www.manageengine.com/products/active-directory-audit/cve-2025-36528.html
##updated 2025-06-09T12:31:18
1 posts
Zohocorp ManageEngine with a sev:CRIT and three sev:HIGH CVEs.
https://www.manageengine.com/products/exchange-reports/advisory/CVE-2025-3835.html
https://www.manageengine.com/products/active-directory-audit/cve-2025-41444.html
https://www.manageengine.com/products/active-directory-audit/cve-2025-27709.html
https://www.manageengine.com/products/active-directory-audit/cve-2025-36528.html
##updated 2025-06-09T12:31:12
1 posts
Zohocorp ManageEngine with a sev:CRIT and three sev:HIGH CVEs.
https://www.manageengine.com/products/exchange-reports/advisory/CVE-2025-3835.html
https://www.manageengine.com/products/active-directory-audit/cve-2025-41444.html
https://www.manageengine.com/products/active-directory-audit/cve-2025-27709.html
https://www.manageengine.com/products/active-directory-audit/cve-2025-36528.html
##updated 2025-06-09T12:15:47.880000
1 posts
Zohocorp ManageEngine with a sev:CRIT and three sev:HIGH CVEs.
https://www.manageengine.com/products/exchange-reports/advisory/CVE-2025-3835.html
https://www.manageengine.com/products/active-directory-audit/cve-2025-41444.html
https://www.manageengine.com/products/active-directory-audit/cve-2025-27709.html
https://www.manageengine.com/products/active-directory-audit/cve-2025-36528.html
##updated 2025-06-09T12:15:47.880000
1 posts
Austin Hackers Anonymous with several good disclosures today for Quantana and Microhard gear.
https://takeonme.org/cves/cve-2025-32455/
https://takeonme.org/cves/cve-2025-32456/
https://takeonme.org/cves/cve-2025-32457/
https://takeonme.org/cves/cve-2025-32458/
https://takeonme.org/cves/cve-2025-32459/
https://takeonme.org/cves/cve-2025-3459/
https://takeonme.org/cves/cve-2025-3460/
https://takeonme.org/cves/cve-2025-3461/
https://takeonme.org/cves/cve-2025-35004/
https://takeonme.org/cves/cve-2025-35005/
https://takeonme.org/cves/cve-2025-35006/
https://takeonme.org/cves/cve-2025-35007/
https://takeonme.org/cves/cve-2025-35008/
##updated 2025-06-09T12:15:47.880000
1 posts
Austin Hackers Anonymous with several good disclosures today for Quantana and Microhard gear.
https://takeonme.org/cves/cve-2025-32455/
https://takeonme.org/cves/cve-2025-32456/
https://takeonme.org/cves/cve-2025-32457/
https://takeonme.org/cves/cve-2025-32458/
https://takeonme.org/cves/cve-2025-32459/
https://takeonme.org/cves/cve-2025-3459/
https://takeonme.org/cves/cve-2025-3460/
https://takeonme.org/cves/cve-2025-3461/
https://takeonme.org/cves/cve-2025-35004/
https://takeonme.org/cves/cve-2025-35005/
https://takeonme.org/cves/cve-2025-35006/
https://takeonme.org/cves/cve-2025-35007/
https://takeonme.org/cves/cve-2025-35008/
##updated 2025-06-09T06:30:22
9 posts
7 repos
https://github.com/BiiTts/Roundcube-CVE-2025-49113
https://github.com/rxerium/CVE-2025-49113
https://github.com/Ademking/CVE-2025-49113-nuclei-template
https://github.com/rasool13x/exploit-CVE-2025-49113
https://github.com/hakaioffsec/CVE-2025-49113-exploit
🚨CVE-2025-49113: Proof of Concept Demonstrating Remote Code Execution Through Insecure Deserialization in Roundcube
##Over 84,000 Roundcube instances vulnerable to actively exploited flaw
Over 84,000 instances of the Roundcube webmail software are vulnerable to CVE-2025-49113, a critical remote code execution (RCE) vulnerability with...
🔗️ [Bleepingcomputer] https://link.is.it/ru6ss2
##Today. It took until today for CVE-2025-49113 to get added to the KEV Catalog.
##A critical RCE vulnerability in Roundcube webmail, CVE-2025-49113, affects versions 1.1.0 to 1.6.10. It allows attacks via PHP object deserialization, impacting 1.2M instances. A patch was issued on June 1, 2025 https://alternativeto.net/news/2025/6/hackers-exploit-critical-roundcube-flaw-enabling-large-scale-remote-code-execution/
##Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113) https://www.helpnetsecurity.com/2025/06/09/roundcube-rce-dark-web-activity-signals-imminent-attacks-cve-2025-49113/ #vulnerability #Shadowserver #Don'tmiss #Roundcube #Hotstuff #FearsOff #CERT-PL #exploit #News #PoC
##Critical Roundcube Webmail vulnerability exploited within days of disclosure
The critical decade-old Roundcube vulnerability (CVE-2025-49113, CVSS 9.9) is now being actively exploited and dubbed "email armageddon". Cybercriminals are selling working exploits on underground forums just 48 hours after patches were released. The vulnerability affects an estimated 53 million hosts globally including major hosting providers like GoDaddy and Hostinger.
**If you still didn't patch your Roundcube webmail installations, DO IT NOW! The critical flaw is already weaponized and attacks have started. And with leaked passwords, be certain that you will be hacked.**
#cybersecurity #infosec #attack #activeattack
https://beyondmachines.net/event_details/critical-roundcube-webmail-vulnerability-exploited-within-days-of-disclosure-5-g-7-8-1/gD2P6Ple2L
Hacker selling critical Roundcube webmail exploit as tech info disclosed
Hackers are actively exploiting CVE-2025-49113, a critical vulnerability in the widely used Roundcube open-source webmail application that allows...
🔗️ [Bleepingcomputer] https://link.is.it/SheHlV
###RoundCube bugs are nearly always a big deal. Pay attention to this one, CVE-2025-49113. I’d be surprised if a #PoC #exploit takes longer than a day or two to surface.
It does require the attacker to have an account, but that’s sometimes a pretty low barrier to entry (depending on the site).
https://infosec.exchange/@securityaffairs/114624890006086560
Critical decade-old flaw in Roundcube Webmail enables remote code execution
A critical decade-old vulnerability (CVE-2025-49113) has been discovered in Roundcube Webmail, allowing post-authenticated remote code execution through PHP object deserialization flaws in URL parameter handling.
**Update your Roundcube webmail installations to version 1.6.11 or 1.5.10 LTS immediately. This is a critical flaw and the only barrier is a valid login - which can be easily bypassed with phishing or through recycled passwords. Since proof-of-concept exploit code will be released soon, hackers will be attacking your Roundcube.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-decade-old-flaw-in-roundcube-webmail-enables-remote-code-execution-d-x-i-1-u/gD2P6Ple2L
updated 2025-06-08T21:30:37
1 posts
Austin Hackers Anonymous with several good disclosures today for Quantana and Microhard gear.
https://takeonme.org/cves/cve-2025-32455/
https://takeonme.org/cves/cve-2025-32456/
https://takeonme.org/cves/cve-2025-32457/
https://takeonme.org/cves/cve-2025-32458/
https://takeonme.org/cves/cve-2025-32459/
https://takeonme.org/cves/cve-2025-3459/
https://takeonme.org/cves/cve-2025-3460/
https://takeonme.org/cves/cve-2025-3461/
https://takeonme.org/cves/cve-2025-35004/
https://takeonme.org/cves/cve-2025-35005/
https://takeonme.org/cves/cve-2025-35006/
https://takeonme.org/cves/cve-2025-35007/
https://takeonme.org/cves/cve-2025-35008/
##updated 2025-06-08T21:30:37
1 posts
Austin Hackers Anonymous with several good disclosures today for Quantana and Microhard gear.
https://takeonme.org/cves/cve-2025-32455/
https://takeonme.org/cves/cve-2025-32456/
https://takeonme.org/cves/cve-2025-32457/
https://takeonme.org/cves/cve-2025-32458/
https://takeonme.org/cves/cve-2025-32459/
https://takeonme.org/cves/cve-2025-3459/
https://takeonme.org/cves/cve-2025-3460/
https://takeonme.org/cves/cve-2025-3461/
https://takeonme.org/cves/cve-2025-35004/
https://takeonme.org/cves/cve-2025-35005/
https://takeonme.org/cves/cve-2025-35006/
https://takeonme.org/cves/cve-2025-35007/
https://takeonme.org/cves/cve-2025-35008/
##updated 2025-06-08T21:30:37
1 posts
Austin Hackers Anonymous with several good disclosures today for Quantana and Microhard gear.
https://takeonme.org/cves/cve-2025-32455/
https://takeonme.org/cves/cve-2025-32456/
https://takeonme.org/cves/cve-2025-32457/
https://takeonme.org/cves/cve-2025-32458/
https://takeonme.org/cves/cve-2025-32459/
https://takeonme.org/cves/cve-2025-3459/
https://takeonme.org/cves/cve-2025-3460/
https://takeonme.org/cves/cve-2025-3461/
https://takeonme.org/cves/cve-2025-35004/
https://takeonme.org/cves/cve-2025-35005/
https://takeonme.org/cves/cve-2025-35006/
https://takeonme.org/cves/cve-2025-35007/
https://takeonme.org/cves/cve-2025-35008/
##updated 2025-06-08T21:30:37
1 posts
Austin Hackers Anonymous with several good disclosures today for Quantana and Microhard gear.
https://takeonme.org/cves/cve-2025-32455/
https://takeonme.org/cves/cve-2025-32456/
https://takeonme.org/cves/cve-2025-32457/
https://takeonme.org/cves/cve-2025-32458/
https://takeonme.org/cves/cve-2025-32459/
https://takeonme.org/cves/cve-2025-3459/
https://takeonme.org/cves/cve-2025-3460/
https://takeonme.org/cves/cve-2025-3461/
https://takeonme.org/cves/cve-2025-35004/
https://takeonme.org/cves/cve-2025-35005/
https://takeonme.org/cves/cve-2025-35006/
https://takeonme.org/cves/cve-2025-35007/
https://takeonme.org/cves/cve-2025-35008/
##updated 2025-06-08T21:30:37
1 posts
Austin Hackers Anonymous with several good disclosures today for Quantana and Microhard gear.
https://takeonme.org/cves/cve-2025-32455/
https://takeonme.org/cves/cve-2025-32456/
https://takeonme.org/cves/cve-2025-32457/
https://takeonme.org/cves/cve-2025-32458/
https://takeonme.org/cves/cve-2025-32459/
https://takeonme.org/cves/cve-2025-3459/
https://takeonme.org/cves/cve-2025-3460/
https://takeonme.org/cves/cve-2025-3461/
https://takeonme.org/cves/cve-2025-35004/
https://takeonme.org/cves/cve-2025-35005/
https://takeonme.org/cves/cve-2025-35006/
https://takeonme.org/cves/cve-2025-35007/
https://takeonme.org/cves/cve-2025-35008/
##updated 2025-06-08T21:30:37
1 posts
Austin Hackers Anonymous with several good disclosures today for Quantana and Microhard gear.
https://takeonme.org/cves/cve-2025-32455/
https://takeonme.org/cves/cve-2025-32456/
https://takeonme.org/cves/cve-2025-32457/
https://takeonme.org/cves/cve-2025-32458/
https://takeonme.org/cves/cve-2025-32459/
https://takeonme.org/cves/cve-2025-3459/
https://takeonme.org/cves/cve-2025-3460/
https://takeonme.org/cves/cve-2025-3461/
https://takeonme.org/cves/cve-2025-35004/
https://takeonme.org/cves/cve-2025-35005/
https://takeonme.org/cves/cve-2025-35006/
https://takeonme.org/cves/cve-2025-35007/
https://takeonme.org/cves/cve-2025-35008/
##updated 2025-06-08T21:30:30
1 posts
Austin Hackers Anonymous with several good disclosures today for Quantana and Microhard gear.
https://takeonme.org/cves/cve-2025-32455/
https://takeonme.org/cves/cve-2025-32456/
https://takeonme.org/cves/cve-2025-32457/
https://takeonme.org/cves/cve-2025-32458/
https://takeonme.org/cves/cve-2025-32459/
https://takeonme.org/cves/cve-2025-3459/
https://takeonme.org/cves/cve-2025-3460/
https://takeonme.org/cves/cve-2025-3461/
https://takeonme.org/cves/cve-2025-35004/
https://takeonme.org/cves/cve-2025-35005/
https://takeonme.org/cves/cve-2025-35006/
https://takeonme.org/cves/cve-2025-35007/
https://takeonme.org/cves/cve-2025-35008/
##updated 2025-06-08T21:30:30
1 posts
Austin Hackers Anonymous with several good disclosures today for Quantana and Microhard gear.
https://takeonme.org/cves/cve-2025-32455/
https://takeonme.org/cves/cve-2025-32456/
https://takeonme.org/cves/cve-2025-32457/
https://takeonme.org/cves/cve-2025-32458/
https://takeonme.org/cves/cve-2025-32459/
https://takeonme.org/cves/cve-2025-3459/
https://takeonme.org/cves/cve-2025-3460/
https://takeonme.org/cves/cve-2025-3461/
https://takeonme.org/cves/cve-2025-35004/
https://takeonme.org/cves/cve-2025-35005/
https://takeonme.org/cves/cve-2025-35006/
https://takeonme.org/cves/cve-2025-35007/
https://takeonme.org/cves/cve-2025-35008/
##updated 2025-06-08T21:30:30
1 posts
Austin Hackers Anonymous with several good disclosures today for Quantana and Microhard gear.
https://takeonme.org/cves/cve-2025-32455/
https://takeonme.org/cves/cve-2025-32456/
https://takeonme.org/cves/cve-2025-32457/
https://takeonme.org/cves/cve-2025-32458/
https://takeonme.org/cves/cve-2025-32459/
https://takeonme.org/cves/cve-2025-3459/
https://takeonme.org/cves/cve-2025-3460/
https://takeonme.org/cves/cve-2025-3461/
https://takeonme.org/cves/cve-2025-35004/
https://takeonme.org/cves/cve-2025-35005/
https://takeonme.org/cves/cve-2025-35006/
https://takeonme.org/cves/cve-2025-35007/
https://takeonme.org/cves/cve-2025-35008/
##updated 2025-06-08T21:30:29
1 posts
Austin Hackers Anonymous with several good disclosures today for Quantana and Microhard gear.
https://takeonme.org/cves/cve-2025-32455/
https://takeonme.org/cves/cve-2025-32456/
https://takeonme.org/cves/cve-2025-32457/
https://takeonme.org/cves/cve-2025-32458/
https://takeonme.org/cves/cve-2025-32459/
https://takeonme.org/cves/cve-2025-3459/
https://takeonme.org/cves/cve-2025-3460/
https://takeonme.org/cves/cve-2025-3461/
https://takeonme.org/cves/cve-2025-35004/
https://takeonme.org/cves/cve-2025-35005/
https://takeonme.org/cves/cve-2025-35006/
https://takeonme.org/cves/cve-2025-35007/
https://takeonme.org/cves/cve-2025-35008/
##updated 2025-06-08T21:30:29
1 posts
Austin Hackers Anonymous with several good disclosures today for Quantana and Microhard gear.
https://takeonme.org/cves/cve-2025-32455/
https://takeonme.org/cves/cve-2025-32456/
https://takeonme.org/cves/cve-2025-32457/
https://takeonme.org/cves/cve-2025-32458/
https://takeonme.org/cves/cve-2025-32459/
https://takeonme.org/cves/cve-2025-3459/
https://takeonme.org/cves/cve-2025-3460/
https://takeonme.org/cves/cve-2025-3461/
https://takeonme.org/cves/cve-2025-35004/
https://takeonme.org/cves/cve-2025-35005/
https://takeonme.org/cves/cve-2025-35006/
https://takeonme.org/cves/cve-2025-35007/
https://takeonme.org/cves/cve-2025-35008/
##updated 2025-06-06T21:31:29
1 posts
updated 2025-06-06T21:31:29
1 posts
updated 2025-06-06T21:31:29
1 posts
updated 2025-06-06T21:31:29
1 posts
updated 2025-06-06T20:10:46.310000
1 posts
updated 2025-06-06T18:48:46.463000
1 posts
updated 2025-06-06T18:31:34
1 posts
@Dio9sys @da_667 Three perfect 10 D-Link CVEs published from this list. 🥳
https://nvd.nist.gov/vuln/detail/CVE-2025-5622
##updated 2025-06-06T18:31:34
1 posts
updated 2025-06-06T18:30:38
1 posts
Moar fresh TOTOSTINK TOTOLINK for @Dio9sys and @da_667
https://github.com/awindog/cve
https://nvd.nist.gov/vuln/detail/CVE-2025-5788 and more to be published.
##updated 2025-06-06T18:30:30
1 posts
@Dio9sys @da_667 Three perfect 10 D-Link CVEs published from this list. 🥳
https://nvd.nist.gov/vuln/detail/CVE-2025-5622
##updated 2025-06-06T18:30:29
1 posts
@Dio9sys @da_667 Three perfect 10 D-Link CVEs published from this list. 🥳
https://nvd.nist.gov/vuln/detail/CVE-2025-5622
##updated 2025-06-06T18:30:29
1 posts
updated 2025-06-06T15:31:04
1 posts
Industrial Raspberry Pi? Да нет.
https://www.kunbus.com/en/productsecurity/Kunbus-2025-0000003
sev:CRIT 9.8 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
##The RevPi Webstatus application is vulnerable to an authentication bypass. The password check is vulnerable to a implicit type conversion. That results in a wrong authentication if the JSON value TRUE is provided in the password parameter hashcode.
updated 2025-06-06T15:31:00
1 posts
Go hack the Konami code.
##Cross-Site Request Forgery (CSRF) vulnerability in Adrian Hanft Konami Easter Egg allows Stored XSS. This issue affects Konami Easter Egg: from n/a through v0.4.
updated 2025-06-06T14:07:28.330000
3 posts
Microsoft reports critical flaw in Power Automate
Microsoft disclosed a critical vulnerability (CVE-2025-47966) in its Power Automate platform that enabled threat actors to access sensitive information and escalate privileges across target networks, potentially leading to complete system compromise. Microsoft has already implemented server-side patches. It's not clear whether the flaw was exploited before remediation.
**You don't need to do anything about this flaw. It's already patched. But be aware that the provider had a flaw. If you have an Enterprise account, reach out for more details about any possible breaches that may have affected you.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/microsoft-reports-critical-flaw-in-power-automate-c-6-d-t-l/gD2P6Ple2L
Microsoft posted this new vulnerability yesterday.
Power Automate Elevation of Privilege Vulnerability - CVE-2025-47966 - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47966 #Microsoft #cybersecurity #infosec
##Power Automate Elevation of Privilege Vulnerability
The vulnerability documented by this CVE requires no customer action to resolve
sev:CRIT 9.8 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47966
##Exposure of sensitive information to an unauthorized actor in Power Automate allows an unauthorized attacker to elevate privileges over a network.
updated 2025-06-06T14:07:28.330000
1 posts
Fresh TOTOLINK for @Dio9sys and @da_667 .
https://github.com/Lena-lyy/cve
https://nvd.nist.gov/vuln/detail/CVE-2025-5734
https://nvd.nist.gov/vuln/detail/CVE-2025-5735
https://nvd.nist.gov/vuln/detail/CVE-2025-5736
https://nvd.nist.gov/vuln/detail/CVE-2025-5737
##updated 2025-06-06T14:07:28.330000
1 posts
Fresh TOTOLINK for @Dio9sys and @da_667 .
https://github.com/Lena-lyy/cve
https://nvd.nist.gov/vuln/detail/CVE-2025-5734
https://nvd.nist.gov/vuln/detail/CVE-2025-5735
https://nvd.nist.gov/vuln/detail/CVE-2025-5736
https://nvd.nist.gov/vuln/detail/CVE-2025-5737
##updated 2025-06-06T14:07:28.330000
1 posts
More CVEs in medical kit. This time it's B. Braun. And one is a perfect 10. 🥳
https://nvd.nist.gov/vuln/detail/CVE-2025-3322
##updated 2025-06-06T09:30:33
1 posts
Fresh TOTOLINK for @Dio9sys and @da_667 .
https://github.com/Lena-lyy/cve
https://nvd.nist.gov/vuln/detail/CVE-2025-5734
https://nvd.nist.gov/vuln/detail/CVE-2025-5735
https://nvd.nist.gov/vuln/detail/CVE-2025-5736
https://nvd.nist.gov/vuln/detail/CVE-2025-5737
##updated 2025-06-06T09:30:33
1 posts
More CVEs in medical kit. This time it's B. Braun. And one is a perfect 10. 🥳
https://nvd.nist.gov/vuln/detail/CVE-2025-3322
##updated 2025-06-06T09:30:32
1 posts
Fresh TOTOLINK for @Dio9sys and @da_667 .
https://github.com/Lena-lyy/cve
https://nvd.nist.gov/vuln/detail/CVE-2025-5734
https://nvd.nist.gov/vuln/detail/CVE-2025-5735
https://nvd.nist.gov/vuln/detail/CVE-2025-5736
https://nvd.nist.gov/vuln/detail/CVE-2025-5737
##updated 2025-06-06T09:30:32
1 posts
Fresh TOTOLINK for @Dio9sys and @da_667 .
https://github.com/Lena-lyy/cve
https://nvd.nist.gov/vuln/detail/CVE-2025-5734
https://nvd.nist.gov/vuln/detail/CVE-2025-5735
https://nvd.nist.gov/vuln/detail/CVE-2025-5736
https://nvd.nist.gov/vuln/detail/CVE-2025-5737
##updated 2025-06-06T09:30:26
1 posts
Fresh TOTOLINK for @Dio9sys and @da_667 .
https://github.com/Lena-lyy/cve
https://nvd.nist.gov/vuln/detail/CVE-2025-5734
https://nvd.nist.gov/vuln/detail/CVE-2025-5735
https://nvd.nist.gov/vuln/detail/CVE-2025-5736
https://nvd.nist.gov/vuln/detail/CVE-2025-5737
##updated 2025-06-06T09:30:26
1 posts
More CVEs in medical kit. This time it's B. Braun. And one is a perfect 10. 🥳
https://nvd.nist.gov/vuln/detail/CVE-2025-3322
##updated 2025-06-06T04:15:41.237000
1 posts
Oh look, there's a new CVE published for perl. I better make sure it's the current version so the nerds don't make a thing of it.
https://rt.cpan.org/Public/Bug/Display.html?id=64504
Wed Jan 05 15:47:17 2011
Never mind then.
##updated 2025-06-05T21:15:22.873000
1 posts
Ooh, this could be a fun one for some of you.
https://sourceware.org/bugzilla/show_bug.cgi?id=33056
##The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.
updated 2025-06-05T20:12:23.777000
2 posts
Endor Labs emailed me with an analysis of this Llama index SQL Injection vulnerability. Yeah, it's an ad, but it's a good writeup.
##Go SQLi more AI shit.
https://huntr.com/bounties/8cb1555a-9655-4122-b0d6-60059e79183c
sev:CRIT 9.8 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
##Multiple vector store integrations in run-llama/llama_index version v0.12.21 have SQL injection vulnerabilities. These vulnerabilities allow an attacker to read and write data using SQL, potentially leading to unauthorized access to data of other users depending on the usage of the llama-index library in a web application.
updated 2025-06-05T20:12:23.777000
1 posts
Analyzing 30 days of Dependabot PR data shows how security vulnerabilities propagate through package ecosystems.
The recent rack security fix (CVE-2025-49007, https://github.com/advisories/GHSA-47m2-26rw-j2jw) generated 1,407 dependabot pull requests across GitHub repositories between June 4-7, representing about 23% of all repositories that received rack updates during this period.
##updated 2025-06-05T20:12:23.777000
1 posts
XSS, SQLi, and ../ in some Joomla! stuff if that's your thing.
https://nvd.nist.gov/vuln/detail/CVE-2025-27754
https://nvd.nist.gov/vuln/detail/CVE-2025-27753
##updated 2025-06-05T20:12:23.777000
1 posts
updated 2025-06-05T20:12:23.777000
1 posts
1 repos
updated 2025-06-05T20:12:23.777000
1 posts
updated 2025-06-05T20:12:23.777000
1 posts
updated 2025-06-05T20:12:23.777000
1 posts
VMWare with a sev:HIGH advisory for three CVEs in NSX. CVE-2025-22243, CVE-2025-22244, CVE-2025-22245
updated 2025-06-05T20:12:23.777000
1 posts
updated 2025-06-05T15:31:39
1 posts
XSS, SQLi, and ../ in some Joomla! stuff if that's your thing.
https://nvd.nist.gov/vuln/detail/CVE-2025-27754
https://nvd.nist.gov/vuln/detail/CVE-2025-27753
##updated 2025-06-05T15:31:38
1 posts
XSS, SQLi, and ../ in some Joomla! stuff if that's your thing.
https://nvd.nist.gov/vuln/detail/CVE-2025-27754
https://nvd.nist.gov/vuln/detail/CVE-2025-27753
##updated 2025-06-05T15:31:38
1 posts
XSS, SQLi, and ../ in some Joomla! stuff if that's your thing.
https://nvd.nist.gov/vuln/detail/CVE-2025-27754
https://nvd.nist.gov/vuln/detail/CVE-2025-27753
##updated 2025-06-05T15:31:38
1 posts
updated 2025-06-05T14:07:36.847000
1 posts
Multiple vulnerabilities reported in DataEase Platform exposing risk of system compromise
DataEase, an open-source business intelligence platform, disclosed multiple critical vulnerabilities including authentication bypass (CVE-2025-49001) that allows JWT token forging and remote code execution flaws (CVE-2025-49002 and CVE-2025-48999) that bypass previous security patches through case sensitivity variations and malicious JDBC statements.
**If you are using DataEase, pmake sure to isolate it from the internet and allow access only from trusted networks. Then plan a quick upgrade to version 2.10.10 or later. There are at least two scary (and fairly dumb) exploits that can compromise your DataEase.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/multiple-vulnerabilities-reported-in-dataease-platform-exposing-risk-of-system-compromise-c-w-z-r-5/gD2P6Ple2L
updated 2025-06-05T12:31:20
1 posts
2 repos
updated 2025-06-05T12:31:15
1 posts
updated 2025-06-05T09:30:33
1 posts
updated 2025-06-05T09:30:33
1 posts
updated 2025-06-05T09:30:33
1 posts
updated 2025-06-05T09:30:33
1 posts
updated 2025-06-05T09:30:33
1 posts
updated 2025-06-05T09:30:33
1 posts
updated 2025-06-05T09:30:33
1 posts
updated 2025-06-05T09:30:24
1 posts
updated 2025-06-05T06:30:33
1 posts
updated 2025-06-05T00:31:24
1 posts
updated 2025-06-05T00:31:24
1 posts
updated 2025-06-05T00:31:20
1 posts
updated 2025-06-04T22:57:14
1 posts
updated 2025-06-04T22:57:04
1 posts
updated 2025-06-04T22:56:55
1 posts
updated 2025-06-04T21:31:23
1 posts
updated 2025-06-04T21:31:22
1 posts
updated 2025-06-04T21:31:22
1 posts
VMWare with a sev:HIGH advisory for three CVEs in NSX. CVE-2025-22243, CVE-2025-22244, CVE-2025-22245
updated 2025-06-04T21:31:15
1 posts
VMWare with a sev:HIGH advisory for three CVEs in NSX. CVE-2025-22243, CVE-2025-22244, CVE-2025-22245
updated 2025-06-04T18:32:00
1 posts
updated 2025-06-04T18:31:05
1 posts
updated 2025-06-04T18:30:58
4 posts
1 repos
CVE-2025-20286 Vulnerability Exploitation: Critical Cisco ISE Flaw Affects AWS, Microsoft Azure, and OCI Cloud Deployments – Source: socprime.com https://ciso2ciso.com/cve-2025-20286-vulnerability-exploitation-critical-cisco-ise-flaw-affects-aws-microsoft-azure-and-oci-cloud-deployments-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #CVE-2025-20286 #Latestthreats #Vulnerability #socprimecom #socprime #Blog #CVE
##The security defect, tracked as CVE-2025-20286, carries a CVSS score of 9.9 out of 10.0. It has been described as a static credential vulnerability. https://thehackernews.com/2025/06/critical-cisco-ise-auth-bypass-flaw.html
##Critical flaw in Cisco Identity Services Engine Cloud Deployment exposes multiple platforms
Cisco reports a critical vulnerability (CVE-2025-20286, CVSS 9.9) in cloud deployments of its Identity Services Engine where generated static credentials are shared across multiple separate ISE installations, allowing attackers to access other cloud environments using extracted credentials from one deployment.
**If you're running Cisco ISE in cloud environments (AWS, Azure, or OCI), time for an urgent but painful action. Either apply the hotfixes, upgrade to the latest patched versions or isolate the Cisco ISE to be onlyu accessible from trusted network and even do a factory reset. None of these actions are easy or less painful. So it's best to do the patching.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-flaw-in-cisco-identity-services-engine-cloud-deployment-exposes-multiple-platforms-d-m-f-f-7/gD2P6Ple2L
Fucking Cisco. Static creds strike again. Bugdoors forever.
sev:CRIT 9.9: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H/E:X/RL:X/RC:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:X/MI:X/MA:X
Platform Cisco ISE Vulnerable Releases
AWS 3.1, 3.2, 3.3, and 3.4
Azure 3.2, 3.3, and 3.4
OCI 3.2, 3.3, and 3.4
##A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) cloud deployments of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems.
This vulnerability exists because credentials are improperly generated when Cisco ISE is being deployed on cloud platforms, resulting in different Cisco ISE deployments sharing the same credentials. These credentials are shared across multiple Cisco ISE deployments as long as the software release and cloud platform are the same. An attacker could exploit this vulnerability by extracting the user credentials from Cisco ISE that is deployed in the cloud and then using them to access Cisco ISE that is deployed in other cloud environments through unsecured ports. A successful exploit could allow the attacker to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems.
updated 2025-06-04T18:30:57
1 posts
updated 2025-06-04T18:30:57
1 posts
updated 2025-06-04T18:28:13.103000
1 posts
updated 2025-06-04T17:23:58.387000
1 posts
Qualcomm patches actively exploited vulnerabilities in Adreno GPU Drivers
Qualcomm reports multiple vulnerabilities in its Adreno GPU drivers with three critical flaws (CVE-2025-21479, CVE-2025-21480, CVE-2025-27038) confirmed to be under active limited exploitation by Google's Threat Analysis Group. The vulnerabilities affect flagship Snapdragon processors and various connectivity modules.
**Unfortunately, you as users can't apply these patches directly. All you can do is be diligent with updating your phone OS and firmware as the updates from the vendor are released.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/qualcomm-patches-actively-exploited-vulnerabilities-in-adreno-gpu-drivers-q-3-0-1-q/gD2P6Ple2L
updated 2025-06-04T15:31:32
1 posts
Cisco updated this critical vulnerability today.
Cisco IOS XE Wireless Controller Software Arbitrary File Upload Vulnerability - CVE-2025-20188 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC @TalosSecurity #cybersecurity #infosec
##updated 2025-06-04T15:30:46
1 posts
updated 2025-06-04T15:30:46
1 posts
Another healthcare imaging vuln.
https://www.mimsoftware.com/cve-2025-1701
sev:HIGH 8.9 - CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
##CVE-2025-1701 is a high-severity vulnerability in the MIM Admin service. An attacker could exploit this vulnerability by sending a specially crafted request over the RMI interface to execute arbitrary code with the privileges of the MIM Admin service. The RMI interface is only accessible locally (listening on 127.0.0.1), limiting the attack vector to the local machine. This means that in a properly configured hospital environment, an attacker must have already compromised the network and additionally compromised the system where the MIM Admin service is running. From there, attackers with sufficient knowledge of MIM's implementation, library usage, and functionality with access to extend the MIM RMI library could force the MIM Admin service to run commands on the local machine with its privileges. Users of MIM Software products exposed via RDP or multi-user application virtualization system should take note that the system being exposed is the environment hosting the virtualized MIM client. This issue affects MIM Admin Service: before 7.2.13, 7.3.8, 7.4.3
updated 2025-06-04T15:30:41
1 posts
updated 2025-06-04T14:54:33.783000
1 posts
Cisco has tagged Bloomberg for zero-day reports (five listings) relating to CVE-2024-52561, CVE-2025-31359, CVE-2024-36486, CVE-2024-54189, and CVE-2025-23247 https://talosintelligence.com/vulnerability_info #cybersecurity #Infosec #Cisco #zeroday
##updated 2025-06-04T14:54:33.783000
1 posts
Cisco has tagged Bloomberg for zero-day reports (five listings) relating to CVE-2024-52561, CVE-2025-31359, CVE-2024-36486, CVE-2024-54189, and CVE-2025-23247 https://talosintelligence.com/vulnerability_info #cybersecurity #Infosec #Cisco #zeroday
##updated 2025-06-04T14:54:33.783000
1 posts
updated 2025-06-04T14:54:33.783000
1 posts
updated 2025-06-04T12:30:42
1 posts
Fire up Scapy and piss off your network engineers with one weird trick.
https://gitlab.com/wireshark/wireshark/-/issues/20509
sev:HIGH 7.8 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
##Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file
updated 2025-06-04T12:30:42
1 posts
updated 2025-06-04T09:31:35
1 posts
ABB EIBPORT Session Management Fail ( their words, not mine )
sev:CRIT 9.4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
##This vulnerability allows the successful attacker to gain unauthorized access to a configuration web page delivered by the integrated web Server of EIBPORT. This issue affects EIBPORT V3 KNX: through 3.9.8; EIBPORT V3 KNX GSM: through 3.9.8.
updated 2025-06-04T06:30:38
1 posts
updated 2025-06-04T06:30:37
1 posts
updated 2025-06-04T06:30:37
1 posts
updated 2025-06-03T18:30:52
1 posts
IBM reports multiple flaws in QRadar Suite, including one critical
IBM reports multiple vulnerabilities in its QRadar Suite Software and Cloud Pak for Security platforms, including a critical flaw (CVE-2025-25022) that allows unauthenticated attackers to access configuration files containing passwords and sensitive system information.
**Your IBM QRadar Suite Software stores passwords from configuration files which can be accessed without authentication. Make sure that QRadar is isolated and accessible only from trusted networks. Then patch to version 1.11.3.0 or later ASAP - because isolation can be broken and malicious insiders can still exploit the flaw.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/ibm-reports-multiple-flaws-in-qradar-suite-including-one-critical-d-6-c-m-9/gD2P6Ple2L
updated 2025-06-03T16:15:25.397000
1 posts
CVE-2025-45542: problemi di SQL Injection in PHP CloudClassroom
Un nuovo caso di SQL Injection time-based blind è emerso nel progetto open-source CloudClassroom PHP versione 1.0, assegnato alla CVE-2025-45542. La
🔗️ [Insicurezzadigitale] https://link.is.it/okqyhP
##updated 2025-06-03T15:32:28
9 posts
1 repos
In this week’s Cyber Intelligence Brief, AJ Nash dives into some urgent developments in the threat landscape. 🚨
This week:
Active exploitation of a Chrome zero-day (CVE-2025-5419) 🛠️
900+ confirmed Play ransomware victims 🎯
New ICS advisories highlighting critical infrastructure risks ⚠️
Get the insights you need to stay ahead of evolving threats and guidance on how to respond.
##New. There's a new version that addresses several vulnerabilities.
- High CVE-2025-4664 Insufficient policy enforcement in Loader
- High CVE-2025-5419 Out of bounds read and write in V8
- Fixes for CVE-2024-53164, CVE-2024-56770, CVE-2024-53125, CVE-2023-52926
Google: Long Term Support Channel Update for ChromeOS https://chromereleases.googleblog.com/2025/06/long-term-support-channel-update-for.html #Google #Chrome #cybersecurity #infoesc
##CVE-2025-5419 Vulnerability: New Google Chrome Zero-Day Actively Exploited in the Wild – Source: socprime.com https://ciso2ciso.com/cve-2025-5419-vulnerability-new-google-chrome-zero-day-actively-exploited-in-the-wild-source-socprime-com/ #socprime.com #0CISO2CISO
##The Register: Google quietly pushes emergency fix for Chrome 0-day as exploit runs wild. “Google Threat Analysis Group (TAG) team members Clement Lecigne and Benoît Sevens spotted the high-severity bug, tracked as CVE-2025-5419, on May 27. It’s an out-of-bounds read and write vulnerability in Chrome’s V8 JavaScript engine that could allow a remote attacker to corrupt memory and potentially […]
##📢 6 June Tech & Cyber Updates
#TechNews #CyberAlert #India 🇮🇳
🔹 ChatGPT Upgrade
Now records meetings + reads Google Drive & OneDrive files. 💼📁
🔹 Starlink in India
@JM_Scindia confirms Elon Musk’s satellite internet to launch soon. 🛰️
🔹 Noida Betting Scam Busted
Illegal call centre exposed in cybercrime crackdown. 📞💸
🔹 Emergency Chrome Update!
Patch critical vulnerability CVE-2025-5419 now! 🛡️
🔹 WhatsApp Image = Malware
Just downloading a photo can infect your phone. No OTP or link needed. ⚠️📷
CVE-2025-5419 in Chromium was added to the CISA KEV Catalog.
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
##CVE ID: CVE-2025-5419
Vendor: Google
Product: Chromium V8
Date Added: 2025-06-05
Vulnerability: Google Chromium V8 Out-of-Bounds Read and Write Vulnerability
Notes: https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop.html; https://nvd.nist.gov/vuln/detail/CVE-2025-5419",
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-5419
Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419) https://www.helpnetsecurity.com/2025/06/04/google-fixes-chrome-zero-day-with-in-the-wild-exploit-cve-2025-5419/ #MicrosoftEdge #Don'tmiss #Hotstuff #Chrome #Google #0-day #News
##updated 2025-06-03T12:30:37
1 posts
Cisco has tagged Bloomberg for zero-day reports (five listings) relating to CVE-2024-52561, CVE-2025-31359, CVE-2024-36486, CVE-2024-54189, and CVE-2025-23247 https://talosintelligence.com/vulnerability_info #cybersecurity #Infosec #Cisco #zeroday
##updated 2025-06-03T12:30:37
1 posts
Cisco has tagged Bloomberg for zero-day reports (five listings) relating to CVE-2024-52561, CVE-2025-31359, CVE-2024-36486, CVE-2024-54189, and CVE-2025-23247 https://talosintelligence.com/vulnerability_info #cybersecurity #Infosec #Cisco #zeroday
##updated 2025-06-03T09:32:11
1 posts
Qualcomm patches actively exploited vulnerabilities in Adreno GPU Drivers
Qualcomm reports multiple vulnerabilities in its Adreno GPU drivers with three critical flaws (CVE-2025-21479, CVE-2025-21480, CVE-2025-27038) confirmed to be under active limited exploitation by Google's Threat Analysis Group. The vulnerabilities affect flagship Snapdragon processors and various connectivity modules.
**Unfortunately, you as users can't apply these patches directly. All you can do is be diligent with updating your phone OS and firmware as the updates from the vendor are released.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/qualcomm-patches-actively-exploited-vulnerabilities-in-adreno-gpu-drivers-q-3-0-1-q/gD2P6Ple2L
updated 2025-06-03T06:31:22
1 posts
Qualcomm patches actively exploited vulnerabilities in Adreno GPU Drivers
Qualcomm reports multiple vulnerabilities in its Adreno GPU drivers with three critical flaws (CVE-2025-21479, CVE-2025-21480, CVE-2025-27038) confirmed to be under active limited exploitation by Google's Threat Analysis Group. The vulnerabilities affect flagship Snapdragon processors and various connectivity modules.
**Unfortunately, you as users can't apply these patches directly. All you can do is be diligent with updating your phone OS and firmware as the updates from the vendor are released.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/qualcomm-patches-actively-exploited-vulnerabilities-in-adreno-gpu-drivers-q-3-0-1-q/gD2P6Ple2L
updated 2025-06-02T18:31:36
1 posts
Cisco has tagged Bloomberg for zero-day reports (five listings) relating to CVE-2024-52561, CVE-2025-31359, CVE-2024-36486, CVE-2024-54189, and CVE-2025-23247 https://talosintelligence.com/vulnerability_info #cybersecurity #Infosec #Cisco #zeroday
##updated 2025-06-02T18:30:26
1 posts
If anyone can confirm CVE-2023-39780 is patched in the last ASUS Merlin firmware ever released for the RT-AC86U, I can withhold selling it, but will be doing a 30/30/30 reset.
##updated 2025-06-02T17:32:17.397000
1 posts
HPE patches multiple flaws in StoreOnce Backup, at least one critical authentication bypass
HPE reports eight vulnerabilities in its StoreOnce backup solution, including a critical authentication bypass flaw (CVE-2025-37093) that allows unauthenticated remote attackers to gain complete system access to enterprise backup infrastructure. Organizations using StoreOnce systems must immediately update to version 4.3.11.
**If you're using HPE StoreOnce backup systems, first make sure it's isolated and accessible only from trusted networks. Then plan a quick upgrade to version 4.3.11. Just isolating the system is not enough, hackers will find a way in the network via some other mechanism (phishing or vulnerable edge device).**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/hpe-patches-multiple-flaws-in-storeonce-backup-at-least-one-critical-authentication-bypass-p-v-9-j-c/gD2P6Ple2L
updated 2025-05-30T18:31:27
1 posts
1 repos
updated 2025-05-29T14:15:34.340000
1 posts
1 repos
Windows Admins—Don’t Delete That Empty inetpub Folder!
Microsoft has released a PowerShell script to restore the C:\inetpub folder created by the April 2025 security update after many users mistakenly deleted it, not realizing it plays a critical role in mitigating a high-severity privilege escalation vulnerability (CVE-2025-21204).
This seemingly empty folder helps protect against attackers escalating privileges using symbolic link abuse, and deleting it can leave your organization vulnerable. If you have already deleted it, Microsoft has a restoration script.
Read the details: https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-script-to-restore-inetpub-folder-you-shouldnt-delete/
#WindowsSecurity #PowerShell #CVE202521204 #PrivilegeEscalation #PatchManagement #Cybersecurity #ITAdmin #Microsoft #CISO #Infosec #IT
##updated 2025-05-28T09:31:27
1 posts
Remote Code Execution on Evertz SDVN (CVE-2025-4009 - Full Disclosure) https://www.onekey.com/resource/security-advisory-remote-code-execution-on-evertz-svdn-cve-2025-4009
##updated 2025-05-24T19:15:23.640000
1 posts
2 repos
Es ist mit dieser Studie ein bisschen wie mit dem Zero-Day-Bug in Linux, den jemand letzte Woche mit o3 gefunden hat:
Wenn man kein Gegenargument findet, wird es im Zweifel einfach verschwiegen.
Die Absurdität dieser "Debatten" nimmt schon extreme Züge an.
##updated 2025-05-23T21:32:17
1 posts
And if you want easy mode, here is the Metasploit config for CVE-2025-32813:
##use exploit/multi/http/rails_secret_deserialization
set COOKIE_NAME _netmri
set RPORT 443
set SSL true
set SECRET b525fc341ce5f4d76505e7664863750f865823ba866c536e0246c195cd6cf19cc63771d6becd71c99f5beef080ac27bc3b4f72430840d83cb4efd62acb7c6dcf
set TARGETURI /webui/gui_states/index.json
run
updated 2025-05-22T21:30:46
1 posts
Multiple vulnerabilities reported in Infoblox NetMRI Network Management Platform, at least one critical
Infoblox patched multiple critical vulnerabilities in its NetMRI network management solution, including a severe unauthenticated SQL injection flaw (CVE-2025-32814) and hardcoded credentials that could enable complete system compromise through various attack vectors including command injection and privilege escalation.
**If you're running Infoblox NetMRI version 7.5.4.104695 or earlier upgrade to 7.6.1. There are a bunch of security vulnerabilities that could allow complete system takeover. A mitigation measure is restricting network access to your NetMRI systems, but that doesn't really helo long term. Don't delay this one, there are too many flaws to just isolate the system.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/multiple-vulnerabilities-reported-in-infoblox-netmri-network-management-platform-at-least-one-critical-c-l-f-n-b/gD2P6Ple2L
updated 2025-05-21T20:25:16.407000
11 posts
📰 Today's Top 25 Hacker News Stories (Sorted by Score) 📰
----------------------------------------
🔖 Title: Containerization is a Swift package for running Linux containers on macOS
🔗 URL: https://github.com/apple/containerization
👍 Score: [699]
💬 Discussion: https://news.ycombinator.com/item?id=44229348
----------------------------------------
🔖 Title: Magistral — the first reasoning model by Mistral AI
🔗 URL: https://mistral.ai/news/magistral
👍 Score: [461]
💬 Discussion: https://news.ycombinator.com/item?id=44236997
----------------------------------------
🔖 Title: Denuvo Analysis
🔗 URL: https://connorjaydunn.github.io/blog/posts/denuvo-analysis/
👍 Score: [139]
💬 Discussion: https://news.ycombinator.com/item?id=44226406
----------------------------------------
🔖 Title: Animate a mesh across a sphere's surface
🔗 URL: https://garden.bradwoods.io/notes/javascript/three-js/animate-a-mesh-on-a-spheres-surface
👍 Score: [118]
💬 Discussion: https://news.ycombinator.com/item?id=44205319
----------------------------------------
🔖 Title: OpenAI dropped the price of o3 by 80%
🔗 URL: https://twitter.com/sama/status/1932434606558462459
👍 Score: [101]
💬 Discussion: https://news.ycombinator.com/item?id=44239359
----------------------------------------
🔖 Title: Show HN: High End Color Quantizer
🔗 URL: https://github.com/big-nacho/patolette
👍 Score: [89]
💬 Discussion: https://news.ycombinator.com/item?id=44235628
----------------------------------------
🔖 Title: Faster, easier 2D vector rendering [video]
🔗 URL: https://www.youtube.com/watch?v=_sv8K190Zps
👍 Score: [84]
💬 Discussion: https://news.ycombinator.com/item?id=44236423
----------------------------------------
🔖 Title: Show HN: PyDoll – Async Python scraping engine with native CAPTCHA bypass
🔗 URL: https://github.com/autoscrape-labs/pydoll
👍 Score: [81]
💬 Discussion: https://news.ycombinator.com/item?id=44236926
----------------------------------------
🔖 Title: Malleable software: Restoring user agency in a world of locked-down apps
🔗 URL: https://www.inkandswitch.com/essay/malleable-software/
👍 Score: [77]
💬 Discussion: https://news.ycombinator.com/item?id=44237881
----------------------------------------
🔖 Title: A Primer on Molecular Dynamics
🔗 URL: https://www.owlposting.com/p/a-primer-on-molecular-dynamics
👍 Score: [63]
💬 Discussion: https://news.ycombinator.com/item?id=44204249
----------------------------------------
🔖 Title: Spoofing OpenPGP.js signature verification
🔗 URL: https://codeanlabs.com/blog/research/cve-2025-47934-spoofing-openpgp-js-signatures/
👍 Score: [58]
💬 Discussion: https://news.ycombinator.com/item?id=44236891
----------------------------------------
🔖 Title: Dubious Math in Infinite Jest (2009)
🔗 URL: https://www.thehowlingfantods.com/dfw/dubious-math-in-infinite-jest.html
👍 Score: [50]
💬 Discussion: https://news.ycombinator.com/item?id=44237700
----------------------------------------
🔖 Title: Reinforcement Pre-Training
🔗 URL: https://arxiv.org/abs/2506.08007
👍 Score: [41]
💬 Discussion: https://news.ycombinator.com/item?id=44232880
----------------------------------------
🔖 Title: A Blacklisted American Magician Became a Hero in Brazil
🔗 URL: https://www.wsj.com/lifestyle/careers/magician-brazil-national-celebrity-d31f547a
👍 Score: [39]
💬 Discussion: https://news.ycombinator.com/item?id=44239107
----------------------------------------
🔖 Title: Low-background Steel: content without AI contamination
🔗 URL: https://blog.jgc.org/2025/06/low-background-steel-content-without-ai.html
👍 Score: [37]
💬 Discussion: https://news.ycombinator.com/item?id=44239481
----------------------------------------
🔖 Title: Teaching National Security Policy with AI
🔗 URL: https://steveblank.com/2025/06/10/teaching-national-security-policy-with-ai/
👍 Score: [29]
💬 Discussion: https://news.ycombinator.com/item?id=44236849
----------------------------------------
🔖 Title: JavelinGuard: Low-Cost Transformer Architectures for LLM Security
🔗 URL: https://arxiv.org/abs/2506.07330
👍 Score: [19]
💬 Discussion: https://news.ycombinator.com/item?id=44238404
----------------------------------------
🔖 Title: Mikeal Rogers has died
🔗 URL: https://b.h4x.zip/mikeal/
👍 Score: [17]
💬 Discussion: https://news.ycombinator.com/item?id=44236728
----------------------------------------
🔖 Title: The Concurrency Trap: How an Atomic Counter Stalled a Pipeline
🔗 URL: https://www.conviva.com/platform/the-concurrency-trap-how-an-atomic-counter-stalled-a-pipeline/
👍 Score: [14]
💬 Discussion: https://news.ycombinator.com/item?id=44208938
----------------------------------------
🔖 Title: Wharton Esherick and the Armstrong Linoleum Company
🔗 URL: https://whartonesherickmuseum.org/wharton-esherick-and-armstrong-linoleum/
👍 Score: [13]
💬 Discussion: https://news.ycombinator.com/item?id=44236577
----------------------------------------
🔖 Title: Android 16 Is Here
🔗 URL: https://blog.google/products/android/android-16/
👍 Score: [8]
💬 Discussion: https://news.ycombinator.com/item?id=44239812
----------------------------------------
Spoofing OpenPGP.js signature verification
Link: https://codeanlabs.com/blog/research/cve-2025-47934-spoofing-openpgp-js-signatures/
Discussion: https://news.ycombinator.com/item?id=44236891
Spoofing OpenPGP.js signature verification
Link: https://codeanlabs.com/blog/research/cve-2025-47934-spoofing-openpgp-js-signatures/
Discussion: https://news.ycombinator.com/item?id=44236891
CVE-2025-47934 - Spoofing OpenPGP.js signature verification https://lobste.rs/s/uafcpg #cryptography #security
https://codeanlabs.com/blog/research/cve-2025-47934-spoofing-openpgp-js-signatures/
Critical flaw in OpenPGP.js (CVE-2025-47934) lets attackers spoof valid signatures on arbitrary data, tricking verifiers into trusting malicious content. Patch available in v5.11.3 and v6.1.1.
https://codeanlabs.com/blog/research/cve-2025-47934-spoofing-openpgp-js-signatures/
##Spoofing OpenPGP.js signature verification
Link: https://codeanlabs.com/blog/research/cve-2025-47934-spoofing-openpgp-js-signatures/
Comments: https://news.ycombinator.com/item?id=44236891
Spoofing OpenPGP.js signature verification
https://codeanlabs.com/blog/research/cve-2025-47934-spoofing-openpgp-js-signatures/
#ycombinator
Spoofing OpenPGP.js signature verification
https://codeanlabs.com/blog/research/cve-2025-47934-spoofing-openpgp-js-signatures/
#HackerNews #Spoofing #OpenPGP.js #signature #verification #OpenPGPjs #CVE2025 #cybersecurity #research
##My posts on CVE-2025-47934 have rolled off but there's a write-up for it now.
https://codeanlabs.com/blog/research/cve-2025-47934-spoofing-openpgp-js-signatures/
##This has been patched.
Codean Labs: CVE-2025-47934 – Spoofing OpenPGP.js signature verification https://codeanlabs.com/blog/research/cve-2025-47934-spoofing-openpgp-js-signatures/ #cybersecurity #Infosec
##CVE-2025-47934 - Spoofing OpenPGP.js signature verification https://codeanlabs.com/blog/research/cve-2025-47934-spoofing-openpgp-js-signatures/
##updated 2025-05-21T18:34:59.360000
1 posts
CISA warns of ZKTeco BioTime flaw actively exploited in State-Sponsored attacks
CISA reports active exploitation of CVE-2023-38950 (CVSS 7.5) affecting ZKTeco BioTime time and attendance management software. The path traversal vulnerability allows unauthenticated attackers to read arbitrary files through the iclock API.
**If you are using ZKTeco BioTime time to patch it. The attackers targeting these systems are well funded and skilled. Check for any indicators of compromise and patch ASAP!**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-warns-of-zkteco-biotime-flaw-actively-exploited-in-state-sponsored-attacks-n-z-i-z-3/gD2P6Ple2L
updated 2025-05-19T13:35:20.460000
1 posts
🚨CVE-2025-36560: Server-side Request Forgery Vulnerability
FOFA Link: https://en.fofa.info/result?qbase64=YXBwPSJhLWJsb2ctY21zIg%3D%3D
FOFA Query: app="a-blog-cms"
Results: 5,072
Advisory: https://github.com/advisories/GHSA-9fjv-px63-6jvj
CVSS: 9.2
##updated 2025-05-16T19:41:05.917000
3 posts
5 repos
https://github.com/exfil0/CVE-2025-32756-POC
https://github.com/B1ack4sh/Blackash-CVE-2025-32756
https://github.com/alm6no5/CVE-2025-32756-POC
CVE-2025-32756 Proof of Concept: A critical stack-based buffer overflow vulnerability affecting multiple Fortinet products
##CVE-2025-32756 Proof of Concept: A critical stack-based buffer overflow vulnerability affecting multiple Fortinet products
##🚨CVE-2025-32756: Critical Stack-Based Buffer Overflow in Fortinet Products
FOFA Query: app="FORTINET-FortiVoice" || app="Fortinet-FortiNDR" || app="FORTINET-FortiCamera" || app="FORTINET-FortiMail" || app="FORTINET-FortiRecorder"
Results: 48,224
Advisory: https://github.com/advisories/GHSA-fcpx-h44g-vx2x
CVSS: 9.8
##updated 2025-05-16T15:31:39
1 posts
https://github.com/google/security-research/security/advisories/GHSA-qx2m-rcpc-v43v Didn't see a ton of attention being paid to CVE-2025-30712 on here
VM escape using VGA on VirtualBox
##updated 2025-05-14T21:31:18
1 posts
2 repos
New. There's a new version that addresses several vulnerabilities.
- High CVE-2025-4664 Insufficient policy enforcement in Loader
- High CVE-2025-5419 Out of bounds read and write in V8
- Fixes for CVE-2024-53164, CVE-2024-56770, CVE-2024-53125, CVE-2023-52926
Google: Long Term Support Channel Update for ChromeOS https://chromereleases.googleblog.com/2025/06/long-term-support-channel-update-for.html #Google #Chrome #cybersecurity #infoesc
##updated 2025-05-05T20:54:45.973000
1 posts
Malwarebytes: Google fixes another actively exploited vulnerability in Chrome https://www.malwarebytes.com/blog/news/2025/06/google-fixes-another-actively-exploited-vulnerability-in-chrome-so-update-now
Google Security Bulletins: CVE-2025-37798 and CVE-2025-37797, both high severity, were updated yesterday https://cloud.google.com/support/bulletins #Google #Chrome #cybersecurity #infosec
##updated 2025-05-02T15:31:57
1 posts
Malwarebytes: Google fixes another actively exploited vulnerability in Chrome https://www.malwarebytes.com/blog/news/2025/06/google-fixes-another-actively-exploited-vulnerability-in-chrome-so-update-now
Google Security Bulletins: CVE-2025-37798 and CVE-2025-37797, both high severity, were updated yesterday https://cloud.google.com/support/bulletins #Google #Chrome #cybersecurity #infosec
##updated 2025-04-14T15:39:01
1 posts
SolarWinds released Observability Self-Hosted 2025.2 which patched some CVEs:
sev:MED )sev:HIGH )sev:MED )sev:HIGH )updated 2025-04-11T14:06:06
1 posts
3 repos
https://github.com/ruiwenya/CVE-2025-32395
🚨CVE-2025-32395: Vite HTTP Request Target Denial of Service
FOFA Link: https://en.fofa.info/result?qbase64=Ym9keT0iL0B2aXRlL2NsaWVudCI%3D
FOFA Query: body="/@vite/client"
Results: 130,393
Advisory/PoC: https://github.com/advisories/GHSA-356w-63v5-8wf4
CVSS: 6.0
##updated 2025-04-11T00:51:21.963000
1 posts
8 repos
https://github.com/heroku/heroku-CVE-2013-0156
https://github.com/josal/crack-0.1.8-fixed
https://github.com/Jjdt12/kuang_grade_mk11
https://github.com/terracatta/name_reverser
https://github.com/oxben10/CVE-2013-0156
https://github.com/bsodmike/rails-exploit-cve-2013-0156
This is absolute bananas. And I forgot to put that the write-up is pretty full, including PoC. And it's web-based so maybe some easy sigs for @Dio9sys and @da_667 .
This is possible due to a netmri ALL = NOPASSWD: /bin/sh entry in /etc/sudoers .
and
##This allows Remote Code Execution via a hardcoded ruby cookie secret. This vulnerability was not assigned a CVE ID by Infoblox as it was stated the underlying vulnerability is a known flaw with it’s own CVE referencing CVE-2013-0156.
The NetMRI virtual appliance includes a Ruby on Rails web component. We discovered the Rails session cookie signing key is hardcoded in the VM, located at:
/skipjack/app/rails/config/session_secret.txt
This value is hardcoded and was the same on every boot and VM downloaded.
Ruby on Rails deserializes session cookies if the signing key is valid. With access to this key, it’s possible to craft a malicious session leading to remote code execution (RCE).
updated 2025-04-08T14:15:33.973000
1 posts
95 repos
https://github.com/0xpr4bin/vulnerable-next_js_cve-2025-29927
https://github.com/furmak331/CVE-2025-29927
https://github.com/l1uk/nextjs-middleware-exploit
https://github.com/websecnl/CVE-2025-29927-PoC-Exploit
https://github.com/serhalp/test-cve-2025-29927
https://github.com/enochgitgamefied/NextJS-CVE-2025-29927
https://github.com/hed1ad/CVE-2025-29927
https://github.com/Oyst3r1ng/CVE-2025-29927
https://github.com/jmbowes/NextSecureScan
https://github.com/t3tra-dev/cve-2025-29927-demo
https://github.com/ferpalma21/Automated-Next.js-Security-Scanner-for-CVE-2025-29927
https://github.com/m2hcz/m2hcz-Next.js-security-flaw-CVE-2025-29927---PoC-exploit
https://github.com/strobes-security/nextjs-vulnerable-app
https://github.com/Kamal-418/Vulnerable-Lab-NextJS-CVE-2025-29927
https://github.com/kuzushiki/CVE-2025-29927-test
https://github.com/w3shi/CVE-2025-29927
https://github.com/0xnxt1me/CVE-2025-29927
https://github.com/fahimalshihab/NextBypass
https://github.com/iSee857/CVE-2025-29927
https://github.com/yugo-eliatrope/test-cve-2025-29927
https://github.com/olimpiofreitas/CVE-2025-29927_scanner
https://github.com/c0dejump/CVE-2025-29927-check
https://github.com/Jull3Hax0r/next.js-exploit
https://github.com/azu/nextjs-cve-2025-29927-poc
https://github.com/aleongx/CVE-2025-29927_Scanner
https://github.com/0xPb1/Next.js-CVE-2025-29927
https://github.com/alihussainzada/CVE-2025-29927-PoC
https://github.com/luq0x/0xMiddleware
https://github.com/lem0n817/CVE-2025-29927
https://github.com/dante01yoon/CVE-2025-29927
https://github.com/enochgitgamefied/NextJS-CVE-2025-29927-Docker-Lab
https://github.com/6mile/nextjs-CVE-2025-29927
https://github.com/EarthAngel666/x-middleware-exploit
https://github.com/nicknisi/next-attack
https://github.com/jeymo092/cve-2025-29927
https://github.com/TheresAFewConors/CVE-2025-29927-Testing
https://github.com/Gokul-Krishnan-V-R/cve-2025-29927
https://github.com/ThemeHackers/CVE-2025-29972
https://github.com/Ademking/CVE-2025-29927
https://github.com/pixilated730/NextJS-Exploit-
https://github.com/nyctophile0969/CVE-2025-29927
https://github.com/Naveen-005/Next.Js-middleware-bypass-vulnerability-CVE-2025-29927
https://github.com/YEONDG/nextjs-cve-2025-29927
https://github.com/arvion-agent/next-CVE-2025-29927
https://github.com/moften/CVE-2025-29927
https://github.com/UNICORDev/exploit-CVE-2025-29927
https://github.com/RoyCampos/CVE-2025-29927
https://github.com/B1ack4sh/Blackash-CVE-2025-29927
https://github.com/yuzu-juice/CVE-2025-29927_demo
https://github.com/Hirainsingadia/CVE-2025-29927
https://github.com/Neoxs/nextjs-middleware-vuln-poc
https://github.com/MuhammadWaseem29/CVE-2025-29927-POC
https://github.com/ethanol1310/POC-CVE-2025-29927-
https://github.com/rubbxalc/CVE-2025-29927
https://github.com/pickovven/vulnerable-nextjs-14-CVE-2025-29927
https://github.com/aleongx/CVE-2025-29927
https://github.com/mhamzakhattak/CVE-2025-29927
https://github.com/Balajih4kr/cve-2025-29927
https://github.com/alastair66/CVE-2025-29927
https://github.com/BilalGns/CVE-2025-29927
https://github.com/kh4sh3i/CVE-2025-29927
https://github.com/fourcube/nextjs-middleware-bypass-demo
https://github.com/HoumanPashaei/CVE-2025-29927
https://github.com/0xcucumbersalad/cve-2025-29927
https://github.com/Grand-Moomin/Vuln-Next.js-CVE-2025-29927
https://github.com/sn1p3rt3s7/NextJS_CVE-2025-29927
https://github.com/gotr00t0day/CVE-2025-29927
https://github.com/KaztoRay/CVE-2025-29927-Research
https://github.com/lirantal/vulnerable-nextjs-14-CVE-2025-29927
https://github.com/AnonKryptiQuz/NextSploit
https://github.com/narasimhauppala/nextjs-middleware-bypass
https://github.com/elshaheedy/CVE-2025-29927-Sigma-Rule
https://github.com/ValGrace/middleware-auth-bypass
https://github.com/ricsirigu/CVE-2025-29927
https://github.com/w2hcorp/CVE-2025-29927-PoC
https://github.com/0xWhoknows/CVE-2025-29927
https://github.com/Nekicj/CVE-2025-29927-exploit
https://github.com/ticofookfook/poc-nextjs-CVE-2025-29927
https://github.com/nocomp/CVE-2025-29927-scanner
https://github.com/Knotsecurity/CVE-2025-29927-NextJs-Middleware-Simulation
https://github.com/pouriam23/Next.js-Middleware-Bypass-CVE-2025-29927-
https://github.com/SugiB3o/vulnerable-nextjs-14-CVE-2025-29927
https://github.com/aydinnyunus/CVE-2025-29927
https://github.com/Eve-SatOrU/POC-CVE-2025-29927
https://github.com/0xPThree/next.js_cve-2025-29927
https://github.com/maronnjapan/claude-create-CVE-2025-29927
https://github.com/darklotuskdb/nextjs-CVE-2025-29927-hunter
https://github.com/takumade/ghost-route
https://github.com/Heimd411/CVE-2025-29927-PoC
https://github.com/sagsooz/CVE-2025-29927
https://github.com/ayato-shitomi/WebLab_CVE-2025-29927
https://github.com/emadshanab/CVE-2025-29927
https://github.com/EQSTLab/CVE-2025-29927
🧠 Dive deep into the technical breakdown and exploit mechanics here:
👉 https://wardenshield.com/cve-2025-29927-cracks-nextjs-wide-open-middleware-meltdown
#cybersecurity #NextJS #WebSecurity #CVE2025 #MiddleWare #wardenshield #exploits
##updated 2025-04-07T14:40:55.240000
1 posts
78 repos
https://github.com/0xpr4bin/vulnerable-next_js_cve-2025-29927
https://github.com/furmak331/CVE-2025-29927
https://github.com/websecnl/CVE-2025-29927-PoC-Exploit
https://github.com/serhalp/test-cve-2025-29927
https://github.com/enochgitgamefied/NextJS-CVE-2025-29927
https://github.com/hed1ad/CVE-2025-29927
https://github.com/Oyst3r1ng/CVE-2025-29927
https://github.com/t3tra-dev/cve-2025-29927-demo
https://github.com/ferpalma21/Automated-Next.js-Security-Scanner-for-CVE-2025-29927
https://github.com/m2hcz/m2hcz-Next.js-security-flaw-CVE-2025-29927---PoC-exploit
https://github.com/Kamal-418/Vulnerable-Lab-NextJS-CVE-2025-29927
https://github.com/kuzushiki/CVE-2025-29927-test
https://github.com/w3shi/CVE-2025-29927
https://github.com/0xnxt1me/CVE-2025-29927
https://github.com/iSee857/CVE-2025-29927
https://github.com/yugo-eliatrope/test-cve-2025-29927
https://github.com/olimpiofreitas/CVE-2025-29927_scanner
https://github.com/c0dejump/CVE-2025-29927-check
https://github.com/azu/nextjs-cve-2025-29927-poc
https://github.com/aleongx/CVE-2025-29927_Scanner
https://github.com/0xPb1/Next.js-CVE-2025-29927
https://github.com/alihussainzada/CVE-2025-29927-PoC
https://github.com/enochgitgamefied/NextJS-CVE-2025-29927-Docker-Lab
https://github.com/lem0n817/CVE-2025-29927
https://github.com/dante01yoon/CVE-2025-29927
https://github.com/6mile/nextjs-CVE-2025-29927
https://github.com/jeymo092/cve-2025-29927
https://github.com/TheresAFewConors/CVE-2025-29927-Testing
https://github.com/Gokul-Krishnan-V-R/cve-2025-29927
https://github.com/Ademking/CVE-2025-29927
https://github.com/nyctophile0969/CVE-2025-29927
https://github.com/Naveen-005/Next.Js-middleware-bypass-vulnerability-CVE-2025-29927
https://github.com/YEONDG/nextjs-cve-2025-29927
https://github.com/arvion-agent/next-CVE-2025-29927
https://github.com/moften/CVE-2025-29927
https://github.com/UNICORDev/exploit-CVE-2025-29927
https://github.com/RoyCampos/CVE-2025-29927
https://github.com/B1ack4sh/Blackash-CVE-2025-29927
https://github.com/yuzu-juice/CVE-2025-29927_demo
https://github.com/Hirainsingadia/CVE-2025-29927
https://github.com/MuhammadWaseem29/CVE-2025-29927-POC
https://github.com/ethanol1310/POC-CVE-2025-29927-
https://github.com/rubbxalc/CVE-2025-29927
https://github.com/pickovven/vulnerable-nextjs-14-CVE-2025-29927
https://github.com/aleongx/CVE-2025-29927
https://github.com/mhamzakhattak/CVE-2025-29927
https://github.com/Balajih4kr/cve-2025-29927
https://github.com/alastair66/CVE-2025-29927
https://github.com/BilalGns/CVE-2025-29927
https://github.com/kh4sh3i/CVE-2025-29927
https://github.com/HoumanPashaei/CVE-2025-29927
https://github.com/0xcucumbersalad/cve-2025-29927
https://github.com/Grand-Moomin/Vuln-Next.js-CVE-2025-29927
https://github.com/sn1p3rt3s7/NextJS_CVE-2025-29927
https://github.com/gotr00t0day/CVE-2025-29927
https://github.com/KaztoRay/CVE-2025-29927-Research
https://github.com/lirantal/vulnerable-nextjs-14-CVE-2025-29927
https://github.com/elshaheedy/CVE-2025-29927-Sigma-Rule
https://github.com/ricsirigu/CVE-2025-29927
https://github.com/w2hcorp/CVE-2025-29927-PoC
https://github.com/0xWhoknows/CVE-2025-29927
https://github.com/Nekicj/CVE-2025-29927-exploit
https://github.com/ticofookfook/poc-nextjs-CVE-2025-29927
https://github.com/nocomp/CVE-2025-29927-scanner
https://github.com/Knotsecurity/CVE-2025-29927-NextJs-Middleware-Simulation
https://github.com/pouriam23/Next.js-Middleware-Bypass-CVE-2025-29927-
https://github.com/SugiB3o/vulnerable-nextjs-14-CVE-2025-29927
https://github.com/aydinnyunus/CVE-2025-29927
https://github.com/Eve-SatOrU/POC-CVE-2025-29927
https://github.com/0xPThree/next.js_cve-2025-29927
https://github.com/maronnjapan/claude-create-CVE-2025-29927
https://github.com/darklotuskdb/nextjs-CVE-2025-29927-hunter
https://github.com/Heimd411/CVE-2025-29927-PoC
https://github.com/sagsooz/CVE-2025-29927
https://github.com/ayato-shitomi/WebLab_CVE-2025-29927
https://github.com/emadshanab/CVE-2025-29927
🧠 Dive deep into the technical breakdown and exploit mechanics here:
👉 https://wardenshield.com/cve-2025-29927-cracks-nextjs-wide-open-middleware-meltdown
#cybersecurity #NextJS #WebSecurity #CVE2025 #MiddleWare #wardenshield #exploits
##updated 2025-04-03T18:31:56
1 posts
Just noticed CVE-2025-1829 an RCE in the mtkhnatEnable parameter of /cgi-bin/cstecgi.cgi on TOTOLINK devices being actively exploited.
Exploitation started since 23/03 though which is ~3 weeks after the vuln became public?
##updated 2025-03-24T17:34:43.630000
1 posts
New. There's a new version that addresses several vulnerabilities.
- High CVE-2025-4664 Insufficient policy enforcement in Loader
- High CVE-2025-5419 Out of bounds read and write in V8
- Fixes for CVE-2024-53164, CVE-2024-56770, CVE-2024-53125, CVE-2023-52926
Google: Long Term Support Channel Update for ChromeOS https://chromereleases.googleblog.com/2025/06/long-term-support-channel-update-for.html #Google #Chrome #cybersecurity #infoesc
##updated 2025-01-27T21:42:18.743000
1 posts
60 repos
https://github.com/Praison001/CVE-2024-24919-Check-Point-Remote-Access-VPN
https://github.com/zam89/CVE-2024-24919
https://github.com/LuisMateo1/Arbitrary-File-Read-CVE-2024-24919
https://github.com/RevoltSecurities/CVE-2024-24919
https://github.com/r4p3c4/CVE-2024-24919-Checkpoint-Firewall-VPN-Check
https://github.com/0xkalawy/CVE-2024-24919
https://github.com/ejaboz/cve-2024-24919
https://github.com/sar-3mar/CVE-2024-24919_POC
https://github.com/protonnegativo/CVE-2024-24919
https://github.com/NingXin2002/Check-Point_poc
https://github.com/Cappricio-Securities/CVE-2024-24919
https://github.com/H3KEY/CVE-2024-24919
https://github.com/geniuszly/CVE-2024-24919
https://github.com/J4F9S5D2Q7/CVE-2024-24919-CHECKPOINT
https://github.com/ShadowByte1/CVE-2024-24919
https://github.com/SalehLardhi/CVE-2024-24919
https://github.com/GuayoyoCyber/CVE-2024-24919
https://github.com/hashdr1ft/SOC_287
https://github.com/fernandobortotti/CVE-2024-24919
https://github.com/starlox0/CVE-2024-24919-POC
https://github.com/0nin0hanz0/CVE-2024-24919-PoC
https://github.com/Vulnpire/CVE-2024-24919
https://github.com/emanueldosreis/CVE-2024-24919
https://github.com/CyprianAtsyor/CVE-2024-24919-Incident-Report.md
https://github.com/smackerdodi/CVE-2024-24919-nuclei-templater
https://github.com/spider00009/CVE-2024-24919-POC
https://github.com/Expl0itD0g/CVE-2024-24919---Poc
https://github.com/zxcod3/CVE-2024-24919
https://github.com/GoatSecurity/CVE-2024-24919
https://github.com/0xYumeko/CVE-2024-24919
https://github.com/nullcult/CVE-2024-24919-Exploit
https://github.com/YN1337/CVE-2024-24919
https://github.com/c3rrberu5/CVE-2024-24919
https://github.com/hendprw/CVE-2024-24919
https://github.com/gurudattch/CVE-2024-24919
https://github.com/satchhacker/cve-2024-24919
https://github.com/0xans/CVE-2024-24919
https://github.com/Bytenull00/CVE-2024-24919
https://github.com/Jutrm/cve-2024-24919
https://github.com/birdlex/cve-2024-24919-checker
https://github.com/funixone/CVE-2024-24919---Exploit-Script
https://github.com/satriarizka/CVE-2024-24919
https://github.com/r4p3c4/CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN
https://github.com/GlobalsecureAcademy/CVE-2024-24919
https://github.com/ifconfig-me/CVE-2024-24919-Bulk-Scanner
https://github.com/un9nplayer/CVE-2024-24919
https://github.com/LucasKatashi/CVE-2024-24919
https://github.com/am-eid/CVE-2024-24919
https://github.com/mr-kasim-mehar/CVE-2024-24919-Exploit
https://github.com/bigb0x/CVE-2024-24919-Sniper
https://github.com/P3wc0/CVE-2024-24919
https://github.com/Rug4lo/CVE-2024-24919-Exploit
https://github.com/Tim-Hoekstra/CVE-2024-24919
https://github.com/B1naryo/CVE-2024-24919-POC
https://github.com/nexblade12/CVE-2024-24919
https://github.com/nicolvsrlr27/CVE-2024-24919
🚨CVE-2024-24919: Check Point Remote Access VPN vulnerability
FOFA Link: https://en.fofa.info/result?qbase64=dGl0bGU9IkNoZWNrIFBvaW50IFNTTCBOZXR3b3JrIEV4dGVuZGVyIiA%3D
FOFA Query 1: app="Check_Point-SSL-Network-Extender"
OR
FOFA Query 2: title="Check Point SSL Network Extender"
Results: 45,343
Advisory: https://nvd.nist.gov/vuln/detail/cve-2024-24919
PoC: https://labs.watchtowr.com/check-point-wrong-check-point-cve-2024-24919/
CVSS: 8.6
##updated 2025-01-10T18:31:39
1 posts
New. There's a new version that addresses several vulnerabilities.
- High CVE-2025-4664 Insufficient policy enforcement in Loader
- High CVE-2025-5419 Out of bounds read and write in V8
- Fixes for CVE-2024-53164, CVE-2024-56770, CVE-2024-53125, CVE-2023-52926
Google: Long Term Support Channel Update for ChromeOS https://chromereleases.googleblog.com/2025/06/long-term-support-channel-update-for.html #Google #Chrome #cybersecurity #infoesc
##updated 2025-01-09T18:32:13
1 posts
New. There's a new version that addresses several vulnerabilities.
- High CVE-2025-4664 Insufficient policy enforcement in Loader
- High CVE-2025-5419 Out of bounds read and write in V8
- Fixes for CVE-2024-53164, CVE-2024-56770, CVE-2024-53125, CVE-2023-52926
Google: Long Term Support Channel Update for ChromeOS https://chromereleases.googleblog.com/2025/06/long-term-support-channel-update-for.html #Google #Chrome #cybersecurity #infoesc
##updated 2024-12-19T21:32:18
1 posts
New. There's a new version that addresses several vulnerabilities.
- High CVE-2025-4664 Insufficient policy enforcement in Loader
- High CVE-2025-5419 Out of bounds read and write in V8
- Fixes for CVE-2024-53164, CVE-2024-56770, CVE-2024-53125, CVE-2023-52926
Google: Long Term Support Channel Update for ChromeOS https://chromereleases.googleblog.com/2025/06/long-term-support-channel-update-for.html #Google #Chrome #cybersecurity #infoesc
##updated 2024-12-11T15:32:22
1 posts
We wrote a blog post about a Linux kernel vulnerability we reported to Red Hat in July 2024. The vulnerability had been fixed upstream a year before, but Red Hat and derivatives distributions didn't backport the patch. It was assigned the CVE-2023-52922 after we reported it.
The vulnerability is a use-after-free read. We could abuse it to leak the encoded freelist pointer of an object. This allows an attacker to craft an encoded freelist pointer that decodes to an arbitrary address.
It also allows an attacker to leak the addresses of objects from the kernel heap, defeating physmap/heap address randomization.These primitives facilitate exploitation of the system by providing the attacker with useful primitives.
Additionally, we highlighted a typical pattern in the subsystem, as two similar vulnerabilities had been discovered. However, before publishing the blog post, we noticed that the patch for this vulnerability doesn't fix it. We could still trigger the use-after-free issue.
This finding confirms the point raised by the blog post. Furthermore, we discovered another vulnerability in the subsystem. An out-of-bounds read. We've reported them, and these two new vulnerabilities were already patched. A new blog post about them will be written.
Use-after-free vulnerability in CAN BCM subsystem leading to information disclosure (CVE-2023-52922)
##updated 2024-12-05T18:32:07
1 posts
Write-up on exploiting CVE-2024-40763, CVE-2024-45318, CVE-2024-45319, CVE-2024-53702, and CVE-2024-53703 in SonicWALL SMA, which I'm sure everyone has patched by now...
https://blog.scrt.ch/2025/06/04/sonicdoor-attacking-sonicwalls-sma-500/
##updated 2024-12-05T18:32:07
1 posts
Write-up on exploiting CVE-2024-40763, CVE-2024-45318, CVE-2024-45319, CVE-2024-53702, and CVE-2024-53703 in SonicWALL SMA, which I'm sure everyone has patched by now...
https://blog.scrt.ch/2025/06/04/sonicdoor-attacking-sonicwalls-sma-500/
##updated 2024-12-05T18:31:03
1 posts
Write-up on exploiting CVE-2024-40763, CVE-2024-45318, CVE-2024-45319, CVE-2024-53702, and CVE-2024-53703 in SonicWALL SMA, which I'm sure everyone has patched by now...
https://blog.scrt.ch/2025/06/04/sonicdoor-attacking-sonicwalls-sma-500/
##updated 2024-12-05T17:15:12.040000
1 posts
Write-up on exploiting CVE-2024-40763, CVE-2024-45318, CVE-2024-45319, CVE-2024-53702, and CVE-2024-53703 in SonicWALL SMA, which I'm sure everyone has patched by now...
https://blog.scrt.ch/2025/06/04/sonicdoor-attacking-sonicwalls-sma-500/
##updated 2024-12-05T15:31:09
1 posts
1 repos
Write-up on exploiting CVE-2024-40763, CVE-2024-45318, CVE-2024-45319, CVE-2024-53702, and CVE-2024-53703 in SonicWALL SMA, which I'm sure everyone has patched by now...
https://blog.scrt.ch/2025/06/04/sonicdoor-attacking-sonicwalls-sma-500/
##updated 2024-11-08T18:31:50
1 posts
SolarWinds released Observability Self-Hosted 2025.2 which patched some CVEs:
sev:MED )sev:HIGH )sev:MED )sev:HIGH )updated 2024-07-24T18:32:16
1 posts
26 repos
https://github.com/n1shant-sinha/CVE-2017-0199
https://github.com/nicpenning/RTF-Cleaner
https://github.com/TheCyberWatchers/CVE-2017-0199-v5.0
https://github.com/SyFi/cve-2017-0199
https://github.com/Winter3un/cve_2017_0199
https://github.com/joke998/Cve-2017-0199
https://github.com/Sunqiz/CVE-2017-0199-reprofuction
https://github.com/kn0wm4d/htattack
https://github.com/jacobsoo/RTF-Cleaner
https://github.com/NotAwful/CVE-2017-0199-Fix
https://github.com/Exploit-install/CVE-2017-0199
https://github.com/haibara3839/CVE-2017-0199-master
https://github.com/SwordSheath/CVE-2017-8570
https://github.com/joke998/Cve-2017-0199-
https://github.com/Phantomlancer123/CVE-2017-0199
https://github.com/mzakyz666/PoC-CVE-2017-0199
https://github.com/Nacromencer/cve2017-0199-in-python
https://github.com/stealth-ronin/CVE-2017-0199-PY-KIT
https://github.com/sUbc0ol/Microsoft-Word-CVE-2017-0199-
https://github.com/likekabin/CVE-2017-0199
https://github.com/viethdgit/CVE-2017-0199
https://github.com/ryhanson/CVE-2017-0199
https://github.com/BRAINIAC22/CVE-2017-0199
https://github.com/kash-123/CVE-2017-0199
https://github.com/bhdresh/CVE-2017-0199
https://github.com/herbiezimmerman/2017-11-17-Maldoc-Using-CVE-2017-0199
Fortinet: How a Malicious Excel File (CVE-2017-0199) Delivers the FormBook Payload (critical) https://www.fortinet.com/blog/threat-research/how-a-malicious-excel-file-cve-2017-0199-delivers-the-formbook-payload @fortinet #cybersecurity #Infosec #Microsoft #Windows
##updated 2024-04-13T12:30:30
8 posts
New Mirai botnet targets TBK DVRs by exploiting CVE-2024-3721 – Source: securityaffairs.com https://ciso2ciso.com/new-mirai-botnet-targets-tbk-dvrs-by-exploiting-cve-2024-3721-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #internetofthings #SecurityAffairs #SecurityAffairs #CVE-2024-3721 #BreakingNews #SecurityNews #hackingnews #Cybercrime #Security #hacking #Malware #botnet #Mirai #DVR #IoT
##Mirai Botnet variant exploits TBK DVR Devices flaw
A new Mirai botnet variant is actively exploiting CVE-2024-3721 (CVSS 6.3) in TBK DVR devices to execute command injection attacks that download ARM32 binaries and add vulnerable systems into a botnet infrastructure. An estimated 50,000-114,000 internet-exposed devices are potentially at risk. The attack is complicated by extensive device rebranding across multiple vendors, making patch availability unclear.
**If you have TBK DVR devices (or rebranded versions like Novo, CeNova, QSee, Pulnix, Night OWL, etc.), make sure to isolate these devices from the internet. Then check for and apply any available firmware updates from your vendor to patch CVE-2024-3721. If the device has been exposed, consider performing a factory reset before isolating it in a protected network.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/mirai-botnet-variant-exploits-tbk-dvr-devices-flaw-l-8-e-m-m/gD2P6Ple2L
New Mirai botnet variant exploits TBK DVR devices via CVE-2024-3721, infecting 50K+ devices globally. Check IoCs and patch now to avoid DDoS attacks. Details: https://redteamnews.com/red-team/cve/new-mirai-botnet-variant-exploits-tbk-dvr-devices-via-cve-2024-3721/
##Kaspersky: Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721 https://securelist.com/mirai-botnet-variant-targets-dvr-devices-with-cve-2024-3721/116742/ @Kaspersky #cybersecurity #infosec
##Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721 – Source: securelist.com https://ciso2ciso.com/analysis-of-the-latest-mirai-wave-exploiting-tbk-dvr-devices-with-cve-2024-3721-source-securelist-com/ #Vulnerabilitiesandexploits #rssfeedpostgeneratorecho #Secureenvironment(IoT) #MalwareTechnologies #CyberSecurityNews #internetofthings #vulnerabilities #DataEncryption #GReATresearch #securelistcom #Honeypot #botnets #Malware #LINUX #Mirai #CVE #RC4
##Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721
Kaspersky GReAT experts describe the new features of a Mirai variant: the latest botnet infections target TBK DVR devices with CVE-2024-3721.
🔗️ [Securelist] https://link.is.it/PluQDL
##updated 2024-04-04T06:43:16
1 posts
1 repos
https://github.com/z1ph1us/MilkSad-Mnemonic-Generator
This tool generates BIP-39 mnemonic phrases derived from Unix timestamps, exploring the 'Milk Sad' vulnerability's implications (CVE-2023-39910)
#Cybersecurity #Tech #Blockchain #Crypto #Mnemonic #Seed #Bitcoin
updated 2023-07-21T18:01:39
1 posts
4 repos
https://github.com/Avento/Apache_Druid_JNDI_Vuln
https://github.com/ohnonoyesyes/CVE-2023-25194
Three new Apache Kafka CVEs with some specific configurations.
https://kafka.apache.org/cve-list
##CVE-2025-27819 Apache Kafka: Possible RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration
In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration in Kafka Connect API. But not only Kafka Connect API is vulnerable to this attack, the Apache Kafka brokers also have this vulnerability. To exploit this vulnerability, the attacker needs to be able to connect to the Kafka cluster and have the AlterConfigs permission on the cluster resource.
Since Apache Kafka 3.4.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule" is disabled in Apache Kafka 3.4.0, and "com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule" is disabled by default in Apache Kafka 3.9.1/4.0.0.
CVE-2025-27818 Apache Kafka: Possible RCE attack via SASL JAAS LdapLoginModule configuration
A possible security vulnerability has been identified in Apache Kafka. This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config and a SASL-based security protocol, which has been possible on Kafka clusters since Apache Kafka 2.0.0 (Kafka Connect 2.3.0). When configuring the broker via config file or AlterConfig command, or connector via the Kafka Kafka Connect REST API, an authenticated operator can set the
sasl.jaas.configproperty for any of the connector's Kafka clients to "com.sun.security.auth.module.LdapLoginModule", which can be done via theproducer.override.sasl.jaas.config,consumer.override.sasl.jaas.config, oradmin.override.sasl.jaas.configproperties. This will allow the server to connect to the attacker's LDAP server and deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server. Attacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath.Since Apache Kafka 3.9.1/4.0.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule" are disabled in Apache Kafka Connect 3.9.1/4.0.0.
CVE-2025-27817 Apache Kafka Client: Arbitrary file read and SSRF vulnerability
A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url". Apache Kafka allows clients to read an arbitrary file and return the content in the error log, or sending requests to an unintended location. In applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use the "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url" configuration to read arbitrary contents of the disk and environment variables or make requests to an unintended location. In particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment/URL access, which may be undesirable in certain environments, including SaaS products.
Since Apache Kafka 3.9.1/4.0.0, we have added a system property ("-Dorg.apache.kafka.sasl.oauthbearer.allowed.urls") to set the allowed urls in SASL JAAS configuration. In 3.9.1, it accepts all urls by default for backward compatibility. However in 4.0.0 and newer, the default value is empty list and users have to set the allowed urls explicitly.
Hydroph0bia (CVE-2025-4275): otro golpe a Secure Boot https://www.hackplayers.com/2025/06/hydroph0bia-cve-2025-4275-otro-golpe.html #vulnerabilidades #técnicas #bios #boot
##2 posts
25 repos
https://github.com/exa-offsec/ssh_erlangotp_rce
https://github.com/LemieOne/CVE-2025-32433
https://github.com/C9b3rD3vi1/Erlang-OTP-SSH-CVE-2025-32433
https://github.com/ps-interactive/lab_CVE-2025-32433
https://github.com/MrDreamReal/CVE-2025-32433
https://github.com/ODST-Forge/CVE-2025-32433_PoC
https://github.com/Epivalent/CVE-2025-32433-detection
https://github.com/0xPThree/cve-2025-32433
https://github.com/omer-efe-curkus/CVE-2025-32433-Erlang-OTP-SSH-RCE-PoC
https://github.com/meloppeitreet/CVE-2025-32433-Remote-Shell
https://github.com/tobiasGuta/Erlang-OTP-CVE-2025-32433
https://github.com/bilalz5-github/Erlang-OTP-SSH-CVE-2025-32433
https://github.com/abrewer251/CVE-2025-32433_Erlang-OTP_PoC
https://github.com/0x7556/CVE-2025-32433
https://github.com/TeneBrae93/CVE-2025-3243
https://github.com/B1ack4sh/Blackash-CVE-2025-32433
https://github.com/rizky412/CVE-2025-32433
https://github.com/m0usem0use/erl_mouse
https://github.com/vigilante-1337/CVE-2025-32433
https://github.com/becrevex/CVE-2025-32433
https://github.com/Know56/CVE-2025-32433
https://github.com/teamtopkarl/CVE-2025-32433
https://github.com/ProDefense/CVE-2025-32433
If you missed this, CISA added these vulnerabilities to the KEV catalogue yesterday.
- CVE-2025-32433: Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-32433
- CVE-2024-42009: RoundCube Webmail Cross-Site Scripting Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-42009 #CISA #cybersecurity #Infosec
##CVE ID: CVE-2025-32433
Vendor: Erlang
Product: Erlang/OTP
Date Added: 2025-06-09
Vulnerability: Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability
Notes: This vulnerability affects a common open-source project, third-party library, or a protocol used by different products. For more information, please see: https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2 ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-erlang-otp-ssh-xyZZy ; https://nvd.nist.gov/vuln/detail/CVE-2025-32433
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-32433
Multiple vulnerabilities reported in DataEase Platform exposing risk of system compromise
DataEase, an open-source business intelligence platform, disclosed multiple critical vulnerabilities including authentication bypass (CVE-2025-49001) that allows JWT token forging and remote code execution flaws (CVE-2025-49002 and CVE-2025-48999) that bypass previous security patches through case sensitivity variations and malicious JDBC statements.
**If you are using DataEase, pmake sure to isolate it from the internet and allow access only from trusted networks. Then plan a quick upgrade to version 2.10.10 or later. There are at least two scary (and fairly dumb) exploits that can compromise your DataEase.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/multiple-vulnerabilities-reported-in-dataease-platform-exposing-risk-of-system-compromise-c-w-z-r-5/gD2P6Ple2L
Multiple vulnerabilities reported in DataEase Platform exposing risk of system compromise
DataEase, an open-source business intelligence platform, disclosed multiple critical vulnerabilities including authentication bypass (CVE-2025-49001) that allows JWT token forging and remote code execution flaws (CVE-2025-49002 and CVE-2025-48999) that bypass previous security patches through case sensitivity variations and malicious JDBC statements.
**If you are using DataEase, pmake sure to isolate it from the internet and allow access only from trusted networks. Then plan a quick upgrade to version 2.10.10 or later. There are at least two scary (and fairly dumb) exploits that can compromise your DataEase.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/multiple-vulnerabilities-reported-in-dataease-platform-exposing-risk-of-system-compromise-c-w-z-r-5/gD2P6Ple2L
Go hack some Discourse.
https://github.com/discourse/discourse/security/advisories/GHSA-x8mp-chx3-6x2p
sev:HIGH 7.1 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
##Discourse is an open-source discussion platform. Prior to version 3.4.4 of the
stablebranch, version 3.5.0.beta5 of thebetabranch, and version 3.5.0.beta6-dev of thetests-passedbranch, certain invites via email may result in HTML injection in the email body if the topic title includes HTML. This includes inviting someone (without an account) to a PM and inviting someone (without an account) to a topic with a custom message. This issue is patched in version 3.4.4 of thestablebranch, version 3.5.0.beta5 of thebetabranch, and version 3.5.0.beta6-dev of thetests-passedbranch. This can be worked around if the relevant templates are overridden without{topic_title}.
Out-of-Bounds write flaw in FreeRTOS-Plus-TCP can enable arbitrary code execution
AWS disclosed a memory corruption vulnerability (CVE-2025-5688) in FreeRTOS-Plus-TCP affecting embedded and IoT devices, where out-of-bounds writes in LLMNR or mDNS processing can lead to arbitrary code execution or system crashes.
**This one is quite complex. First, check your FreeRTOS-Plus-TCP versions, and check if you are using Buffer Allocation Scheme 1 and have LLMNR or mDNS enabled. As usual, make sure that your devices are isolated from the internet and accessible only from trusted networks. Then if you are running a vulnerable combination of the version and buffer/DNS enabled, plan a patch cycle.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/out-of-bounds-write-flaw-in-freertos-plus-tcp-can-enable-arbitrary-code-execution-o-l-1-1-w/gD2P6Ple2L
Oh this is a fun one.
https://aws.amazon.com/security/security-bulletins/AWS-2025-012/
sev:HIGH 7.5 - CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
##FreeRTOS-Plus-TCP is an open source TCP/IP stack implementation specifically designed for FreeRTOS. The stack provides a standard Berkeley sockets interface and supports essential networking protocols including IPv6, ARP, DHCP, DNS, LLMNR, mDNS, NBNS, RA, ND, ICMP, and ICMPv6. FreeRTOS-Plus-TCP offers two Buffer Allocation Schemes for buffer management:
- Buffer Allocation Scheme 1 - Allocates buffers from a pre-defined pool of fixed-size buffers.
- Buffer Allocation Scheme 2 - Allocates buffers of required size dynamically from the heap.
We identified CVE-2025-5688, that may allow out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled.
Affected version:
- v2.3.4 through v4.3.1, if LLMNR is used with Buffer Allocation Scheme 1.
- v4.0.0 through v4.3.1, if mDNS is used with Buffer Allocation Scheme 1.
I don't know how widespread this system is, but it looks like a handy vuln if you're on a pentest now or soon and come across it.
https://github.com/himmelblau-idm/himmelblau/security/advisories/GHSA-gcxr-m95v-qcf7
##Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Himmelblau versions 0.9.0 through 0.9.14 and 1.00-alpha are vulnerable to a privilege escalation issue when Entra ID group-based access restrictions are configured using group display names instead of object IDs. Starting in version 0.9.0, Himmelblau introduced support for specifying group names in the
pam_allow_groupsconfiguration option. However, Microsoft Entra ID permits the creation of multiple groups with the samedisplayNamevia the Microsoft Graph API—even by non-admin users, depending on tenant settings. As a result, a user could create a personal group with the same name as a legitimate access group (e.g.,"Allow-Linux-Login"), add themselves to it, and be granted authentication orsudorights by Himmelblau. Because affected Himmelblau versions compare group names by eitherdisplayNameor by the immutableobjectId, this allows bypassing access control mechanisms intended to restrict login to members of official, centrally-managed groups. This issue is fixed in Himmelblau version 0.9.15 and later. In these versions, group name matching inpam_allow_groupshas been deprecated and removed, and only groupobjectIds (GUIDs) may be specified for secure group-based filtering. To mitigate the issue without upgrading, replace all entries inpam_allow_groupswith the objectId of the target Entra ID group(s) and/or audit your tenant for groups with duplicate display names using the Microsoft Graph API.