##
Updated at UTC 2025-02-12T23:35:49.984063
CVE | CVSS | EPSS | Posts | Repos | Nuclei | Updated | Description |
---|---|---|---|---|---|---|---|
CVE-2025-0903 | 7.8 | 0.04% | 4 | 0 | 2025-02-12T21:32:59 | PDF-XChange Editor RTF File Parsing Heap-based Buffer Overflow Remote Code Execu | |
CVE-2025-0108 | None | 0.00% | 6 | 0 | 2025-02-12T21:32:02 | An authentication bypass in the Palo Alto Networks PAN-OS software enables an un | |
CVE-2025-1215 | 2.8 | 0.00% | 2 | 0 | 2025-02-12T21:32:02 | A vulnerability classified as problematic was found in vim up to 9.1.1096. This | |
CVE-2025-0113 | None | 0.00% | 2 | 0 | 2025-02-12T21:32:02 | A problem with the network isolation mechanism of the Palo Alto Networks Cortex | |
CVE-2025-0111 | None | 0.00% | 2 | 0 | 2025-02-12T21:32:02 | An authenticated file read vulnerability in the Palo Alto Networks PAN-OS softwa | |
CVE-2025-0109 | None | 0.00% | 2 | 0 | 2025-02-12T21:32:02 | An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS | |
CVE-2025-0110 | None | 0.00% | 2 | 0 | 2025-02-12T21:32:02 | A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig pl | |
CVE-2025-1146 | 8.1 | 0.00% | 8 | 0 | 2025-02-12T21:32:01 | CrowdStrike uses industry-standard TLS (transport layer security) to secure comm | |
CVE-2025-0994 | 8.8 | 5.58% | 15 | 1 | 2025-02-12T19:29:30.383000 | Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion v | |
CVE-2025-1244 | 8.8 | 0.00% | 2 | 0 | 2025-02-12T15:32:08 | A flaw was found in the Emacs text editor. Improper handling of custom "man" URI | |
CVE-2025-23359 | 8.4 | 0.04% | 3 | 0 | 2025-02-12T03:31:24 | NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) | |
CVE-2025-1240 | 7.8 | 0.04% | 2 | 0 | 2025-02-12T00:32:25 | WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. | |
CVE-2024-12797 | 0 | 0.04% | 9 | 0 | 2025-02-11T23:15:08.807000 | Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a se | |
CVE-2025-1052 | 8.8 | 0.04% | 4 | 0 | 2025-02-11T21:32:14 | Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Execution Vuln | |
CVE-2024-0179 | 8.3 | 0.04% | 4 | 0 | 2025-02-11T21:32:14 | SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow | |
CVE-2025-0906 | 3.3 | 0.04% | 4 | 0 | 2025-02-11T21:32:14 | PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vu | |
CVE-2025-0908 | 3.3 | 0.04% | 4 | 0 | 2025-02-11T21:32:14 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vu | |
CVE-2025-0907 | 3.3 | 0.04% | 4 | 0 | 2025-02-11T21:32:14 | PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vu | |
CVE-2025-0909 | 3.3 | 0.04% | 4 | 0 | 2025-02-11T21:32:14 | PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vu | |
CVE-2025-0910 | 7.8 | 0.04% | 4 | 0 | 2025-02-11T21:32:14 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vu | |
CVE-2025-0902 | 3.3 | 0.04% | 4 | 0 | 2025-02-11T21:32:14 | PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vu | |
CVE-2025-0911 | 3.3 | 0.04% | 4 | 0 | 2025-02-11T21:32:14 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vu | |
CVE-2025-1044 | 9.8 | 0.04% | 4 | 0 | 2025-02-11T21:32:14 | Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulner | |
CVE-2025-0901 | 7.8 | 0.04% | 4 | 0 | 2025-02-11T21:32:14 | PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerabi | |
CVE-2025-0905 | 3.3 | 0.04% | 4 | 0 | 2025-02-11T21:32:13 | PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vu | |
CVE-2025-0904 | 3.3 | 0.04% | 4 | 0 | 2025-02-11T21:32:13 | PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vu | |
CVE-2025-0899 | 7.8 | 0.04% | 4 | 0 | 2025-02-11T21:32:13 | PDF-XChange Editor AcroForm Use-After-Free Remote Code Execution Vulnerability. | |
CVE-2024-7419 | 8.3 | 0.08% | 4 | 0 | 2025-02-11T19:25:14.023000 | The WP ALL Export Pro plugin for WordPress is vulnerable to Remote Code Executio | |
CVE-2025-24200 | 4.6 | 0.04% | 34 | 1 | 2025-02-11T19:15:17.037000 | An authorization issue was addressed with improved state management. This issue | |
CVE-2022-35202 | 0 | 0.04% | 1 | 0 | 2025-02-11T19:15:10.230000 | A security issue in Sitevision version 10.3.1 and older allows a remote attacker | |
CVE-2025-24472 | 8.1 | 0.04% | 8 | 0 | 2025-02-11T18:31:43 | An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-2 | |
CVE-2025-21377 | 6.5 | 0.09% | 1 | 0 | 2025-02-11T18:31:43 | NTLM Hash Disclosure Spoofing Vulnerability | |
CVE-2024-52966 | 2.3 | 0.04% | 1 | 0 | 2025-02-11T18:31:42 | An exposure of sensitive information to an unauthorized actor in Fortinet FortiA | |
CVE-2024-27780 | 2.2 | 0.04% | 1 | 0 | 2025-02-11T18:31:42 | Multiple Improper Neutralization of Input During Web Page Generation ('Cross-sit | |
CVE-2024-40591 | 8.8 | 0.04% | 1 | 0 | 2025-02-11T18:31:42 | An incorrect privilege assignment vulnerability [CWE-266] in Fortinet FortiOS ve | |
CVE-2024-36508 | 6.0 | 0.04% | 1 | 0 | 2025-02-11T18:31:42 | An improper limitation of a pathname to a restricted directory ('Path Traversal' | |
CVE-2024-27781 | 7.1 | 0.04% | 1 | 0 | 2025-02-11T18:31:42 | An improper neutralization of input during web page generation ('cross-site scri | |
CVE-2024-52968 | 6.7 | 0.04% | 1 | 0 | 2025-02-11T18:31:42 | An improper authentication in Fortinet FortiClientMac 7.0.11 through 7.2.4 allow | |
CVE-2024-40584 | 7.2 | 0.04% | 1 | 0 | 2025-02-11T18:31:42 | An improper neutralization of special elements used in an OS command ('OS Comman | |
CVE-2025-24470 | 8.6 | 0.04% | 1 | 0 | 2025-02-11T18:31:42 | An Improper Resolution of Path Equivalence vulnerability [CWE-41] in FortiPortal | |
CVE-2024-50567 | 7.2 | 0.04% | 1 | 0 | 2025-02-11T18:31:42 | An improper neutralization of special elements used in an os command ('os comman | |
CVE-2025-21418 | 7.8 | 0.14% | 9 | 0 | 2025-02-11T18:31:41 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerabili | |
CVE-2025-21391 | 7.1 | 1.07% | 9 | 0 | 2025-02-11T18:31:40 | Windows Storage Elevation of Privilege Vulnerability | |
CVE-2025-21376 | 8.1 | 0.09% | 1 | 0 | 2025-02-11T18:31:39 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulne | |
CVE-2025-21198 | 9.1 | 0.04% | 1 | 0 | 2025-02-11T18:31:37 | Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerabilit | |
CVE-2025-21194 | 7.1 | 0.05% | 1 | 0 | 2025-02-11T18:31:37 | Microsoft Surface Security Feature Bypass Vulnerability | |
CVE-2024-35279 | 8.1 | 0.04% | 1 | 0 | 2025-02-11T18:31:37 | A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS versio | |
CVE-2023-40721 | 6.7 | 0.04% | 1 | 0 | 2025-02-11T18:31:37 | A use of externally-controlled format string vulnerability [CWE-134] in Fortinet | |
CVE-2024-40586 | 6.7 | 0.04% | 1 | 0 | 2025-02-11T18:31:37 | An Improper Access Control vulnerability [CWE-284] in FortiClient Windows versio | |
CVE-2024-33504 | 4.1 | 0.04% | 1 | 0 | 2025-02-11T18:31:37 | A use of hard-coded cryptographic key to encrypt sensitive data vulnerability [C | |
CVE-2024-47908 | 9.1 | 0.04% | 2 | 0 | 2025-02-11T18:31:37 | OS command injection in the admin web console of Ivanti CSA before version 5.0.5 | |
CVE-2024-11771 | 5.3 | 0.04% | 2 | 0 | 2025-02-11T18:31:37 | Path traversal in Ivanti CSA before version 5.0.5 allows a remote unauthenticate | |
CVE-2024-50569 | 6.6 | 0.04% | 1 | 0 | 2025-02-11T18:31:35 | A improper neutralization of special elements used in an os command ('os command | |
CVE-2025-21404 | 4.3 | 0.05% | 1 | 0 | 2025-02-11T18:31:33 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | |
CVE-2019-15002 | 0 | 0.04% | 1 | 0 | 2025-02-11T18:15:18.557000 | An exploitable CSRF vulnerability exists in Atlassian Jira, from versions 7.6.4 | |
CVE-2025-26493 | 4.6 | 0.04% | 1 | 0 | 2025-02-11T15:32:31 | In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on th | |
CVE-2025-1162 | 6.3 | 0.04% | 2 | 0 | 2025-02-11T15:15:20.047000 | A vulnerability classified as critical has been found in code-projects Job Recru | |
CVE-2025-1160 | 7.3 | 0.04% | 2 | 0 | 2025-02-11T15:15:19.790000 | A vulnerability was found in SourceCodester Employee Management System 1.0. It h | |
CVE-2024-52611 | 3.5 | 0.04% | 1 | 0 | 2025-02-11T09:30:38 | The SolarWinds Platform is vulnerable to an information disclosure vulnerability | |
CVE-2024-45718 | 4.6 | 0.04% | 1 | 0 | 2025-02-11T09:30:38 | Sensitive data could be exposed to non- privileged users in a configuration file | |
CVE-2024-52606 | 3.5 | 0.04% | 1 | 0 | 2025-02-11T09:30:38 | SolarWinds Platform is affected by server-side request forgery vulnerability. Pr | |
CVE-2025-25194 | 4.0 | 0.04% | 2 | 0 | 2025-02-11T00:33:49 | ### Summary This vulnerability allows a user to bypass any predefined hardcoded | |
CVE-2025-24970 | 7.5 | 0.04% | 2 | 0 | 2025-02-11T00:33:48 | ### Impact When a special crafted packet is received via SslHandler it doesn't c | |
CVE-2025-25193 | 5.5 | 0.04% | 2 | 0 | 2025-02-11T00:33:48 | ### Summary An unsafe reading of environment file could potentially cause a deni | |
CVE-2025-1159 | 3.5 | 0.04% | 2 | 0 | 2025-02-11T00:31:58 | A vulnerability was found in CampCodes School Management Software 1.0. It has be | |
CVE-2025-1158 | 6.3 | 0.08% | 2 | 0 | 2025-02-11T00:31:58 | A vulnerability was found in ESAFENET CDG 5.6.3.154.205_20250114. It has been cl | |
CVE-2025-1157 | 6.3 | 0.05% | 4 | 0 | 2025-02-10T21:31:46 | A vulnerability was found in Allims lab.online up to 20250201 and classified as | |
CVE-2025-1153 | 3.1 | 0.06% | 4 | 0 | 2025-02-10T21:31:46 | A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44. A | |
CVE-2025-1002 | 5.7 | 0.04% | 2 | 0 | 2025-02-10T21:31:45 | MicroDicom DICOM Viewer version 2024.03 fails to adequately verify the update s | |
CVE-2025-1156 | 7.3 | 0.05% | 2 | 0 | 2025-02-10T21:31:45 | A vulnerability has been found in Pix Software Vivaz 6.0.10 and classified as cr | |
CVE-2025-1154 | 6.3 | 0.08% | 4 | 0 | 2025-02-10T21:31:45 | A vulnerability, which was classified as critical, has been found in xxyopen Nov | |
CVE-2025-1155 | 4.3 | 0.04% | 4 | 0 | 2025-02-10T21:31:45 | A vulnerability, which was classified as problematic, was found in Webkul QloApp | |
CVE-2024-8550 | 7.5 | 0.04% | 4 | 0 | 2025-02-10T21:31:39 | A Local File Inclusion (LFI) vulnerability exists in the /load-workflow endpoint | |
CVE-2025-1150 | 3.1 | 0.05% | 4 | 0 | 2025-02-10T18:30:56 | A vulnerability was found in GNU Binutils 2.43. It has been declared as problema | |
CVE-2025-1151 | 3.1 | 0.05% | 4 | 0 | 2025-02-10T18:30:55 | A vulnerability was found in GNU Binutils 2.43. It has been rated as problematic | |
CVE-2025-1152 | 3.1 | 0.05% | 4 | 0 | 2025-02-10T18:30:55 | A vulnerability classified as problematic has been found in GNU Binutils 2.43. A | |
CVE-2025-25187 | 7.8 | 0.04% | 2 | 0 | 2025-02-10T18:15:35.703000 | Joplin is a free, open source note taking and to-do application, which can handl | |
CVE-2025-24366 | 7.5 | 0.04% | 2 | 0 | 2025-02-10T17:01:47 | ### Impact SFTPGo supports execution of a defined set of commands via SSH. Besid | |
CVE-2024-10334 | 7.3 | 0.04% | 1 | 0 | 2025-02-10T15:32:27 | A vulnerability exists in the VideONet product included in the listed System 800 | |
CVE-2024-13440 | 7.5 | 0.09% | 2 | 0 | 2025-02-09T06:30:57 | The Super Store Finder plugin for WordPress is vulnerable to SQL Injection via t | |
CVE-2025-0445 | 5.4 | 0.04% | 1 | 0 | 2025-02-08T00:33:21 | Use after free in V8 in Google Chrome prior to 133.0.6943.53 allowed a remote at | |
CVE-2025-0444 | 6.3 | 0.04% | 1 | 0 | 2025-02-08T00:33:21 | Use after free in Skia in Google Chrome prior to 133.0.6943.53 allowed a remote | |
CVE-2025-1113 | 6.3 | 0.04% | 2 | 0 | 2025-02-08T00:32:26 | A vulnerability was found in taisan tarzan-cms up to 1.0.0. It has been rated as | |
CVE-2025-1114 | 3.5 | 0.04% | 2 | 0 | 2025-02-08T00:32:20 | A vulnerability classified as problematic has been found in newbee-mall 1.0. Aff | |
CVE-2025-0451 | 6.3 | 0.04% | 1 | 0 | 2025-02-08T00:32:20 | Inappropriate implementation in Extensions API in Google Chrome prior to 133.0.6 | |
CVE-2024-57357 | 8.0 | 0.04% | 2 | 0 | 2025-02-07T23:15:14.550000 | An issue in TPLINK TL-WPA 8630 TL-WPA8630(US)_V2_2.0.4 Build 20230427 allows a r | |
CVE-2024-57279 | 5.4 | 0.04% | 2 | 0 | 2025-02-07T23:15:14.400000 | A reflected Cross-Site Scripting (XSS) vulnerability has been identified in the | |
CVE-2024-57278 | 5.4 | 0.04% | 2 | 0 | 2025-02-07T23:15:14.230000 | A reflected Cross-Site Scripting (XSS) vulnerability exists in /webscan/sqlmap/i | |
CVE-2021-27017 | 6.6 | 0.04% | 2 | 0 | 2025-02-07T21:31:06 | Utilization of a module presented a security risk by allowing the deserializatio | |
CVE-2025-25183 | 2.6 | 0.04% | 2 | 0 | 2025-02-07T20:15:34.083000 | vLLM is a high-throughput and memory-efficient inference and serving engine for | |
CVE-2025-1106 | 5.4 | 0.07% | 4 | 0 | 2025-02-07T19:15:24.613000 | A vulnerability classified as critical has been found in CmsEasy 7.7.7.9. This a | |
CVE-2025-0411 | 7.0 | 2.73% | 8 | 2 | 2025-02-07T18:32:19 | 7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote att | |
CVE-2024-7425 | 6.8 | 0.05% | 4 | 0 | 2025-02-07T18:31:29 | The WP ALL Export Pro plugin for WordPress is vulnerable to unauthorized modific | |
CVE-2024-9664 | 7.2 | 0.05% | 4 | 0 | 2025-02-07T18:31:28 | The WP All Import Pro plugin for WordPress is vulnerable to PHP Object Injection | |
CVE-2022-26389 | 7.7 | 0.04% | 2 | 0 | 2025-02-07T18:31:28 | An improper access control vulnerability may allow privilege escalation.This iss | |
CVE-2022-26388 | 6.4 | 0.04% | 2 | 0 | 2025-02-07T18:31:28 | A use of hard-coded password vulnerability may allow authentication abuse.This i | |
CVE-2025-1105 | 4.3 | 0.05% | 4 | 0 | 2025-02-07T18:15:28.433000 | A vulnerability was found in SiberianCMS 4.20.6. It has been rated as problemati | |
CVE-2025-1104 | 7.3 | 0.06% | 4 | 0 | 2025-02-07T17:15:31.477000 | A vulnerability has been found in D-Link DHP-W310AV 1.04 and classified as criti | |
CVE-2025-1103 | 6.5 | 0.04% | 4 | 0 | 2025-02-07T16:15:39.973000 | A vulnerability, which was classified as problematic, was found in D-Link DIR-82 | |
CVE-2024-9661 | 4.3 | 0.05% | 4 | 0 | 2025-02-07T16:15:39.263000 | The WP All Import Pro plugin for WordPress is vulnerable to Cross-Site Request F | |
CVE-2024-10383 | 8.7 | 0.04% | 2 | 0 | 2025-02-07T15:32:44 | An issue has been discovered in the gitlab-web-ide-vscode-fork component distrib | |
CVE-2025-1108 | 8.6 | 0.04% | 4 | 0 | 2025-02-07T14:15:48.530000 | Insufficient data authenticity verification vulnerability in Janto, versions pri | |
CVE-2025-1107 | 9.9 | 0.04% | 4 | 0 | 2025-02-07T14:15:48.343000 | Unverified password change vulnerability in Janto, versions prior to r12. This c | |
CVE-2025-25154 | 7.1 | 0.04% | 2 | 0 | 2025-02-07T12:31:26 | Cross-Site Request Forgery (CSRF) vulnerability in scweber Custom Comment Notifi | |
CVE-2025-25155 | 7.5 | 0.04% | 2 | 0 | 2025-02-07T12:31:26 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v | |
CVE-2025-25156 | 7.1 | 0.04% | 2 | 0 | 2025-02-07T12:31:26 | Cross-Site Request Forgery (CSRF) vulnerability in Stanko Metodiev Quote Comment | |
CVE-2025-25167 | 8.2 | 0.09% | 2 | 0 | 2025-02-07T12:31:26 | Missing Authorization vulnerability in blackandwhitedigital BookPress – For Book | |
CVE-2025-25140 | 7.1 | 0.04% | 2 | 0 | 2025-02-07T12:31:26 | Cross-Site Request Forgery (CSRF) vulnerability in Scriptonite Simple User Profi | |
CVE-2025-25151 | 8.5 | 0.04% | 2 | 0 | 2025-02-07T12:31:26 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
CVE-2025-25152 | 7.1 | 0.04% | 2 | 0 | 2025-02-07T12:31:26 | Cross-Site Request Forgery (CSRF) vulnerability in LukaszWiecek Smart DoFollow a | |
CVE-2025-25148 | 7.1 | 0.04% | 2 | 0 | 2025-02-07T12:31:26 | Cross-Site Request Forgery (CSRF) vulnerability in ElbowRobo Read More Copy Link | |
CVE-2025-25159 | 7.1 | 0.04% | 2 | 0 | 2025-02-07T12:31:26 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti | |
CVE-2025-25160 | 7.1 | 0.05% | 2 | 0 | 2025-02-07T12:31:26 | Cross-Site Request Forgery (CSRF) vulnerability in Mark Barnes Style Tweaker all | |
CVE-2025-25168 | 7.1 | 0.05% | 2 | 0 | 2025-02-07T12:31:25 | Cross-Site Request Forgery (CSRF) vulnerability in blackandwhitedigital BookPres | |
CVE-2025-25166 | 7.1 | 0.05% | 2 | 0 | 2025-02-07T12:31:25 | Cross-Site Request Forgery (CSRF) vulnerability in gabrieldarezzo InLocation all | |
CVE-2025-25153 | 7.1 | 0.04% | 2 | 0 | 2025-02-07T12:31:25 | Cross-Site Request Forgery (CSRF) vulnerability in djjmz Simple Auto Tag allows | |
CVE-2025-25147 | 7.1 | 0.04% | 2 | 0 | 2025-02-07T12:31:25 | Cross-Site Request Forgery (CSRF) vulnerability in Phillip.Gooch Auto SEO allows | |
CVE-2025-25149 | 7.1 | 0.04% | 2 | 0 | 2025-02-07T12:31:25 | Cross-Site Request Forgery (CSRF) vulnerability in Danillo Nunes Login-box allow | |
CVE-2025-25163 | 7.5 | 0.09% | 2 | 0 | 2025-02-07T12:31:25 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v | |
CVE-2025-1083 | 3.1 | 0.05% | 4 | 0 | 2025-02-07T03:32:09 | A vulnerability classified as problematic was found in Mindskip xzs-mysql 学之思开源考 | |
CVE-2025-21342 | 8.8 | 0.13% | 1 | 0 | 2025-02-07T03:32:09 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |
CVE-2025-21283 | 6.5 | 0.13% | 1 | 0 | 2025-02-07T03:32:09 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |
CVE-2025-21408 | 8.8 | 0.13% | 1 | 0 | 2025-02-07T03:32:09 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |
CVE-2025-21177 | 8.7 | 0.09% | 1 | 0 | 2025-02-07T03:32:09 | Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 Sales allows an aut | |
CVE-2025-21253 | 5.3 | 0.06% | 1 | 0 | 2025-02-07T03:32:09 | Microsoft Edge for IOS and Android Spoofing Vulnerability | |
CVE-2025-0674 | 9.8 | 0.04% | 1 | 0 | 2025-02-07T03:32:09 | Multiple Elber products are affected by an authentication bypass vulnerability | |
CVE-2025-0675 | 7.5 | 0.04% | 1 | 0 | 2025-02-07T03:32:09 | Multiple Elber products suffer from an unauthenticated device configuration and | |
CVE-2025-1082 | 3.5 | 0.07% | 4 | 0 | 2025-02-07T03:32:08 | A vulnerability classified as problematic has been found in Mindskip xzs-mysql 学 | |
CVE-2025-21279 | 6.5 | 0.13% | 1 | 0 | 2025-02-07T03:32:08 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |
CVE-2025-21267 | 4.4 | 0.06% | 1 | 0 | 2025-02-07T03:32:08 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | |
CVE-2024-21413 | 9.8 | 2.25% | 6 | 17 | 2025-02-07T02:00:02.403000 | Microsoft Outlook Remote Code Execution Vulnerability | |
CVE-2025-0725 | 7.3 | 0.04% | 3 | 0 | 2025-02-06T21:32:10 | When libcurl is asked to perform automatic gzip decompression of content-encoded | |
CVE-2025-1081 | 3.1 | 0.05% | 4 | 0 | 2025-02-06T21:15:23.120000 | A vulnerability was found in Bharti Airtel Xstream Fiber up to 20250123. It has | |
CVE-2025-0158 | 5.5 | 0.04% | 4 | 0 | 2025-02-06T21:15:21.923000 | IBM EntireX 11.1 could allow a local user to cause a denial of service due to an | |
CVE-2024-27137 | 5.3 | 0.04% | 1 | 0 | 2025-02-06T21:15:20.997000 | In Apache Cassandra it is possible for a local attacker without access to the A | |
CVE-2025-24860 | 5.4 | 0.04% | 1 | 0 | 2025-02-06T20:15:41.030000 | Incorrect Authorization vulnerability in Apache Cassandra allowing users to acce | |
CVE-2022-23748 | 7.8 | 0.29% | 3 | 0 | 2025-02-06T18:32:07 | mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly | |
CVE-2025-1078 | 5.3 | 0.04% | 4 | 0 | 2025-02-06T18:31:11 | A vulnerability has been found in AppHouseKitchen AlDente Charge Limiter up to 1 | |
CVE-2024-7595 | 6.5 | 0.04% | 1 | 2 | 2025-02-06T18:31:05 | GRE and GRE6 Protocols (RFC2784) do not validate or verify the source of a netwo | |
CVE-2020-29574 | 9.8 | 5.32% | 3 | 0 | 2025-02-06T18:30:59 | An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 | |
CVE-2020-15069 | 9.8 | 7.51% | 3 | 0 | 2025-02-06T18:30:59 | Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote c | |
CVE-2025-25181 | 5.8 | 0.04% | 3 | 0 | 2025-02-06T18:15:33.030000 | A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore throug | |
CVE-2024-57968 | 9.9 | 0.04% | 3 | 0 | 2025-02-06T18:15:32.287000 | Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload | |
CVE-2023-5878 | 9.1 | 0.04% | 1 | 0 | 2025-02-06T15:33:54 | Honeywell OneWireless Wireless Device Manager (WDM) for the following versions | |
CVE-2024-53104 | 7.8 | 0.14% | 6 | 0 | 2025-02-06T02:00:02.120000 | In the Linux kernel, the following vulnerability has been resolved: media: uvcv | |
CVE-2025-23419 | 4.3 | 0.04% | 4 | 0 | 2025-02-05T21:33:37 | When multiple server blocks are configured to share the same IP address and port | |
CVE-2024-56135 | 8.5 | 0.04% | 1 | 0 | 2025-02-05T18:34:52 | Improper Input Validation vulnerability of Authenticated User in Progress LoadMa | |
CVE-2024-56134 | 8.5 | 0.04% | 1 | 0 | 2025-02-05T18:34:52 | Improper Input Validation vulnerability of Authenticated User in Progress LoadMa | |
CVE-2024-56132 | 8.5 | 0.04% | 1 | 0 | 2025-02-05T18:34:52 | Improper Input Validation vulnerability of Authenticated User in Progress LoadMa | |
CVE-2024-56133 | 8.5 | 0.04% | 1 | 0 | 2025-02-05T18:34:52 | Improper Input Validation vulnerability of Authenticated User in Progress LoadMa | |
CVE-2025-20124 | 9.9 | 0.05% | 2 | 0 | 2025-02-05T18:34:52 | A vulnerability in an API of Cisco ISE could allow an authenticated, remote atta | |
CVE-2025-20175 | 7.7 | 0.04% | 1 | 0 | 2025-02-05T18:34:52 | A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Sof | |
CVE-2025-20179 | 6.1 | 0.05% | 1 | 0 | 2025-02-05T18:34:52 | A vulnerability in the web-based management interface of Cisco Expressway Series | |
CVE-2025-20176 | 7.7 | 0.04% | 1 | 0 | 2025-02-05T18:34:52 | A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Sof | |
CVE-2025-20170 | 7.7 | 0.04% | 1 | 0 | 2025-02-05T18:34:52 | A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Sof | |
CVE-2024-56131 | 8.5 | 0.04% | 1 | 0 | 2025-02-05T18:34:46 | Improper Input Validation vulnerability of Authenticated User in Progress LoadMa | |
CVE-2025-20204 | 4.8 | 0.04% | 1 | 0 | 2025-02-05T18:34:46 | A vulnerability in the web-based management interface of Cisco Identity Services | |
CVE-2025-20207 | 4.3 | 0.04% | 1 | 0 | 2025-02-05T18:34:46 | A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco S | |
CVE-2025-20205 | 4.8 | 0.04% | 1 | 0 | 2025-02-05T18:34:46 | A vulnerability in the web-based management interface of Cisco Identity Services | |
CVE-2025-20125 | 9.1 | 0.04% | 2 | 0 | 2025-02-05T18:34:45 | A vulnerability in an API of Cisco ISE could allow an authenticated, remote atta | |
CVE-2025-20173 | 7.7 | 0.04% | 1 | 0 | 2025-02-05T18:34:45 | A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Sof | |
CVE-2025-20174 | 7.7 | 0.04% | 1 | 0 | 2025-02-05T18:34:45 | A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Sof | |
CVE-2025-20171 | 7.7 | 0.04% | 1 | 0 | 2025-02-05T18:34:45 | A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Sof | |
CVE-2025-20172 | 7.7 | 0.04% | 1 | 0 | 2025-02-05T18:34:45 | A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Softwa | |
CVE-2025-20183 | 5.8 | 0.05% | 1 | 0 | 2025-02-05T17:15:25.527000 | A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) | |
CVE-2025-20180 | 4.8 | 0.04% | 1 | 0 | 2025-02-05T17:15:25.370000 | A vulnerability in the web-based management interface of Cisco AsyncOS Software | |
CVE-2025-20169 | 7.7 | 0.04% | 1 | 0 | 2025-02-05T17:15:22.777000 | A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Sof | |
CVE-2024-45195 | 7.5 | 71.15% | 3 | 0 | template | 2025-02-05T03:33:14 | Direct Request ('Forced Browsing') vulnerability in Apache OFBiz. This issue af |
CVE-2025-23114 | 9.0 | 0.04% | 5 | 0 | 2025-02-05T03:32:19 | A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to | |
CVE-2025-25064 | 9.8 | 0.04% | 1 | 0 | 2025-02-04T18:31:56 | SQL injection vulnerability in the ZimbraSyncService SOAP endpoint in Zimbra Col | |
CVE-2018-9276 | 7.2 | 81.10% | 3 | 3 | 2025-02-04T18:31:44 | An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who | |
CVE-2018-19410 | 9.8 | 4.91% | 3 | 1 | 2025-02-04T18:31:44 | PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated attackers | |
CVE-2024-40891 | 8.8 | 4.13% | 5 | 0 | 2025-02-04T12:31:04 | **UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerabil | |
CVE-2024-40890 | 8.8 | 4.13% | 5 | 0 | 2025-02-04T12:31:03 | **UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerabil | |
CVE-2025-0890 | 9.8 | 0.09% | 1 | 0 | 2025-02-04T11:15:08.880000 | **UNSUPPORTED WHEN ASSIGNED** Insecure default credentials for the Telnet functi | |
CVE-2024-57726 | 8.8 | 0.05% | 1 | 0 | 2025-01-31T21:33:50 | SimpleHelp remote support software v5.5.7 and before has a vulnerability that al | |
CVE-2024-57728 | 7.2 | 0.05% | 1 | 0 | 2025-01-31T21:33:50 | SimpleHelp remote support software v5.5.7 and before allows admin users to uploa | |
CVE-2025-0683 | 5.9 | 0.04% | 1 | 0 | 2025-01-31T18:32:12 | In its default configuration, the affected product transmits plain-text patient | |
CVE-2025-0626 | 7.5 | 0.04% | 2 | 0 | 2025-01-31T17:15:16.323000 | Contec Health CMS8000 Patient Monitor sends out remote access requests to a hard | |
CVE-2024-52875 | 8.8 | 0.05% | 2 | 0 | template | 2025-01-31T09:31:57 | An issue was discovered in GFI Kerio Control 9.2.5 through 9.4.5. The dest GET p |
CVE-2025-24085 | 7.8 | 0.21% | 1 | 1 | 2025-01-30T02:00:02.057000 | A use after free issue was addressed with improved memory management. This issue | |
CVE-2025-0282 | 9.1 | 15.32% | 2 | 10 | 2025-01-28T18:32:27 | A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, | |
CVE-2024-13176 | 4.1 | 0.04% | 2 | 0 | 2025-01-27T21:32:01 | Issue summary: A timing side-channel which could potentially allow recovering th | |
CVE-2025-21298 | 9.8 | 0.05% | 1 | 1 | 2025-01-24T21:48:49.880000 | Windows OLE Remote Code Execution Vulnerability | |
CVE-2025-0693 | 5.3 | 0.04% | 2 | 0 | 2025-01-23T22:15:15.397000 | Variable response times in the AWS Sign-in IAM user login flow allowed for the u | |
CVE-2024-55957 | 7.8 | 0.04% | 1 | 0 | 2025-01-23T15:32:07 | In Thermo Fisher Scientific Xcalibur before 4.7 SP1 and Thermo Foundation Instru | |
CVE-2024-55591 | 9.8 | 2.63% | 5 | 10 | 2025-01-23T02:00:02.310000 | An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-2 | |
CVE-2024-9310 | None | 0.04% | 1 | 0 | 2025-01-22T21:31:03 | By utilizing software-defined radios and a custom low-latency processing pipelin | |
CVE-2024-11166 | None | 0.04% | 1 | 0 | 2025-01-22T21:31:03 | For TCAS II systems using transponders compliant with MOPS earlier than RTCA DO- | |
CVE-2025-23369 | None | 0.04% | 2 | 2 | 2025-01-21T21:30:54 | An improper verification of cryptographic signature vulnerability was identified | |
CVE-2025-21293 | 8.8 | 0.05% | 2 | 0 | 2025-01-14T18:32:14 | Active Directory Domain Services Elevation of Privilege Vulnerability | |
CVE-2024-46668 | 7.5 | 0.05% | 1 | 0 | 2025-01-14T15:31:03 | An allocation of resources without limits or throttling vulnerability [CWE-770] | |
CVE-2024-46666 | 5.3 | 0.04% | 1 | 0 | 2025-01-14T15:31:02 | An allocation of resources without limits or throttling [CWE-770] vulnerability | |
CVE-2024-53704 | 9.8 | 0.04% | 4 | 1 | 2025-01-09T15:32:57 | An Improper Authentication vulnerability in the SSLVPN authentication mechanism | |
CVE-2024-12754 | 5.5 | 0.04% | 1 | 0 | 2024-12-30T18:30:49 | AnyDesk Link Following Information Disclosure Vulnerability. This vulnerability | |
CVE-2024-38856 | 8.1 | 95.01% | 1 | 10 | template | 2024-12-20T18:31:30 | Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apach |
CVE-2024-10573 | 6.7 | 0.04% | 1 | 0 | 2024-12-18T09:31:35 | An out-of-bounds write flaw was found in mpg123 when handling crafted streams. W | |
CVE-2024-49138 | 7.8 | 0.05% | 1 | 3 | 2024-12-12T03:33:06 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | |
CVE-2024-9474 | 7.2 | 97.48% | 1 | 8 | template | 2024-11-29T18:35:05 | A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allow |
CVE-2024-0012 | 9.8 | 97.00% | 1 | 10 | template | 2024-11-29T18:34:02 | An authentication bypass in Palo Alto Networks PAN-OS software enables an unauth |
CVE-2024-8856 | 9.8 | 0.13% | 1 | 2 | template | 2024-11-21T16:15:27.633000 | The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to |
CVE-2024-7264 | 6.5 | 0.06% | 1 | 0 | 2024-11-21T09:51:10.360000 | libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an A | |
CVE-2024-37313 | 7.3 | 0.04% | 1 | 0 | 2024-11-21T09:23:35.390000 | Nextcloud server is a self hosted personal cloud system. Under some circumstance | |
CVE-2024-20696 | 7.3 | 0.22% | 1 | 1 | 2024-11-21T08:52:56.870000 | Windows libarchive Remote Code Execution Vulnerability | |
CVE-2020-13946 | 5.9 | 0.07% | 1 | 0 | 2024-11-21T05:02:12.400000 | In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4. | |
CVE-2024-50089 | 5.5 | 0.04% | 1 | 0 | 2024-11-13T18:32:54 | In the Linux kernel, the following vulnerability has been resolved: unicode: Do | |
CVE-2024-0132 | 9.1 | 0.09% | 4 | 2 | 2024-10-29T19:48:12 | NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use | |
CVE-2024-39713 | 8.6 | 0.52% | 1 | 1 | template | 2024-09-06T17:35:12.380000 | A Server-Side Request Forgery (SSRF) affects Rocket.Chat's Twilio webhook endpoi |
CVE-2024-7646 | 8.8 | 0.04% | 1 | 2 | 2024-08-16T18:31:08 | A security issue was discovered in ingress-nginx where an actor with permission | |
CVE-2024-41710 | 6.8 | 0.04% | 6 | 0 | 2024-08-14T21:34:16 | A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phon | |
CVE-2024-5261 | None | 0.04% | 1 | 0 | 2024-06-25T15:31:12 | Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mo | |
CVE-2020-10136 | 5.3 | 2.49% | 1 | 2 | 2024-06-18T00:32:28 | Multiple products that implement the IP Encapsulation within IP standard (RFC 20 | |
CVE-2024-29059 | 7.5 | 69.15% | 3 | 1 | template | 2024-04-05T00:31:27 | .NET Framework Information Disclosure Vulnerability |
CVE-2020-13393 | None | 0.80% | 1 | 0 | 2023-01-29T05:02:45 | An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15. | |
CVE-2022-26118 | 6.7 | 0.04% | 1 | 0 | 2023-01-27T05:06:25 | A privilege chaining vulnerability [CWE-268] in FortiManager and FortiAnalyzer 6 | |
CVE-2024-55630 | 0 | 0.04% | 2 | 0 | N/A | ||
CVE-2025-24028 | 0 | 0.04% | 2 | 0 | N/A | ||
CVE-2025-0998 | 0 | 0.00% | 2 | 0 | N/A | ||
CVE-2025-0996 | 0 | 0.00% | 2 | 0 | N/A | ||
CVE-2025-0997 | 0 | 0.00% | 2 | 0 | N/A | ||
CVE-2025-0995 | 0 | 0.00% | 2 | 0 | N/A | ||
CVE-2025-0112 | 0 | 0.00% | 2 | 0 | N/A | ||
CVE-2025-24016 | 0 | 0.04% | 3 | 0 | N/A | ||
CVE-2024-24472 | 0 | 0.00% | 2 | 0 | N/A | ||
CVE-2024-40585 | 0 | 0.00% | 1 | 0 | N/A | ||
CVE-2025-24032 | 0 | 0.04% | 1 | 0 | N/A | ||
CVE-2024-56161 | 0 | 0.04% | 2 | 0 | N/A | ||
CVE-2024-20185 | 0 | 0.00% | 1 | 0 | N/A | ||
CVE-2024-20184 | 0 | 0.00% | 1 | 0 | N/A |
updated 2025-02-12T21:32:59
4 posts
CVE Alert: CVE-2025-0903 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0903/
##CVE Alert: CVE-2025-0903 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0903/
##CVE Alert: CVE-2025-0903 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0903/
##CVE Alert: CVE-2025-0903 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0903/
##updated 2025-02-12T21:32:02
6 posts
Assetnote: Nginx/Apache Path Confusion to Auth Bypass in PAN-OS (CVE-2025-0108)
If I'm reading this correctly, Assetnote dropped vulnerability details and proof of concept for CVE-2025-0108 (CVSSv4: 8.8 high) PAN-OS: Authentication Bypass in the Management Web Interface. They are describing this as a zero-day auth bypass, but it should be called "patch bypass." See related PAN security advisory.
Fun operational mistake: Assetnote wrote This vulnerability was fixed in versions xx and yy and assigned CVE zz.
in their conclusion.
#paloaltonetworks #CVE_2025_0108 #infosec #vulnerability #cve #cybersecurity #poc #proofofconcept
##Assetnote: Nginx/Apache Path Confusion to Auth Bypass in PAN-OS (CVE-2025-0108)
If I'm reading this correctly, Assetnote dropped vulnerability details and proof of concept for CVE-2025-0108 (CVSSv4: 8.8 high) PAN-OS: Authentication Bypass in the Management Web Interface. They are describing this as a zero-day auth bypass, but it should be called "patch bypass." See related PAN security advisory.
Fun operational mistake: Assetnote wrote This vulnerability was fixed in versions xx and yy and assigned CVE zz.
in their conclusion.
#paloaltonetworks #CVE_2025_0108 #infosec #vulnerability #cve #cybersecurity #poc #proofofconcept
##Assetnote: Nginx/Apache Path Confusion to Auth Bypass in PAN-OS (CVE-2025-0108)
If I'm reading this correctly, Assetnote dropped vulnerability details and proof of concept for CVE-2025-0108 (CVSSv4: 8.8 high) PAN-OS: Authentication Bypass in the Management Web Interface. They are describing this as a zero-day auth bypass, but it should be called "patch bypass." See related PAN security advisory.
Fun operational mistake: Assetnote wrote This vulnerability was fixed in versions xx and yy and assigned CVE zz.
in their conclusion.
#paloaltonetworks #CVE_2025_0108 #infosec #vulnerability #cve #cybersecurity #poc #proofofconcept
##Assetnote: Nginx/Apache Path Confusion to Auth Bypass in PAN-OS (CVE-2025-0108)
If I'm reading this correctly, Assetnote dropped vulnerability details and proof of concept for CVE-2025-0108 (CVSSv4: 8.8 high) PAN-OS: Authentication Bypass in the Management Web Interface. They are describing this as a zero-day auth bypass, but it should be called "patch bypass." See related PAN security advisory.
Fun operational mistake: Assetnote wrote This vulnerability was fixed in versions xx and yy and assigned CVE zz.
in their conclusion.
#paloaltonetworks #CVE_2025_0108 #infosec #vulnerability #cve #cybersecurity #poc #proofofconcept
##Happy #PatchTuesday from Palo Alto Networks (LIKELY ZERO-DAYS):
(Note: PAN likes to downplay severity by showing the base + threat metrics CVSSv4 score. I listed base score only)
NEW!
CVE-2025-0108 (CVSSv4: 8.8 high) PAN-OS: Authentication Bypass in the Management Web InterfacePalo Alto Networks is not aware of any malicious exploitation of this issue.
My new concern is whether I should say #zeroday for CVE-2025-0110 and 0109. Based on the First criteria for Exploit Maturity:
Based on threat intelligence sources each of the following must apply:
- Proof-of-concept is publicly available
- No knowledge of reported attempts to exploit this vulnerability
- No knowledge of publicly available solutions used to simplify attempts to exploit the vulnerability
#paloaltonetworks #infosec #vulnerability #cve #cybersecurity #poc #proofofconcept
##Happy #PatchTuesday from Palo Alto Networks (LIKELY ZERO-DAYS):
(Note: PAN likes to downplay severity by showing the base + threat metrics CVSSv4 score. I listed base score only)
NEW!
CVE-2025-0108 (CVSSv4: 8.8 high) PAN-OS: Authentication Bypass in the Management Web InterfacePalo Alto Networks is not aware of any malicious exploitation of this issue.
My new concern is whether I should say #zeroday for CVE-2025-0110 and 0109. Based on the First criteria for Exploit Maturity:
Based on threat intelligence sources each of the following must apply:
- Proof-of-concept is publicly available
- No knowledge of reported attempts to exploit this vulnerability
- No knowledge of publicly available solutions used to simplify attempts to exploit the vulnerability
#paloaltonetworks #infosec #vulnerability #cve #cybersecurity #poc #proofofconcept
##updated 2025-02-12T21:32:02
2 posts
@reverseics @neurovagrant There, in a show of goodwill and fairness, here's a fresh CVE for vim: https://nvd.nist.gov/vuln/detail/CVE-2025-1215
The vuln's not much ( or anything, really ), but when vim is that much better than emacs in general, what can you expect? 😉
##@reverseics @neurovagrant There, in a show of goodwill and fairness, here's a fresh CVE for vim: https://nvd.nist.gov/vuln/detail/CVE-2025-1215
The vuln's not much ( or anything, really ), but when vim is that much better than emacs in general, what can you expect? 😉
##updated 2025-02-12T21:32:02
2 posts
Happy #PatchTuesday from Palo Alto Networks (LIKELY ZERO-DAYS):
(Note: PAN likes to downplay severity by showing the base + threat metrics CVSSv4 score. I listed base score only)
NEW!
CVE-2025-0108 (CVSSv4: 8.8 high) PAN-OS: Authentication Bypass in the Management Web InterfacePalo Alto Networks is not aware of any malicious exploitation of this issue.
My new concern is whether I should say #zeroday for CVE-2025-0110 and 0109. Based on the First criteria for Exploit Maturity:
Based on threat intelligence sources each of the following must apply:
- Proof-of-concept is publicly available
- No knowledge of reported attempts to exploit this vulnerability
- No knowledge of publicly available solutions used to simplify attempts to exploit the vulnerability
#paloaltonetworks #infosec #vulnerability #cve #cybersecurity #poc #proofofconcept
##Happy #PatchTuesday from Palo Alto Networks (LIKELY ZERO-DAYS):
(Note: PAN likes to downplay severity by showing the base + threat metrics CVSSv4 score. I listed base score only)
NEW!
CVE-2025-0108 (CVSSv4: 8.8 high) PAN-OS: Authentication Bypass in the Management Web InterfacePalo Alto Networks is not aware of any malicious exploitation of this issue.
My new concern is whether I should say #zeroday for CVE-2025-0110 and 0109. Based on the First criteria for Exploit Maturity:
Based on threat intelligence sources each of the following must apply:
- Proof-of-concept is publicly available
- No knowledge of reported attempts to exploit this vulnerability
- No knowledge of publicly available solutions used to simplify attempts to exploit the vulnerability
#paloaltonetworks #infosec #vulnerability #cve #cybersecurity #poc #proofofconcept
##updated 2025-02-12T21:32:02
2 posts
Happy #PatchTuesday from Palo Alto Networks (LIKELY ZERO-DAYS):
(Note: PAN likes to downplay severity by showing the base + threat metrics CVSSv4 score. I listed base score only)
NEW!
CVE-2025-0108 (CVSSv4: 8.8 high) PAN-OS: Authentication Bypass in the Management Web InterfacePalo Alto Networks is not aware of any malicious exploitation of this issue.
My new concern is whether I should say #zeroday for CVE-2025-0110 and 0109. Based on the First criteria for Exploit Maturity:
Based on threat intelligence sources each of the following must apply:
- Proof-of-concept is publicly available
- No knowledge of reported attempts to exploit this vulnerability
- No knowledge of publicly available solutions used to simplify attempts to exploit the vulnerability
#paloaltonetworks #infosec #vulnerability #cve #cybersecurity #poc #proofofconcept
##Happy #PatchTuesday from Palo Alto Networks (LIKELY ZERO-DAYS):
(Note: PAN likes to downplay severity by showing the base + threat metrics CVSSv4 score. I listed base score only)
NEW!
CVE-2025-0108 (CVSSv4: 8.8 high) PAN-OS: Authentication Bypass in the Management Web InterfacePalo Alto Networks is not aware of any malicious exploitation of this issue.
My new concern is whether I should say #zeroday for CVE-2025-0110 and 0109. Based on the First criteria for Exploit Maturity:
Based on threat intelligence sources each of the following must apply:
- Proof-of-concept is publicly available
- No knowledge of reported attempts to exploit this vulnerability
- No knowledge of publicly available solutions used to simplify attempts to exploit the vulnerability
#paloaltonetworks #infosec #vulnerability #cve #cybersecurity #poc #proofofconcept
##updated 2025-02-12T21:32:02
2 posts
Happy #PatchTuesday from Palo Alto Networks (LIKELY ZERO-DAYS):
(Note: PAN likes to downplay severity by showing the base + threat metrics CVSSv4 score. I listed base score only)
NEW!
CVE-2025-0108 (CVSSv4: 8.8 high) PAN-OS: Authentication Bypass in the Management Web InterfacePalo Alto Networks is not aware of any malicious exploitation of this issue.
My new concern is whether I should say #zeroday for CVE-2025-0110 and 0109. Based on the First criteria for Exploit Maturity:
Based on threat intelligence sources each of the following must apply:
- Proof-of-concept is publicly available
- No knowledge of reported attempts to exploit this vulnerability
- No knowledge of publicly available solutions used to simplify attempts to exploit the vulnerability
#paloaltonetworks #infosec #vulnerability #cve #cybersecurity #poc #proofofconcept
##Happy #PatchTuesday from Palo Alto Networks (LIKELY ZERO-DAYS):
(Note: PAN likes to downplay severity by showing the base + threat metrics CVSSv4 score. I listed base score only)
NEW!
CVE-2025-0108 (CVSSv4: 8.8 high) PAN-OS: Authentication Bypass in the Management Web InterfacePalo Alto Networks is not aware of any malicious exploitation of this issue.
My new concern is whether I should say #zeroday for CVE-2025-0110 and 0109. Based on the First criteria for Exploit Maturity:
Based on threat intelligence sources each of the following must apply:
- Proof-of-concept is publicly available
- No knowledge of reported attempts to exploit this vulnerability
- No knowledge of publicly available solutions used to simplify attempts to exploit the vulnerability
#paloaltonetworks #infosec #vulnerability #cve #cybersecurity #poc #proofofconcept
##updated 2025-02-12T21:32:02
2 posts
Happy #PatchTuesday from Palo Alto Networks (LIKELY ZERO-DAYS):
(Note: PAN likes to downplay severity by showing the base + threat metrics CVSSv4 score. I listed base score only)
NEW!
CVE-2025-0108 (CVSSv4: 8.8 high) PAN-OS: Authentication Bypass in the Management Web InterfacePalo Alto Networks is not aware of any malicious exploitation of this issue.
My new concern is whether I should say #zeroday for CVE-2025-0110 and 0109. Based on the First criteria for Exploit Maturity:
Based on threat intelligence sources each of the following must apply:
- Proof-of-concept is publicly available
- No knowledge of reported attempts to exploit this vulnerability
- No knowledge of publicly available solutions used to simplify attempts to exploit the vulnerability
#paloaltonetworks #infosec #vulnerability #cve #cybersecurity #poc #proofofconcept
##Happy #PatchTuesday from Palo Alto Networks (LIKELY ZERO-DAYS):
(Note: PAN likes to downplay severity by showing the base + threat metrics CVSSv4 score. I listed base score only)
NEW!
CVE-2025-0108 (CVSSv4: 8.8 high) PAN-OS: Authentication Bypass in the Management Web InterfacePalo Alto Networks is not aware of any malicious exploitation of this issue.
My new concern is whether I should say #zeroday for CVE-2025-0110 and 0109. Based on the First criteria for Exploit Maturity:
Based on threat intelligence sources each of the following must apply:
- Proof-of-concept is publicly available
- No knowledge of reported attempts to exploit this vulnerability
- No knowledge of publicly available solutions used to simplify attempts to exploit the vulnerability
#paloaltonetworks #infosec #vulnerability #cve #cybersecurity #poc #proofofconcept
##updated 2025-02-12T21:32:01
8 posts
Happy #PatchTuesday from CrowdStrike: CVE 2025-1146 - CrowdStrike Falcon Sensor for Linux TLS Issue
CVE-2025-1146 CrowdStrike Falcon Sensor for Linux TLS Issue:
CrowdStrike uses industry-standard TLS (transport layer security) to secure communications from the Falcon sensor to the CrowdStrike cloud. CrowdStrike has identified a validation logic error in the Falcon sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor where our TLS connection routine to the CrowdStrike cloud can incorrectly process server certificate validation. This could allow an attacker with the ability to control network traffic to potentially conduct a man-in-the-middle (MiTM) attack.
CrowdStrike has no indication of any exploitation of this issue in the wild.
I want to note that ClownStrike does not have a date or timestamp on their security advisory. 🤡 h/t: @cR0w
#crowdstrike #crowdstrikefalcon #CVE_2025_1146 #cve #vulnerability #infosec #cybersecurity
##@screaminggoat I just saw it and only because I saw the CVE for it: CVE-2025-1146 . Sure would be nice for these assholes to date their shit like grown-ups but here we are.
##@cR0w yo what the fuck. when was this released?
EDIT: published today 2025-02-12
https://www.cve.org/CVERecord?id=CVE-2025-1146
https://www.crowdstrike.com/security-advisories/cve-2025-1146/
##Happy #PatchTuesday from CrowdStrike: CVE 2025-1146 - CrowdStrike Falcon Sensor for Linux TLS Issue
CVE-2025-1146 CrowdStrike Falcon Sensor for Linux TLS Issue:
CrowdStrike uses industry-standard TLS (transport layer security) to secure communications from the Falcon sensor to the CrowdStrike cloud. CrowdStrike has identified a validation logic error in the Falcon sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor where our TLS connection routine to the CrowdStrike cloud can incorrectly process server certificate validation. This could allow an attacker with the ability to control network traffic to potentially conduct a man-in-the-middle (MiTM) attack.
CrowdStrike has no indication of any exploitation of this issue in the wild.
I want to note that ClownStrike does not have a date or timestamp on their security advisory. 🤡 h/t: @cR0w
#crowdstrike #crowdstrikefalcon #CVE_2025_1146 #cve #vulnerability #infosec #cybersecurity
##@screaminggoat I just saw it and only because I saw the CVE for it: CVE-2025-1146 . Sure would be nice for these assholes to date their shit like grown-ups but here we are.
##@cR0w yo what the fuck. when was this released?
EDIT: published today 2025-02-12
https://www.cve.org/CVERecord?id=CVE-2025-1146
https://www.crowdstrike.com/security-advisories/cve-2025-1146/
##updated 2025-02-12T19:29:30.383000
15 posts
1 repos
Hackers exploiting bug in popular Trimble Cityworks tool used by local gov’ts
#CVE_2025_0994
https://therecord.media/hackers-exploiting-trimble-cityworks-bug-used-by-local-govs
CISA: Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software
CISA puts out a standalone security alert about Trimble Cityworks Server Asset Management System (AMS), which was exploited with zero-day CVE-2025-0994.
IOC:
4b7561e27c87a1895446d7f2b83e2d9fcf71e6d6e8bc99d4 4818dc39a6ff99d5
4ffc33bdc8527a2e8cb87e49cdc16c3b1480dfc135e507d552f581a67d1850a9
8a6c735f3608719ec9f46d9c6c5fc196db8c97065957c218b98733a491edd899
883d849b94238c26c57c0595ccb95b8c356628887b9a3628bf56e726332af925
151a71c43e63db802d41d5d715aa98eb1b236e0a6441076a8d30fd93990416b4
1de72c03927bcd2810ce98205ff871ef1ebf4344fba187e1 26e50caa1e43250b
14a072113baa0a1e1e2b6044068c7bc972ae5e541a0aec06577b0d6663140079
04dc3a16e1e2b4924943805a1cea5e402c4f2304c717ea21fdf43274b8c34a84
f09b51b759dfe7de06fa724bd89592f5b8eae57053d5fb4891e40f24055103fb
C:\windows\temp\z1.exe
C:\windows\temp\z2.exe
C:\windows\temp\z44.exe
C:\windows\temp\z55.exe
C:\Windows\Temp\UDGEZR.exe
C:\Windows\Temp\z55.exe_winpty\winpty-agent.exe
C:\Windows\Temp\z55.exe_winpty\winpty.dll
192.210.239[.]172:3219
192.210.239[.]172:4219
23.247.136[.]238
31.59.70[.]13
31.59.70[.]11
149.112.117[.]49
cdn[.]phototagx[.]com
https[:]//cdn.lgaircon[.]xyz[:]443/jquery-3.3.1.min.js
https[:]//192.210.239[.]172/messages/73KWf-o0-s0hxVCDJp1sfAHRcgdm7
192.210.137[.]81
192.210.183[.]118
ifode[.]xyz
#cisa #CVE_2025_0994 #kev #eitw #zeroday #vulnerability #trimble #cityworks #activeexploitation #infosec #cybersecurity #KnownExploitedVulnerabilitiesCatalog
##EXPLOITED ZERO-DAY: CISA: Trimble Cityworks
Now that it's public, I can confirm that CVE-2025-0994 (8.6 high) remote code execution is an exploited zero-day.
CISA has received reports of this vulnerability being actively exploited.
Quoting Trimble internal communication:
These changes address a recently discovered vulnerability enabling an external actor to exploit a deserialization vulnerability for remote code execution (RCE) against a customer's Microsoft Internet Information Services (IIS) web server
Indicators of compromise are on page 2 of the Trimble communication page* (thanks @campuscodi)
#threatintel #zeroday #trimble #cityworks #activeexploitation #eitw #CVE_2025_0994 #infosec #cybersecurity #cyberthreatintelligence #vulnerability #CTI
##CISA: Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software
CISA puts out a standalone security alert about Trimble Cityworks Server Asset Management System (AMS), which was exploited with zero-day CVE-2025-0994.
IOC:
4b7561e27c87a1895446d7f2b83e2d9fcf71e6d6e8bc99d4 4818dc39a6ff99d5
4ffc33bdc8527a2e8cb87e49cdc16c3b1480dfc135e507d552f581a67d1850a9
8a6c735f3608719ec9f46d9c6c5fc196db8c97065957c218b98733a491edd899
883d849b94238c26c57c0595ccb95b8c356628887b9a3628bf56e726332af925
151a71c43e63db802d41d5d715aa98eb1b236e0a6441076a8d30fd93990416b4
1de72c03927bcd2810ce98205ff871ef1ebf4344fba187e1 26e50caa1e43250b
14a072113baa0a1e1e2b6044068c7bc972ae5e541a0aec06577b0d6663140079
04dc3a16e1e2b4924943805a1cea5e402c4f2304c717ea21fdf43274b8c34a84
f09b51b759dfe7de06fa724bd89592f5b8eae57053d5fb4891e40f24055103fb
C:\windows\temp\z1.exe
C:\windows\temp\z2.exe
C:\windows\temp\z44.exe
C:\windows\temp\z55.exe
C:\Windows\Temp\UDGEZR.exe
C:\Windows\Temp\z55.exe_winpty\winpty-agent.exe
C:\Windows\Temp\z55.exe_winpty\winpty.dll
192.210.239[.]172:3219
192.210.239[.]172:4219
23.247.136[.]238
31.59.70[.]13
31.59.70[.]11
149.112.117[.]49
cdn[.]phototagx[.]com
https[:]//cdn.lgaircon[.]xyz[:]443/jquery-3.3.1.min.js
https[:]//192.210.239[.]172/messages/73KWf-o0-s0hxVCDJp1sfAHRcgdm7
192.210.137[.]81
192.210.183[.]118
ifode[.]xyz
#cisa #CVE_2025_0994 #kev #eitw #zeroday #vulnerability #trimble #cityworks #activeexploitation #infosec #cybersecurity #KnownExploitedVulnerabilitiesCatalog
##EXPLOITED ZERO-DAY: CISA: Trimble Cityworks
Now that it's public, I can confirm that CVE-2025-0994 (8.6 high) remote code execution is an exploited zero-day.
CISA has received reports of this vulnerability being actively exploited.
Quoting Trimble internal communication:
These changes address a recently discovered vulnerability enabling an external actor to exploit a deserialization vulnerability for remote code execution (RCE) against a customer's Microsoft Internet Information Services (IIS) web server
Indicators of compromise are on page 2 of the Trimble communication page* (thanks @campuscodi)
#threatintel #zeroday #trimble #cityworks #activeexploitation #eitw #CVE_2025_0994 #infosec #cybersecurity #cyberthreatintelligence #vulnerability #CTI
##CISA Flags Critical Trimble Cityworks Vulnerability (CVE-2025-0994) in KEV Catalog https://thecyberexpress.com/cve-2025-0994-trimble-cityworks-vulnerability/ #TrimbleCityworksDeserializationvulnerability #knownexploitedvulnerabilities #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE20250994 #CyberNews #CISA
##Hackers exploiting bug in popular Trimble Cityworks tool used by local gov’ts
#CVE_2025_0994
https://therecord.media/hackers-exploiting-trimble-cityworks-bug-used-by-local-govs
CISA: Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software
CISA puts out a standalone security alert about Trimble Cityworks Server Asset Management System (AMS), which was exploited with zero-day CVE-2025-0994.
IOC:
4b7561e27c87a1895446d7f2b83e2d9fcf71e6d6e8bc99d4 4818dc39a6ff99d5
4ffc33bdc8527a2e8cb87e49cdc16c3b1480dfc135e507d552f581a67d1850a9
8a6c735f3608719ec9f46d9c6c5fc196db8c97065957c218b98733a491edd899
883d849b94238c26c57c0595ccb95b8c356628887b9a3628bf56e726332af925
151a71c43e63db802d41d5d715aa98eb1b236e0a6441076a8d30fd93990416b4
1de72c03927bcd2810ce98205ff871ef1ebf4344fba187e1 26e50caa1e43250b
14a072113baa0a1e1e2b6044068c7bc972ae5e541a0aec06577b0d6663140079
04dc3a16e1e2b4924943805a1cea5e402c4f2304c717ea21fdf43274b8c34a84
f09b51b759dfe7de06fa724bd89592f5b8eae57053d5fb4891e40f24055103fb
C:\windows\temp\z1.exe
C:\windows\temp\z2.exe
C:\windows\temp\z44.exe
C:\windows\temp\z55.exe
C:\Windows\Temp\UDGEZR.exe
C:\Windows\Temp\z55.exe_winpty\winpty-agent.exe
C:\Windows\Temp\z55.exe_winpty\winpty.dll
192.210.239[.]172:3219
192.210.239[.]172:4219
23.247.136[.]238
31.59.70[.]13
31.59.70[.]11
149.112.117[.]49
cdn[.]phototagx[.]com
https[:]//cdn.lgaircon[.]xyz[:]443/jquery-3.3.1.min.js
https[:]//192.210.239[.]172/messages/73KWf-o0-s0hxVCDJp1sfAHRcgdm7
192.210.137[.]81
192.210.183[.]118
ifode[.]xyz
#cisa #CVE_2025_0994 #kev #eitw #zeroday #vulnerability #trimble #cityworks #activeexploitation #infosec #cybersecurity #KnownExploitedVulnerabilitiesCatalog
##EXPLOITED ZERO-DAY: CISA: Trimble Cityworks
Now that it's public, I can confirm that CVE-2025-0994 (8.6 high) remote code execution is an exploited zero-day.
CISA has received reports of this vulnerability being actively exploited.
Quoting Trimble internal communication:
These changes address a recently discovered vulnerability enabling an external actor to exploit a deserialization vulnerability for remote code execution (RCE) against a customer's Microsoft Internet Information Services (IIS) web server
Indicators of compromise are on page 2 of the Trimble communication page* (thanks @campuscodi)
#threatintel #zeroday #trimble #cityworks #activeexploitation #eitw #CVE_2025_0994 #infosec #cybersecurity #cyberthreatintelligence #vulnerability #CTI
##CISA: Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software
CISA puts out a standalone security alert about Trimble Cityworks Server Asset Management System (AMS), which was exploited with zero-day CVE-2025-0994.
IOC:
4b7561e27c87a1895446d7f2b83e2d9fcf71e6d6e8bc99d4 4818dc39a6ff99d5
4ffc33bdc8527a2e8cb87e49cdc16c3b1480dfc135e507d552f581a67d1850a9
8a6c735f3608719ec9f46d9c6c5fc196db8c97065957c218b98733a491edd899
883d849b94238c26c57c0595ccb95b8c356628887b9a3628bf56e726332af925
151a71c43e63db802d41d5d715aa98eb1b236e0a6441076a8d30fd93990416b4
1de72c03927bcd2810ce98205ff871ef1ebf4344fba187e1 26e50caa1e43250b
14a072113baa0a1e1e2b6044068c7bc972ae5e541a0aec06577b0d6663140079
04dc3a16e1e2b4924943805a1cea5e402c4f2304c717ea21fdf43274b8c34a84
f09b51b759dfe7de06fa724bd89592f5b8eae57053d5fb4891e40f24055103fb
C:\windows\temp\z1.exe
C:\windows\temp\z2.exe
C:\windows\temp\z44.exe
C:\windows\temp\z55.exe
C:\Windows\Temp\UDGEZR.exe
C:\Windows\Temp\z55.exe_winpty\winpty-agent.exe
C:\Windows\Temp\z55.exe_winpty\winpty.dll
192.210.239[.]172:3219
192.210.239[.]172:4219
23.247.136[.]238
31.59.70[.]13
31.59.70[.]11
149.112.117[.]49
cdn[.]phototagx[.]com
https[:]//cdn.lgaircon[.]xyz[:]443/jquery-3.3.1.min.js
https[:]//192.210.239[.]172/messages/73KWf-o0-s0hxVCDJp1sfAHRcgdm7
192.210.137[.]81
192.210.183[.]118
ifode[.]xyz
#cisa #CVE_2025_0994 #kev #eitw #zeroday #vulnerability #trimble #cityworks #activeexploitation #infosec #cybersecurity #KnownExploitedVulnerabilitiesCatalog
##EXPLOITED ZERO-DAY: CISA: Trimble Cityworks
Now that it's public, I can confirm that CVE-2025-0994 (8.6 high) remote code execution is an exploited zero-day.
CISA has received reports of this vulnerability being actively exploited.
Quoting Trimble internal communication:
These changes address a recently discovered vulnerability enabling an external actor to exploit a deserialization vulnerability for remote code execution (RCE) against a customer's Microsoft Internet Information Services (IIS) web server
Indicators of compromise are on page 2 of the Trimble communication page* (thanks @campuscodi)
#threatintel #zeroday #trimble #cityworks #activeexploitation #eitw #CVE_2025_0994 #infosec #cybersecurity #cyberthreatintelligence #vulnerability #CTI
##CVE ID: CVE-2025-0994
Vendor: Trimble
Product: Cityworks
Date Added: 2025-02-07
Vulnerability: Trimble Cityworks Deserialization Vulnerability
Notes: https://learn.assetlifecycle.trimble.com/i/1532182-cityworks-customer-communication-2025-02-05-docx/0?; https://www.cisa.gov/news-events/ics-advisories/icsa-25-037-04 ; https://nvd.nist.gov/vuln/detail/CVE-2025-0994
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-0994
CISA has updated the KEV catalogue.
CVE-2025-0994: Trimble Cityworks Deserialization Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-0994 @cisagov #CISA #cybersecurity #infosec
##CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CVE-2025-0994 (8.6 high) Trimble Cityworks Deserialization Vulnerability
See parent toot above for details about the zero-day, and link to indicators of compromise. cc: @ntkramer rare Friday KEV
#cisa #cisakev #kev #eitw #zeroday #vulnerability #trimble #cityworks #activeexploitation #infosec #cybersecurity #KnownExploitedVulnerabilitiesCatalog
##CISA Warns of Active Exploitation in Trimble Cityworks Vulnerability Leading to IIS RCE
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active exploitation in the wild.
The vulnerability in question is CVE-2025-0994 (CVSS v4 score: 8.6), a deserialization of untrusted data bug that could permit an attacker to conduct remote code execution.
"This could
https://thehackernews.com/2025/02/cisa-warns-of-active-exploitation-in.html
##updated 2025-02-12T15:32:08
2 posts
sev:HIGH shell injection due to improper man handling in Emacs.
https://access.redhat.com/security/cve/CVE-2025-1244
##A flaw was found in the Emacs text editor. Improper handling of custom "man" URI schemes allows attackers to execute arbitrary shell commands by tricking users into visiting a specially crafted website or an HTTP URL with a redirect.
sev:HIGH shell injection due to improper man handling in Emacs.
https://access.redhat.com/security/cve/CVE-2025-1244
##A flaw was found in the Emacs text editor. Improper handling of custom "man" URI schemes allows attackers to execute arbitrary shell commands by tricking users into visiting a specially crafted website or an HTTP URL with a redirect.
updated 2025-02-12T03:31:24
3 posts
Alter Falter, NVIDIA! Da knallt's ja schon wieder im Container. CVE-2025-23359, TOCTOU-Race Condition... wer das NVIDIA Container Toolkit oder den GPU Operator nutzt (Kubernetes, ML/AI, aufgepasst!), sollte schleunigst updaten! Sonst gibts Container-Escape vom Feinsten.
Betrifft wohl alle bis 1.17.3 (Toolkit) bzw. 24.9.1 (Operator). Geht um nen Bypass für CVE-2024-0132. Wiz hat's analysiert.
Was passieren kann? Code Execution, DoS, Privilege Escalation, Data Tampering... das volle Programm. Container-Escape bedeutet hier halt Host-Kompromittierung. Also, ran an die Updates! Und lasst das "--no-cntlibs" Flag bloß nicht deaktiviert in Production!
Schonmal nen Container-Escape live gesehen? Ist echt kein Spaß! #infosec #pentesting #containers #kubernetes #nvidia #security #vulnerability #cve
##Alter Falter, NVIDIA! Da knallt's ja schon wieder im Container. CVE-2025-23359, TOCTOU-Race Condition... wer das NVIDIA Container Toolkit oder den GPU Operator nutzt (Kubernetes, ML/AI, aufgepasst!), sollte schleunigst updaten! Sonst gibts Container-Escape vom Feinsten.
Betrifft wohl alle bis 1.17.3 (Toolkit) bzw. 24.9.1 (Operator). Geht um nen Bypass für CVE-2024-0132. Wiz hat's analysiert.
Was passieren kann? Code Execution, DoS, Privilege Escalation, Data Tampering... das volle Programm. Container-Escape bedeutet hier halt Host-Kompromittierung. Also, ran an die Updates! Und lasst das "--no-cntlibs" Flag bloß nicht deaktiviert in Production!
Schonmal nen Container-Escape live gesehen? Ist echt kein Spaß! #infosec #pentesting #containers #kubernetes #nvidia #security #vulnerability #cve
##Wiz: How Wiz found a Critical NVIDIA AI vulnerability: Deep Dive into a container escape (CVE-2024-0132)
This is an update to a previous blog post from 26 September 2024. Wiz provides vulnerability details for CVE-2024-0132 (9.0 critical) NVIDIA Container Toolkit 1.16.1 or earlier TOCTOU (hehe funny acronym @cR0w) which can lead to "code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
We withheld specific technical details of the vulnerability because the NVIDIA PSIRT team identified that the original patch did not fully resolve the issue. We worked closely with the NVIDIA team to ensure proper mitigation of both the original vulnerability and the bypass. The bypass is tracked under a separate CVE, CVE-2025-23359.
#nvidia #cve #vulnerability #CVE_2024_0132 #CVE_2025_23359 #infosec #cybersecurity
##updated 2025-02-12T00:32:25
2 posts
CVE Alert: CVE-2025-1240 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1240/
##CVE Alert: CVE-2025-1240 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1240/
##updated 2025-02-11T23:15:08.807000
9 posts
An impact summary has now been added to the openssl website:
Impact summary: TLS and DTLS connections using raw public keys may be vulnerable to man-in-middle attacks when server authentication failure is not detected by clients.
RPKs are disabled by default in both TLS clients and TLS servers. The issue only arises when TLS clients explicitly enable RPK use by the server, and the server, likewise, enables sending of an RPK instead of an X.509 certificate chain. The affected clients are those that then rely on the handshake to fail when the server’s RPK fails to match one of the expected public keys, by setting the verification mode to SSL_VERIFY_PEER.
Clients that enable server-side raw public keys can still find out that raw public key verification failed by calling SSL_get_verify_result(), and those that do, and take appropriate action, are not affected. This issue was introduced in the initial implementation of RPK support in OpenSSL 3.2.
The FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.
https://openssl-library.org/news/vulnerabilities/index.html#CVE-2024-12797
##Some more info from the release notes:
Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSL_VERIFY_PEER verification mode is set.
##Does anyone have more information about the vuln that was just fixed in openssl?
CVE-2024-12797
"Fixed RFC7250 handshakes with unauthenticated servers don't abort as expected."
https://github.com/openssl/openssl/releases/tag/openssl-3.4.1
###OpenSSL 3.4.1 is a #security patch release. The most severe CVE fixed in this release is High.
This release incorporates the following bug fixes and mitigations:
Fixed RFC7250 handshakes with unauthenticated servers don't abort as expected. (CVE-2024-12797)
Fixed timing side-channel in ECDSA signature computation. (CVE-2024-13176)
https://github.com/openssl/openssl/releases/tag/openssl-3.4.1
##On top of being Patch Tuesday it is also update #OpenSSL day.
"OpenSSL 3.4.1 is a security patch release. The most severe CVE fixed in this release is HIGH.
- Fixed RFC7250 handshakes with unauthenticated servers don't abort as expected. (CVE-2024-12797)
- Fixed timing side-channel in ECDSA signature computation. (CVE-2024-13176)"
##Grumbles for the developers though...
sid, trixie 3.4.0-2 vulnerable
##There’s a high severity flaw in OpenSSL - CVE-2024-12797
- it only applies to OpenSSL 3.2 or above, which in enterprises won’t be most things
- the feature in question isn’t enabled by default
- it’s potential attacker in the middle traffic inspection, not RCE
- clients can still spot the issue if well coded
So, for vast majority of orgs it will not be a drop everything to patch situation
###OpenSSL has a high level #vulnerability #CVE_2024_12797 with clients that utilise #RFC7250 Raw Public Keys. In these situations the client may fail to notice that the server was not authenticated leading to potential attacker in the middle attacks. Luckily this vulnerability has a fairly narrow scope since only application specifically using this feature are affected (and for example the feature is disabled by default).
https://openssl-library.org/news/vulnerabilities/index.html#CVE-2024-12797
##New "High" severity #OpenSSL security advisory affecting 3.4.0 before 3.4.1, 3.3.0 before 3.3.3, 3.2.0 before 3.2.4:
https://openssl-library.org/news/vulnerabilities/index.html#CVE-2024-12797
CVE-2024-12797: RFC7250 (Raw Public Keys) handshakes with unauthenticated servers don't abort as expected.
##updated 2025-02-11T21:32:14
4 posts
CVE Alert: CVE-2025-1052 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1052/
##CVE Alert: CVE-2025-1052 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1052/
##CVE Alert: CVE-2025-1052 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1052/
##CVE Alert: CVE-2025-1052 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1052/
##updated 2025-02-11T21:32:14
4 posts
CVE Alert: CVE-2024-0179 - https://www.redpacketsecurity.com/cve_alert_cve-2024-0179/
##CVE Alert: CVE-2024-0179 - https://www.redpacketsecurity.com/cve_alert_cve-2024-0179/
##CVE Alert: CVE-2024-0179 - https://www.redpacketsecurity.com/cve_alert_cve-2024-0179/
##CVE Alert: CVE-2024-0179 - https://www.redpacketsecurity.com/cve_alert_cve-2024-0179/
##updated 2025-02-11T21:32:14
4 posts
CVE Alert: CVE-2025-0906 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0906/
##CVE Alert: CVE-2025-0906 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0906/
##CVE Alert: CVE-2025-0906 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0906/
##CVE Alert: CVE-2025-0906 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0906/
##updated 2025-02-11T21:32:14
4 posts
CVE Alert: CVE-2025-0908 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0908/
##CVE Alert: CVE-2025-0908 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0908/
##CVE Alert: CVE-2025-0908 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0908/
##CVE Alert: CVE-2025-0908 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0908/
##updated 2025-02-11T21:32:14
4 posts
CVE Alert: CVE-2025-0907 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0907/
##CVE Alert: CVE-2025-0907 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0907/
##CVE Alert: CVE-2025-0907 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0907/
##CVE Alert: CVE-2025-0907 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0907/
##updated 2025-02-11T21:32:14
4 posts
CVE Alert: CVE-2025-0909 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0909/
##CVE Alert: CVE-2025-0909 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0909/
##CVE Alert: CVE-2025-0909 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0909/
##CVE Alert: CVE-2025-0909 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0909/
##updated 2025-02-11T21:32:14
4 posts
CVE Alert: CVE-2025-0910 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0910/
##CVE Alert: CVE-2025-0910 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0910/
##CVE Alert: CVE-2025-0910 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0910/
##CVE Alert: CVE-2025-0910 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0910/
##updated 2025-02-11T21:32:14
4 posts
CVE Alert: CVE-2025-0902 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0902/
##CVE Alert: CVE-2025-0902 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0902/
##CVE Alert: CVE-2025-0902 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0902/
##CVE Alert: CVE-2025-0902 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0902/
##updated 2025-02-11T21:32:14
4 posts
CVE Alert: CVE-2025-0911 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0911/
##CVE Alert: CVE-2025-0911 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0911/
##CVE Alert: CVE-2025-0911 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0911/
##CVE Alert: CVE-2025-0911 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0911/
##updated 2025-02-11T21:32:14
4 posts
CVE Alert: CVE-2025-1044 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1044/
##CVE Alert: CVE-2025-1044 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1044/
##CVE Alert: CVE-2025-1044 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1044/
##CVE Alert: CVE-2025-1044 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1044/
##updated 2025-02-11T21:32:14
4 posts
CVE Alert: CVE-2025-0901 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0901/
##CVE Alert: CVE-2025-0901 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0901/
##CVE Alert: CVE-2025-0901 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0901/
##CVE Alert: CVE-2025-0901 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0901/
##updated 2025-02-11T21:32:13
4 posts
CVE Alert: CVE-2025-0905 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0905/
##CVE Alert: CVE-2025-0905 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0905/
##CVE Alert: CVE-2025-0905 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0905/
##CVE Alert: CVE-2025-0905 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0905/
##updated 2025-02-11T21:32:13
4 posts
CVE Alert: CVE-2025-0904 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0904/
##CVE Alert: CVE-2025-0904 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0904/
##CVE Alert: CVE-2025-0904 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0904/
##CVE Alert: CVE-2025-0904 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0904/
##updated 2025-02-11T21:32:13
4 posts
CVE Alert: CVE-2025-0899 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0899/
##CVE Alert: CVE-2025-0899 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0899/
##CVE Alert: CVE-2025-0899 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0899/
##CVE Alert: CVE-2025-0899 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0899/
##updated 2025-02-11T19:25:14.023000
4 posts
CVE Alert: CVE-2024-7419 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7419/
##CVE Alert: CVE-2024-7419 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7419/
##CVE Alert: CVE-2024-7419 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7419/
##CVE Alert: CVE-2024-7419 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7419/
##updated 2025-02-11T19:15:17.037000
34 posts
1 repos
Cyber Security Agency of Singapore Alerts Users on Active Exploitation of Zero-Day Vulnerability in Apple Products
#CVE_2025_24200
https://cyble.com/blog/csa-alerts-users-of-cve-2025-24200/
#Apple Fixes Zero-Day #Exploited In 'Extremely Sophisticated' Attacks - Slashdot
##APPLE ZERO-DAY: About the security content of iPadOS 17.7.5 ; About the security content of iOS 18.3.1 and iPadOS 18.3.1
CVE-2025-24200 (score pending) A physical attack may disable USB Restricted Mode on a locked device. An authorization issue was addressed with improved state management. h/t: @applsec
Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
#apple #zeroday #vulnerability #CVE_2025_24200 #eitw #activeexploitation #infosec #cybersecurity
###Apple Fixes Zero-Day #Exploited In 'Extremely Sophisticated' Attacks - Slashdot
##APPLE ZERO-DAY: About the security content of iPadOS 17.7.5 ; About the security content of iOS 18.3.1 and iPadOS 18.3.1
CVE-2025-24200 (score pending) A physical attack may disable USB Restricted Mode on a locked device. An authorization issue was addressed with improved state management. h/t: @applsec
Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
#apple #zeroday #vulnerability #CVE_2025_24200 #eitw #activeexploitation #infosec #cybersecurity
##https://www.wacoca.com/news/2414116/ 【セキュリティ ニュース】「iOS」「iPadOS」にアップデート – ゼロデイ脆弱性を解消(1ページ目 / 全1ページ):Security NEXT #Apple #CitizenLab #CVE202524200 #IOS18.3.1 #IPadOS17.7.5 #IPadOS18.3.1 #Science&Technology #ScienceNews #Security #TechnologyNews #USB制限モード #セキュリティ #セキュリティアップデート #ゼロデイ攻撃 #テクノロジー #ニュース #対策 #悪用 #標的型攻撃 #科学 #科学&テクノロジー
##【セキュリティ ニュース】「iOS」「iPadOS」にアップデート – ゼロデイ脆弱性を解消(1ページ目 / 全1ページ):Security NEXT https://www.yayafa.com/2178748/ #Apple #CitizenLab #CVE202524200 #IOS18.3.1 #IPadOS17.7.5 #IPadOS18.3.1 #SCIENCE #Science&Technology #SECURITY #Technology #USB制限モード #セキュリティ #セキュリティアップデート #ゼロデイ攻撃 #テクノロジー #ニュース #対策 #悪用 #標的型攻撃 #科学 #科学&テクノロジー
##Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update https://thecyberexpress.com/apple-patches-cve-2025-24200/ #zerodayvulnerability #TheCyberExpressNews #authorizationissue #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202524200 #iOSZeroDay #CyberNews #iPadOS #iOS
##Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack https://www.securityweek.com/apple-confirms-usb-restricted-mode-exploited-in-extremely-sophisticated-attack/ #USBRestrictedMode #Malware&Threats #CVE202524200 #NationState #CitizenLab #iOS1831 #Apple #iOS
##Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack https://www.securityweek.com/apple-confirms-usb-restricted-mode-exploited-in-extremely-sophisticated-attack/ #USBRestrictedMode #Malware&Threats #CVE202524200 #NationState #CitizenLab #iOS1831 #Apple #iOS
##https://www.wacoca.com/news/2414116/ 【セキュリティ ニュース】「iOS」「iPadOS」にアップデート – ゼロデイ脆弱性を解消(1ページ目 / 全1ページ):Security NEXT #Apple #CitizenLab #CVE202524200 #IOS18.3.1 #IPadOS17.7.5 #IPadOS18.3.1 #Science&Technology #ScienceNews #Security #TechnologyNews #USB制限モード #セキュリティ #セキュリティアップデート #ゼロデイ攻撃 #テクノロジー #ニュース #対策 #悪用 #標的型攻撃 #科学 #科学&テクノロジー
##【セキュリティ ニュース】「iOS」「iPadOS」にアップデート – ゼロデイ脆弱性を解消(1ページ目 / 全1ページ):Security NEXT https://www.yayafa.com/2178748/ #Apple #CitizenLab #CVE202524200 #IOS18.3.1 #IPadOS17.7.5 #IPadOS18.3.1 #SCIENCE #Science&Technology #SECURITY #Technology #USB制限モード #セキュリティ #セキュリティアップデート #ゼロデイ攻撃 #テクノロジー #ニュース #対策 #悪用 #標的型攻撃 #科学 #科学&テクノロジー
##Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update https://thecyberexpress.com/apple-patches-cve-2025-24200/ #zerodayvulnerability #TheCyberExpressNews #authorizationissue #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202524200 #iOSZeroDay #CyberNews #iPadOS #iOS
##Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack https://www.securityweek.com/apple-confirms-usb-restricted-mode-exploited-in-extremely-sophisticated-attack/ #USBRestrictedMode #Malware&Threats #CVE202524200 #NationState #CitizenLab #iOS1831 #Apple #iOS
##Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack https://www.securityweek.com/apple-confirms-usb-restricted-mode-exploited-in-extremely-sophisticated-attack/ #USBRestrictedMode #Malware&Threats #CVE202524200 #NationState #CitizenLab #iOS1831 #Apple #iOS
##CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
Still semi "hot off the press":
#cisa #kev #cisakev #KnownExploitedVulnerabilitiesCatalog #vulnerability #zeroday #eitw #activeexploitation #infosec #cybersecurity #cve
##CVE ID: CVE-2025-24200
Vendor: Apple
Product: iOS and iPadOS
Date Added: 2025-02-12
Vulnerability: Apple iOS and iPadOS Incorrect Authorization Vulnerability
Notes: https://support.apple.com/en-us/122173 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24200
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-24200
CISA updates to the KEV catalogue:
- CVE-2024-41710: Mitel SIP Phones Argument Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-41710
- CVE-2025-24200: Apple iOS and iPadOS Incorrect Authorization Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-24200 @cisagov #cybersecurity #infosec #Apple #CISA
##CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
Still semi "hot off the press":
#cisa #kev #cisakev #KnownExploitedVulnerabilitiesCatalog #vulnerability #zeroday #eitw #activeexploitation #infosec #cybersecurity #cve
##CVE ID: CVE-2025-24200
Vendor: Apple
Product: iOS and iPadOS
Date Added: 2025-02-12
Vulnerability: Apple iOS and iPadOS Incorrect Authorization Vulnerability
Notes: https://support.apple.com/en-us/122173 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24200
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-24200
CISA updates to the KEV catalogue:
- CVE-2024-41710: Mitel SIP Phones Argument Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-41710
- CVE-2025-24200: Apple iOS and iPadOS Incorrect Authorization Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-24200 @cisagov #cybersecurity #infosec #Apple #CISA
##🚨Apple Releases Urgent Patch for CVE-2025-24200
https://support.apple.com/en-us/122174
"Impact: A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals."
##Hacker News: Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update https://thehackernews.com/2025/02/apple-patches-actively-exploited-ios.html #news #IT
##Cycle: Cyber Security Agency of Singapore Alerts Users on Active Exploitation of Zero-Day Vulnerability in Apple Products https://cyble.com/blog/csa-alerts-users-of-cve-2025-24200/
EFCC Witness Exposes Shocking Details of Cyber Terrorism and Internet Fraud Scheme https://cyble.com/blog/efcc-witness-details-cyber-terrorism/ @thecyberexpress #cybersecurity #infosec #zeroday
###Apple Patches 'Extremely Sophisticated Attack' That Can Hit iPhones
This patch is an emergency update (18.3.1) from Apple. It fixes an vulnerability where USB Restricted Mode can be disabled on the device. Tracked as CVE-2025-24200 and may have been used by law enforcement.
Apple describes the zero day as highly sophisticated attack against a targeted individual.
#iphone #cve #cybersecurity #security #infosec
https://www.pcmag.com/news/apple-patches-extremely-sophisticated-attack-that-can-hit-iphones
##Cyber Security Agency of Singapore Alerts Users on Active Exploitation of Zero-Day Vulnerability in Apple Products https://cyble.com/blog/csa-alerts-users-of-cve-2025-24200/ #Cybernews
##Cyber Security Agency of Singapore Alerts Users on Active Exploitation of Zero-Day Vulnerability in Apple Products
The Cyber Security Agency of Singapore warns of the active exploitation of CVE-2025-24200, a zero-day vulnerability in Apple products, allowing...
🔗️ [Cyble] https://link.is.it/kn3rmx
##Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) https://www.helpnetsecurity.com/2025/02/11/apple-fixes-zero-day-flaw-exploited-in-extremely-sophisticated-attack-cve-2025-24200/ #securityupdate #Don'tmiss #Hotstuff #0-day #Apple #News #iPad #iOS
##Apple corrige une faille zero-day exploitée : CVE-2025-24200 – Patchez votre iPhone ! https://www.it-connect.fr/apple-faille-zero-day-exploitee-cve-2025-24200-patchez-votre-iphone/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #iPhone #Apple
##Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update
Apple on Monday released out-of-band security updates to address a security flaw in iOS and iPadOS that it said has been exploited in the wild.
Assigned the CVE identifier CVE-2025-24200, the vulnerability has been described as an authorization issue that could make it possible for a malicious actor to disable USB Restricted Mode on a locked device as part of a cyber physical attack.
This
https://thehackernews.com/2025/02/apple-patches-actively-exploited-ios.html
##Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update https://thehackernews.com/2025/02/apple-patches-actively-exploited-ios.html
##Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update https://thehackernews.com/2025/02/apple-patches-actively-exploited-ios.html
##It’s always interesting when Citizen Lab gets the CVE credit.
Speaking of which, founder Ronald Deibert just published an excellent book on Citizen Lab entitled “Chasing Shadows.” Good reading which gives insight into their research and investigations which I am assuming likely played a role in identifying CVE-2025-24200.
##📣 EMERGENCY UPDATE 📣
Apple pushed updates for a new zero-day that may have been actively exploited.
🐛 CVE-2025-24200 (Accessibility):
- iOS and iPadOS 18.3.1
- iPadOS 17.7.5
updated 2025-02-11T19:15:10.230000
1 posts
How auto-generated passwords in Sitevision leads to signing key leakage - CVE-2022-35202 https://www.shelltrail.com/research/how-auto-generated-passwords-in-sitevision-leads-to-signing-key-leakage-cve-2022-35202/
##updated 2025-02-11T18:31:43
8 posts
Orange Cyberdefense: New Fortinet exploit CVE-2025-24472 disclosed https://www.orangecyberdefense.com/global/blog/cert-news/new-fortinet-exploit-cve-2025-24472-disclosed #cybersecurity #infosec #Fortinet
##RE: Fortinet's CVE-2024-24472
Bleeping Computer: Fortinet discloses second firewall auth bypass patched in January
Update 2/11/25 07:32 PM ET: After publishing our story, Fortinet has informed us that the new CVE-2025-24472 flaw added to FG-IR-24-535 today is not a zero-day and was already fixed in January.
@cR0w I called it 💪 Not a zero-day.
##Orange Cyberdefense: New Fortinet exploit CVE-2025-24472 disclosed https://www.orangecyberdefense.com/global/blog/cert-news/new-fortinet-exploit-cve-2025-24472-disclosed #cybersecurity #infosec #Fortinet
##RE: Fortinet's CVE-2024-24472
Bleeping Computer: Fortinet discloses second firewall auth bypass patched in January
Update 2/11/25 07:32 PM ET: After publishing our story, Fortinet has informed us that the new CVE-2025-24472 flaw added to FG-IR-24-535 today is not a zero-day and was already fixed in January.
@cR0w I called it 💪 Not a zero-day.
##@cR0w @womble okay CVE-diffing:
Ignoring the same CWE, the newer CVE still affects the same exact FortiOS and FortiProxy versions (written backwards for 24472). The main difference is the attack complexity (AC:H) and method: crafted CSF proxy requests.
Reading back on watchTowr's blog post, it's snuck in:
While reversing this, we identified several other issues, which we’ve reported to Fortinet.
I'm updating my assessment to roughly even chance (50%) that this is actually exploited in the wild. This method was not mentioned by Arctic Wolf or Fortinet prior to watchTowr's blog.
If Fortinet coordinates with CISA who then updates their KEV Catalog, and this wasn't added on the same Patch Tuesday that Microsoft very likely notifies CISA about zero-days. 🤔
##@cR0w @womble on a quick skim, I immediately recognized that this was the same security advisory as CVE-2024-55591 without even looking at the right-hand menu. And that same skim led me to assess that nothing in the content has changed since the last edit.
My take on CVE-2025-24472 is that Fortinet intentionally re-used the same security advisory. They're lazy? sure. Fortinet has updated an older security advisory before with extra CVEs to denote "two similar variants of the previous" (Bleeping Computer)
I'm not in the business of speculating what should have been a black-and-white answer. Fortinet should have updated their exploitation verbiage to denote if only one or both were exploited in the wild.
##subtoot about Fortinet zero-day. Those infosec publications are running WILD calling it an exploited zero-day (complete with a backstory) with absolutely no evidence. Are we reading the same security advisory? What the fuck are you guys conjuring up and extrapolating from 2025-02-11: Added CVE-2025-24472 and its acknowledgement
?
EDIT: You've heard of "patch-diffing." Get ready for advisory-diffing:
https://web.archive.org/web/20250114161659/https://fortiguard.fortinet.com/psirt/FG-IR-24-535 (14 January 2025)
versus https://fortiguard.fortinet.com/psirt/FG-IR-24-535 (11 February 2025):
or via crafted CSF proxy requests.
https://docs.fortinet.com/upgrade-tool
not the actual source IP addresses of the attack traffic, they are generated arbitrarily by the attacker as a parameter. Because of this they should not be used for any blocking.
any
"Please note as well that an attacker needs to know an admin account's username to perform the attack and log in the CLI. Therefore, having a non-standard and non-guessable username for admin accounts does offer some protection, and is, in general, a best practice. Keep in mind however that the targeted websocket not being an authentication point, nothing would prevent an attacker from bruteforcing the username.
CSF requests issue:
Disable Security Fabric from the CLI:
Config system csf
Set status disable
end
Some of these are explained in the changelog, but I wanted to be certain.
##Happy #PatchTuesday: Exploited Fortinet zero-day??? FG-IR-24-535
CVE-2025-24472 (8.1 high) Authentication bypass in Node.js websocket module and CSF requests
If this security advisory looks familiar, that's because it belongs to the previous Fortinet exploited zero-day CVE-2024-55591 (9.6 critical) . This was tacked onto the same advisory, with no context other than the changelog:
2025-02-11: Added CVE-2025-24472 and its acknowledgement
@BleepingComputer seems to think it is: Fortinet warns of new zero-day exploited to hijack firewalls but I'm skeptical.
#fortinet #infosec #CVE_2024_55591 #vulnerability #cve #CVE_2025_24472 #cybersecurity #eitw #activeexploitation #zeroday
##updated 2025-02-11T18:31:43
1 posts
Happy #PatchTuesday from Microsoft: 4 ZERO-DAYS (2 EXPLOITED) out of 56 new CVEs
#microsoft #zeroday #cve #eitw #activeexploitation #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:42
1 posts
Happy #PatchTuesday from Fortinet:
Fortinet downplays the CVSSv3.1 score by listing temporal only, I have listed base score instead. No mention of exploitation.
#fortinet #fortios #fortiproxy #fortiswitchmanager #cve #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:42
1 posts
Happy #PatchTuesday from Fortinet:
Fortinet downplays the CVSSv3.1 score by listing temporal only, I have listed base score instead. No mention of exploitation.
#fortinet #fortios #fortiproxy #fortiswitchmanager #cve #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:42
1 posts
Happy #PatchTuesday from Fortinet:
Fortinet downplays the CVSSv3.1 score by listing temporal only, I have listed base score instead. No mention of exploitation.
#fortinet #fortios #fortiproxy #fortiswitchmanager #cve #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:42
1 posts
Happy #PatchTuesday from Fortinet:
Fortinet downplays the CVSSv3.1 score by listing temporal only, I have listed base score instead. No mention of exploitation.
#fortinet #fortios #fortiproxy #fortiswitchmanager #cve #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:42
1 posts
Happy #PatchTuesday from Fortinet:
Fortinet downplays the CVSSv3.1 score by listing temporal only, I have listed base score instead. No mention of exploitation.
#fortinet #fortios #fortiproxy #fortiswitchmanager #cve #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:42
1 posts
Happy #PatchTuesday from Fortinet:
Fortinet downplays the CVSSv3.1 score by listing temporal only, I have listed base score instead. No mention of exploitation.
#fortinet #fortios #fortiproxy #fortiswitchmanager #cve #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:42
1 posts
Happy #PatchTuesday from Fortinet:
Fortinet downplays the CVSSv3.1 score by listing temporal only, I have listed base score instead. No mention of exploitation.
#fortinet #fortios #fortiproxy #fortiswitchmanager #cve #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:42
1 posts
Happy #PatchTuesday from Fortinet:
Fortinet downplays the CVSSv3.1 score by listing temporal only, I have listed base score instead. No mention of exploitation.
#fortinet #fortios #fortiproxy #fortiswitchmanager #cve #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:42
1 posts
Happy #PatchTuesday from Fortinet:
Fortinet downplays the CVSSv3.1 score by listing temporal only, I have listed base score instead. No mention of exploitation.
#fortinet #fortios #fortiproxy #fortiswitchmanager #cve #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:41
9 posts
Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day https://www.securityweek.com/microsoft-patches-wormable-windows-flaw-and-file-deleting-zero-day/ #Malware&Threats #Vulnerabilities #CVE202521391 #CVE202521418 #PatchTuesday #Microsoft #ZeroDay
##Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day https://www.securityweek.com/microsoft-patches-wormable-windows-flaw-and-file-deleting-zero-day/ #Malware&Threats #Vulnerabilities #CVE202521391 #CVE202521418 #PatchTuesday #Microsoft #ZeroDay
##Patch Tuesday ist da! 🚨 Microsoft fixt 63 Bugs, aber 2 werden schon ausgenutzt! CVE-2025-21391 (Datei-Löschung, aber Chaining Gefahr!) & CVE-2025-21418 (EoP in AFD.sys - Grüße an Lazarus!). HPC-Cluster betroffen? CVE-2025-21198 (RCE!) checken! LDAP-Admins aufgepasst: CVE-2025-21376 (RCE!) ist auch dabei. Direkt patchen leute! CISA KEV beachten! #infosec #pentesting #patchtuesday
##Microsoft’s February 2025 Patch Tuesday Addresses 55 CVEs (CVE-2025-21418, CVE-2025-21391) – Source: securityboulevard.com https://ciso2ciso.com/microsofts-february-2025-patch-tuesday-addresses-55-cves-cve-2025-21418-cve-2025-21391-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #CyberSecurityNews #SecurityBoulevard
##Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) https://www.helpnetsecurity.com/2025/02/11/microsoft-fixes-exploited-zero-days-cve-2025-21418-cve-2025-21391-patch-tuesday/ #securityupdate #WindowsServer #PatchTuesday #TrendMicro #Don'tmiss #Microsoft #Hotstuff #Action1 #Tenable #Windows #News
##CVE ID: CVE-2025-21418
Vendor: Microsoft
Product: Windows
Date Added: 2025-02-11
Vulnerability: Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability
Notes: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21418 ; https://nvd.nist.gov/vuln/detail/CVE-2025-21418
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-21418
CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog
The Zyxel stuff is not new, but since the Microsoft zero-days are part of #PatchTuesday, I'm including them in this conversation.
#cisa #kev #cisakev #KnownExploitedVulnerabilitiesCatalog #vulnerability #zeroday #eitw #activeexploitation #infosec #cybersecurity #cve
##CISA has updated the KEV catalogue.
- CVE-2025-21391: Microsoft Windows Storage Link Following Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-21391
- CVE-2025-21418: Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability
- CVE-2024-40890: Zyxel DSL CPE OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-40890
- CVE-2024-40891: Zyxel DSL CPE OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-40891 @cisagov #cybersecurity #infosec #CISA #Microsoft #Zyxel
##Happy #PatchTuesday from Microsoft: 4 ZERO-DAYS (2 EXPLOITED) out of 56 new CVEs
#microsoft #zeroday #cve #eitw #activeexploitation #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:40
9 posts
Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day https://www.securityweek.com/microsoft-patches-wormable-windows-flaw-and-file-deleting-zero-day/ #Malware&Threats #Vulnerabilities #CVE202521391 #CVE202521418 #PatchTuesday #Microsoft #ZeroDay
##Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day https://www.securityweek.com/microsoft-patches-wormable-windows-flaw-and-file-deleting-zero-day/ #Malware&Threats #Vulnerabilities #CVE202521391 #CVE202521418 #PatchTuesday #Microsoft #ZeroDay
##Patch Tuesday ist da! 🚨 Microsoft fixt 63 Bugs, aber 2 werden schon ausgenutzt! CVE-2025-21391 (Datei-Löschung, aber Chaining Gefahr!) & CVE-2025-21418 (EoP in AFD.sys - Grüße an Lazarus!). HPC-Cluster betroffen? CVE-2025-21198 (RCE!) checken! LDAP-Admins aufgepasst: CVE-2025-21376 (RCE!) ist auch dabei. Direkt patchen leute! CISA KEV beachten! #infosec #pentesting #patchtuesday
##Microsoft’s February 2025 Patch Tuesday Addresses 55 CVEs (CVE-2025-21418, CVE-2025-21391) – Source: securityboulevard.com https://ciso2ciso.com/microsofts-february-2025-patch-tuesday-addresses-55-cves-cve-2025-21418-cve-2025-21391-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #CyberSecurityNews #SecurityBoulevard
##Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) https://www.helpnetsecurity.com/2025/02/11/microsoft-fixes-exploited-zero-days-cve-2025-21418-cve-2025-21391-patch-tuesday/ #securityupdate #WindowsServer #PatchTuesday #TrendMicro #Don'tmiss #Microsoft #Hotstuff #Action1 #Tenable #Windows #News
##CVE ID: CVE-2025-21391
Vendor: Microsoft
Product: Windows
Date Added: 2025-02-11
Vulnerability: Microsoft Windows Storage Link Following Vulnerability
Notes: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21391 ; https://nvd.nist.gov/vuln/detail/CVE-2025-21391
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-21391
CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog
The Zyxel stuff is not new, but since the Microsoft zero-days are part of #PatchTuesday, I'm including them in this conversation.
#cisa #kev #cisakev #KnownExploitedVulnerabilitiesCatalog #vulnerability #zeroday #eitw #activeexploitation #infosec #cybersecurity #cve
##CISA has updated the KEV catalogue.
- CVE-2025-21391: Microsoft Windows Storage Link Following Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-21391
- CVE-2025-21418: Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability
- CVE-2024-40890: Zyxel DSL CPE OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-40890
- CVE-2024-40891: Zyxel DSL CPE OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-40891 @cisagov #cybersecurity #infosec #CISA #Microsoft #Zyxel
##Happy #PatchTuesday from Microsoft: 4 ZERO-DAYS (2 EXPLOITED) out of 56 new CVEs
#microsoft #zeroday #cve #eitw #activeexploitation #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:39
1 posts
Patch Tuesday ist da! 🚨 Microsoft fixt 63 Bugs, aber 2 werden schon ausgenutzt! CVE-2025-21391 (Datei-Löschung, aber Chaining Gefahr!) & CVE-2025-21418 (EoP in AFD.sys - Grüße an Lazarus!). HPC-Cluster betroffen? CVE-2025-21198 (RCE!) checken! LDAP-Admins aufgepasst: CVE-2025-21376 (RCE!) ist auch dabei. Direkt patchen leute! CISA KEV beachten! #infosec #pentesting #patchtuesday
##updated 2025-02-11T18:31:37
1 posts
Patch Tuesday ist da! 🚨 Microsoft fixt 63 Bugs, aber 2 werden schon ausgenutzt! CVE-2025-21391 (Datei-Löschung, aber Chaining Gefahr!) & CVE-2025-21418 (EoP in AFD.sys - Grüße an Lazarus!). HPC-Cluster betroffen? CVE-2025-21198 (RCE!) checken! LDAP-Admins aufgepasst: CVE-2025-21376 (RCE!) ist auch dabei. Direkt patchen leute! CISA KEV beachten! #infosec #pentesting #patchtuesday
##updated 2025-02-11T18:31:37
1 posts
Happy #PatchTuesday from Microsoft: 4 ZERO-DAYS (2 EXPLOITED) out of 56 new CVEs
#microsoft #zeroday #cve #eitw #activeexploitation #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:37
1 posts
Happy #PatchTuesday from Fortinet:
Fortinet downplays the CVSSv3.1 score by listing temporal only, I have listed base score instead. No mention of exploitation.
#fortinet #fortios #fortiproxy #fortiswitchmanager #cve #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:37
1 posts
Happy #PatchTuesday from Fortinet:
Fortinet downplays the CVSSv3.1 score by listing temporal only, I have listed base score instead. No mention of exploitation.
#fortinet #fortios #fortiproxy #fortiswitchmanager #cve #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:37
1 posts
Happy #PatchTuesday from Fortinet:
Fortinet downplays the CVSSv3.1 score by listing temporal only, I have listed base score instead. No mention of exploitation.
#fortinet #fortios #fortiproxy #fortiswitchmanager #cve #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:37
1 posts
Happy #PatchTuesday from Fortinet:
Fortinet downplays the CVSSv3.1 score by listing temporal only, I have listed base score instead. No mention of exploitation.
#fortinet #fortios #fortiproxy #fortiswitchmanager #cve #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:37
2 posts
An interesting post that seems to be on the defensive. Still, there are some important items.
- Security Advisory Ivanti Cloud Services Application (CSA) (CVE-2024-47908, CVE-2024-11771) https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-47908-CVE-2024-11771?language=en_US
- N-MDM - Security Advisory Ivanti Neurons for MDM (N-MDM) https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-MDM-N-MDM?language=en_US
- February Security Advisory Ivanti Connect Secure (ICS),Ivanti Policy Secure (IPS) and Ivanti Secure Access Client (ISAC) (Multiple CVEs) https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US
Ivanti: February Security Update https://www.ivanti.com/blog/february-security-update #cybersecurity #infosec #Ivanti
##Happy #PatchTuesday from Ivanti: February Security Update
We are not aware of any customers being exploited by these vulnerabilities prior to public disclosure. These vulnerabilities were disclosed through our responsible disclosure program.
#Ivanti #ivantiCSA #neurons #connectsecure #cve #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:37
2 posts
An interesting post that seems to be on the defensive. Still, there are some important items.
- Security Advisory Ivanti Cloud Services Application (CSA) (CVE-2024-47908, CVE-2024-11771) https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-47908-CVE-2024-11771?language=en_US
- N-MDM - Security Advisory Ivanti Neurons for MDM (N-MDM) https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-MDM-N-MDM?language=en_US
- February Security Advisory Ivanti Connect Secure (ICS),Ivanti Policy Secure (IPS) and Ivanti Secure Access Client (ISAC) (Multiple CVEs) https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US
Ivanti: February Security Update https://www.ivanti.com/blog/february-security-update #cybersecurity #infosec #Ivanti
##Happy #PatchTuesday from Ivanti: February Security Update
We are not aware of any customers being exploited by these vulnerabilities prior to public disclosure. These vulnerabilities were disclosed through our responsible disclosure program.
#Ivanti #ivantiCSA #neurons #connectsecure #cve #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:35
1 posts
Happy #PatchTuesday from Fortinet:
Fortinet downplays the CVSSv3.1 score by listing temporal only, I have listed base score instead. No mention of exploitation.
#fortinet #fortios #fortiproxy #fortiswitchmanager #cve #vulnerability #infosec #cybersecurity
##updated 2025-02-11T18:31:33
1 posts
Microsoft Security Response Center (MSRC) security advisories 06 February 2025:
There are an additional three CVEs patched, first announced by Google Chrome 2 days ago. All of these are Not Exploited, Not Publicly Disclosed, and Exploitability Assessment: Exploitation Less Likely, except for the Dynamics 365 CVE (N/A) and 21408 which actually says UNLIKELY. 🤔
#microsoft #vulnerability #dynamics365 #cve #edge #chromium #chrome #infosec #cybersecurity
##updated 2025-02-11T18:15:18.557000
1 posts
Atlassian finally published CVE-2019-15002 which was a CSRF in Jira that was patched in v8.0.0 which was released in 2020. Maybe this one just slipped behind the couch or something. Not that it matters since CNAs aren't generally held to any standards anyway, especially when they report on their own CVEs.
##updated 2025-02-11T15:32:31
1 posts
🎶 We built TeamCity...🎶
🎶 We built TeamCity on XSS🎶
No I did not sleep well why do you ask? 🤪
##updated 2025-02-11T15:15:20.047000
2 posts
CVE Alert: CVE-2025-1162 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1162/
##CVE Alert: CVE-2025-1162 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1162/
##updated 2025-02-11T15:15:19.790000
2 posts
CVE Alert: CVE-2025-1160 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1160/
##CVE Alert: CVE-2025-1160 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1160/
##updated 2025-02-11T09:30:38
1 posts
Happy #PatchTuesday from SolarWinds:
No mention of exploitation.
##updated 2025-02-11T09:30:38
1 posts
Happy #PatchTuesday from SolarWinds:
No mention of exploitation.
##updated 2025-02-11T09:30:38
1 posts
Happy #PatchTuesday from SolarWinds:
No mention of exploitation.
##updated 2025-02-11T00:33:49
2 posts
CVE Alert: CVE-2025-25194 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25194/
##CVE Alert: CVE-2025-25194 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25194/
##updated 2025-02-11T00:33:48
2 posts
CVE Alert: CVE-2025-24970 - https://www.redpacketsecurity.com/cve_alert_cve-2025-24970/
##CVE Alert: CVE-2025-24970 - https://www.redpacketsecurity.com/cve_alert_cve-2025-24970/
##updated 2025-02-11T00:33:48
2 posts
CVE Alert: CVE-2025-25193 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25193/
##CVE Alert: CVE-2025-25193 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25193/
##updated 2025-02-11T00:31:58
2 posts
CVE Alert: CVE-2025-1159 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1159/
##CVE Alert: CVE-2025-1159 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1159/
##updated 2025-02-11T00:31:58
2 posts
CVE Alert: CVE-2025-1158 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1158/
##CVE Alert: CVE-2025-1158 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1158/
##updated 2025-02-10T21:31:46
4 posts
CVE Alert: CVE-2025-1157 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1157/
##CVE Alert: CVE-2025-1157 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1157/
##CVE Alert: CVE-2025-1157 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1157/
##CVE Alert: CVE-2025-1157 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1157/
##updated 2025-02-10T21:31:46
4 posts
CVE Alert: CVE-2025-1153 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1153/
##CVE Alert: CVE-2025-1153 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1153/
##CVE Alert: CVE-2025-1153 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1153/
##CVE Alert: CVE-2025-1153 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1153/
##updated 2025-02-10T21:31:45
2 posts
CVE Alert: CVE-2025-1002 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1002/
##CVE Alert: CVE-2025-1002 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1002/
##updated 2025-02-10T21:31:45
2 posts
CVE Alert: CVE-2025-1156 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1156/
##CVE Alert: CVE-2025-1156 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1156/
##updated 2025-02-10T21:31:45
4 posts
CVE Alert: CVE-2025-1154 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1154/
##CVE Alert: CVE-2025-1154 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1154/
##CVE Alert: CVE-2025-1154 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1154/
##CVE Alert: CVE-2025-1154 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1154/
##updated 2025-02-10T21:31:45
4 posts
CVE Alert: CVE-2025-1155 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1155/
##CVE Alert: CVE-2025-1155 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1155/
##CVE Alert: CVE-2025-1155 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1155/
##CVE Alert: CVE-2025-1155 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1155/
##updated 2025-02-10T21:31:39
4 posts
CVE Alert: CVE-2024-8550 - https://www.redpacketsecurity.com/cve_alert_cve-2024-8550/
##CVE Alert: CVE-2024-8550 - https://www.redpacketsecurity.com/cve_alert_cve-2024-8550/
##CVE Alert: CVE-2024-8550 - https://www.redpacketsecurity.com/cve_alert_cve-2024-8550/
##CVE Alert: CVE-2024-8550 - https://www.redpacketsecurity.com/cve_alert_cve-2024-8550/
##updated 2025-02-10T18:30:56
4 posts
CVE Alert: CVE-2025-1150 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1150/
##CVE Alert: CVE-2025-1150 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1150/
##CVE Alert: CVE-2025-1150 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1150/
##CVE Alert: CVE-2025-1150 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1150/
##updated 2025-02-10T18:30:55
4 posts
CVE Alert: CVE-2025-1151 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1151/
##CVE Alert: CVE-2025-1151 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1151/
##CVE Alert: CVE-2025-1151 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1151/
##CVE Alert: CVE-2025-1151 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1151/
##updated 2025-02-10T18:30:55
4 posts
CVE Alert: CVE-2025-1152 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1152/
##CVE Alert: CVE-2025-1152 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1152/
##CVE Alert: CVE-2025-1152 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1152/
##CVE Alert: CVE-2025-1152 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1152/
##updated 2025-02-10T18:15:35.703000
2 posts
CVE Alert: CVE-2025-25187 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25187/
##CVE Alert: CVE-2025-25187 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25187/
##updated 2025-02-10T17:01:47
2 posts
CVE Alert: CVE-2025-24366 - https://www.redpacketsecurity.com/cve_alert_cve-2025-24366/
##CVE Alert: CVE-2025-24366 - https://www.redpacketsecurity.com/cve_alert_cve-2025-24366/
##updated 2025-02-10T15:32:27
1 posts
ABB. Again. LOL. LMAO.
##CVE-2024-10334 Camera passwords stored in clear text
An attacker who successfully exploited this vulnerability could retrieve the login credentials for all cameras and manipulate or stop the video feed.
There will be no update for VideONet in System 800xA. Instead, the recommendation is to transfer to the new product, Camera Connect, as soon as it becomes available.
updated 2025-02-09T06:30:57
2 posts
CVE Alert: CVE-2024-13440 - https://www.redpacketsecurity.com/cve_alert_cve-2024-13440/
##CVE Alert: CVE-2024-13440 - https://www.redpacketsecurity.com/cve_alert_cve-2024-13440/
##updated 2025-02-08T00:33:21
1 posts
Unofficial #PatchTuesday continues with Google Chrome: Stable Channel Update for Desktop
Chrome 133.0.6943.53 (Linux) and 133.0.6943.53/54( Windows, Mac) includes 12 security fixes, 3 are externally reported:
No mention of exploitation.
##updated 2025-02-08T00:33:21
1 posts
Unofficial #PatchTuesday continues with Google Chrome: Stable Channel Update for Desktop
Chrome 133.0.6943.53 (Linux) and 133.0.6943.53/54( Windows, Mac) includes 12 security fixes, 3 are externally reported:
No mention of exploitation.
##updated 2025-02-08T00:32:26
2 posts
CVE Alert: CVE-2025-1113 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1113/
##CVE Alert: CVE-2025-1113 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1113/
##updated 2025-02-08T00:32:20
2 posts
CVE Alert: CVE-2025-1114 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1114/
##CVE Alert: CVE-2025-1114 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1114/
##updated 2025-02-08T00:32:20
1 posts
Unofficial #PatchTuesday continues with Google Chrome: Stable Channel Update for Desktop
Chrome 133.0.6943.53 (Linux) and 133.0.6943.53/54( Windows, Mac) includes 12 security fixes, 3 are externally reported:
No mention of exploitation.
##updated 2025-02-07T23:15:14.550000
2 posts
CVE Alert: CVE-2024-57357 - https://www.redpacketsecurity.com/cve_alert_cve-2024-57357/
##CVE Alert: CVE-2024-57357 - https://www.redpacketsecurity.com/cve_alert_cve-2024-57357/
##updated 2025-02-07T23:15:14.400000
2 posts
CVE Alert: CVE-2024-57279 - https://www.redpacketsecurity.com/cve_alert_cve-2024-57279/
##CVE Alert: CVE-2024-57279 - https://www.redpacketsecurity.com/cve_alert_cve-2024-57279/
##updated 2025-02-07T23:15:14.230000
2 posts
CVE Alert: CVE-2024-57278 - https://www.redpacketsecurity.com/cve_alert_cve-2024-57278/
##CVE Alert: CVE-2024-57278 - https://www.redpacketsecurity.com/cve_alert_cve-2024-57278/
##updated 2025-02-07T21:31:06
2 posts
CVE Alert: CVE-2021-27017 - https://www.redpacketsecurity.com/cve_alert_cve-2021-27017/
##CVE Alert: CVE-2021-27017 - https://www.redpacketsecurity.com/cve_alert_cve-2021-27017/
##updated 2025-02-07T20:15:34.083000
2 posts
CVE Alert: CVE-2025-25183 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25183/
##CVE Alert: CVE-2025-25183 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25183/
##updated 2025-02-07T19:15:24.613000
4 posts
CVE Alert: CVE-2025-1106 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1106/
##CVE Alert: CVE-2025-1106 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1106/
##CVE Alert: CVE-2025-1106 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1106/
##CVE Alert: CVE-2025-1106 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1106/
##updated 2025-02-07T18:32:19
8 posts
2 repos
CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks https://www.trendmicro.com/en_us/research/25/a/cve-2025-0411-ukrainian-organizations-targeted.html
##CISA: CISA Adds Five Known Exploited Vulnerabilities to Catalog
Hot off the press!
#cisa #cisakev #kev #vulnerability #eitw #activeexploitation #infosec #cybersecurity #knownexploitedvulnerabilitiescatalog
##CVE ID: CVE-2025-0411
Vendor: 7-Zip
Product: 7-Zip
Date Added: 2025-02-06
Vulnerability: 7-Zip Mark of the Web Bypass Vulnerability
Notes: https://www.7-zip.org/history.txt ; https://nvd.nist.gov/vuln/detail/CVE-2025-0411
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-0411
CISA has updated the KEV catalogue:
- CVE-2025-0411: 7-Zip Mark of the Web Bypass Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-0411
-CVE-2022-23748: Dante Discovery Process Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2022-23748
- CVE-2024-21413: Microsoft Outlook Improper Input Validation Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-21413
- CVE-2020-29574: CyberoamOS (CROS) SQL Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2020-29574
CVE.org link updated today: CVE-2020-15069: Sophos XG Firewall Buffer Overflow Vulnerability https://www.cve.org/CVERecord?id=CVE-2020-15069 @cisagov #cybersecurity #infosec #CISA
##CVE-2025-0411, a zero-day #vulnerability in 7-Zip is actively exploited by russian adversaries to target Ukraine in a #SmokeLoader campaign involving homoglyph attacks. Detect exploitation attempts using a set of #Sigma rules from SOC Prime Platform.
https://socprime.com/blog/cve-2025-0411-exploitation-to-target-Ukraine/?utm_source=mastodon&utm_medium=social&utm_campaign=latest-threats&utm_content=blog-post
Trend Micro's ZDI team describe how the CVE-2025-0411 vulnerability in 7-Zip was actively exploited to target Ukrainian organizations in a SmokeLoader campaign involving homoglyph attacks. https://www.trendmicro.com/en_us/research/25/a/cve-2025-0411-ukrainian-organizations-targeted.html
##Trend Micro: CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks
Trend Micro reports that CVE-2025-0411 (7.0 high) 7-Zip Mark-of-the-Web Bypass Vulnerability was exploited as a zero-day in a SmokeLoader malware campaign targeting Ukrainian entities back in September 2024. 7zip released a patch in version 24.09 on 30 November 2024. The vulnerability was actively exploited by Russian cybercrime groups through spear-phishing campaigns, using homoglyph attacks to spoof document extensions and trick users and the Windows Operating System into executing malicious files. The vulnerability was likely exploited as a cyberespionage campaign against Ukrainian government and civilian organizations. Indicators of compromise are provided.
#threatintel #CVE_2025_0411 #zeroday #eitw #activeexploitation #vulnerability #7zip #infosec #cybersecurity #cyberthreatintelligence #smokeloader #cyberespionage #cti #IOC #phishing #cybercrime
##Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) https://www.helpnetsecurity.com/2025/02/04/russian-cybercrooks-exploited-7-zip-zero-day-vulnerability-cve-2025-0411/ #securitycontrols #spearphishing #vulnerability #TrendMicro #Don'tmiss #Hotstuff #Ukraine #Windows #0-day #News
##updated 2025-02-07T18:31:29
4 posts
CVE Alert: CVE-2024-7425 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7425/
##CVE Alert: CVE-2024-7425 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7425/
##CVE Alert: CVE-2024-7425 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7425/
##CVE Alert: CVE-2024-7425 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7425/
##updated 2025-02-07T18:31:28
4 posts
CVE Alert: CVE-2024-9664 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9664/
##CVE Alert: CVE-2024-9664 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9664/
##CVE Alert: CVE-2024-9664 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9664/
##CVE Alert: CVE-2024-9664 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9664/
##updated 2025-02-07T18:31:28
2 posts
CVE Alert: CVE-2022-26389 - https://www.redpacketsecurity.com/cve_alert_cve-2022-26389/
##CVE Alert: CVE-2022-26389 - https://www.redpacketsecurity.com/cve_alert_cve-2022-26389/
##updated 2025-02-07T18:31:28
2 posts
CVE Alert: CVE-2022-26388 - https://www.redpacketsecurity.com/cve_alert_cve-2022-26388/
##CVE Alert: CVE-2022-26388 - https://www.redpacketsecurity.com/cve_alert_cve-2022-26388/
##updated 2025-02-07T18:15:28.433000
4 posts
CVE Alert: CVE-2025-1105 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1105/
##CVE Alert: CVE-2025-1105 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1105/
##CVE Alert: CVE-2025-1105 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1105/
##CVE Alert: CVE-2025-1105 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1105/
##updated 2025-02-07T17:15:31.477000
4 posts
CVE Alert: CVE-2025-1104 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1104/
##CVE Alert: CVE-2025-1104 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1104/
##CVE Alert: CVE-2025-1104 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1104/
##CVE Alert: CVE-2025-1104 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1104/
##updated 2025-02-07T16:15:39.973000
4 posts
CVE Alert: CVE-2025-1103 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1103/
##CVE Alert: CVE-2025-1103 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1103/
##CVE Alert: CVE-2025-1103 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1103/
##CVE Alert: CVE-2025-1103 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1103/
##updated 2025-02-07T16:15:39.263000
4 posts
CVE Alert: CVE-2024-9661 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9661/
##CVE Alert: CVE-2024-9661 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9661/
##CVE Alert: CVE-2024-9661 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9661/
##CVE Alert: CVE-2024-9661 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9661/
##updated 2025-02-07T15:32:44
2 posts
CVE Alert: CVE-2024-10383 - https://www.redpacketsecurity.com/cve_alert_cve-2024-10383/
##CVE Alert: CVE-2024-10383 - https://www.redpacketsecurity.com/cve_alert_cve-2024-10383/
##updated 2025-02-07T14:15:48.530000
4 posts
CVE Alert: CVE-2025-1108 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1108/
##CVE Alert: CVE-2025-1108 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1108/
##CVE Alert: CVE-2025-1108 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1108/
##CVE Alert: CVE-2025-1108 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1108/
##updated 2025-02-07T14:15:48.343000
4 posts
CVE Alert: CVE-2025-1107 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1107/
##CVE Alert: CVE-2025-1107 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1107/
##CVE Alert: CVE-2025-1107 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1107/
##CVE Alert: CVE-2025-1107 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1107/
##updated 2025-02-07T12:31:26
2 posts
CVE Alert: CVE-2025-25154 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25154/
##CVE Alert: CVE-2025-25154 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25154/
##updated 2025-02-07T12:31:26
2 posts
CVE Alert: CVE-2025-25155 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25155/
##CVE Alert: CVE-2025-25155 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25155/
##updated 2025-02-07T12:31:26
2 posts
CVE Alert: CVE-2025-25156 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25156/
##CVE Alert: CVE-2025-25156 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25156/
##updated 2025-02-07T12:31:26
2 posts
CVE Alert: CVE-2025-25167 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25167/
##CVE Alert: CVE-2025-25167 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25167/
##updated 2025-02-07T12:31:26
2 posts
CVE Alert: CVE-2025-25140 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25140/
##CVE Alert: CVE-2025-25140 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25140/
##updated 2025-02-07T12:31:26
2 posts
CVE Alert: CVE-2025-25151 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25151/
##CVE Alert: CVE-2025-25151 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25151/
##updated 2025-02-07T12:31:26
2 posts
CVE Alert: CVE-2025-25152 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25152/
##CVE Alert: CVE-2025-25152 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25152/
##updated 2025-02-07T12:31:26
2 posts
CVE Alert: CVE-2025-25148 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25148/
##CVE Alert: CVE-2025-25148 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25148/
##updated 2025-02-07T12:31:26
2 posts
CVE Alert: CVE-2025-25159 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25159/
##CVE Alert: CVE-2025-25159 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25159/
##updated 2025-02-07T12:31:26
2 posts
CVE Alert: CVE-2025-25160 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25160/
##CVE Alert: CVE-2025-25160 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25160/
##updated 2025-02-07T12:31:25
2 posts
CVE Alert: CVE-2025-25168 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25168/
##CVE Alert: CVE-2025-25168 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25168/
##updated 2025-02-07T12:31:25
2 posts
CVE Alert: CVE-2025-25166 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25166/
##CVE Alert: CVE-2025-25166 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25166/
##updated 2025-02-07T12:31:25
2 posts
CVE Alert: CVE-2025-25153 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25153/
##CVE Alert: CVE-2025-25153 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25153/
##updated 2025-02-07T12:31:25
2 posts
CVE Alert: CVE-2025-25147 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25147/
##CVE Alert: CVE-2025-25147 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25147/
##updated 2025-02-07T12:31:25
2 posts
CVE Alert: CVE-2025-25149 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25149/
##CVE Alert: CVE-2025-25149 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25149/
##updated 2025-02-07T12:31:25
2 posts
CVE Alert: CVE-2025-25163 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25163/
##CVE Alert: CVE-2025-25163 - https://www.redpacketsecurity.com/cve_alert_cve-2025-25163/
##updated 2025-02-07T03:32:09
4 posts
CVE Alert: CVE-2025-1083 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1083/
##CVE Alert: CVE-2025-1083 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1083/
##CVE Alert: CVE-2025-1083 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1083/
##CVE Alert: CVE-2025-1083 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1083/
##updated 2025-02-07T03:32:09
1 posts
Microsoft Security Response Center (MSRC) security advisories 06 February 2025:
There are an additional three CVEs patched, first announced by Google Chrome 2 days ago. All of these are Not Exploited, Not Publicly Disclosed, and Exploitability Assessment: Exploitation Less Likely, except for the Dynamics 365 CVE (N/A) and 21408 which actually says UNLIKELY. 🤔
#microsoft #vulnerability #dynamics365 #cve #edge #chromium #chrome #infosec #cybersecurity
##updated 2025-02-07T03:32:09
1 posts
Microsoft Security Response Center (MSRC) security advisories 06 February 2025:
There are an additional three CVEs patched, first announced by Google Chrome 2 days ago. All of these are Not Exploited, Not Publicly Disclosed, and Exploitability Assessment: Exploitation Less Likely, except for the Dynamics 365 CVE (N/A) and 21408 which actually says UNLIKELY. 🤔
#microsoft #vulnerability #dynamics365 #cve #edge #chromium #chrome #infosec #cybersecurity
##updated 2025-02-07T03:32:09
1 posts
Microsoft Security Response Center (MSRC) security advisories 06 February 2025:
There are an additional three CVEs patched, first announced by Google Chrome 2 days ago. All of these are Not Exploited, Not Publicly Disclosed, and Exploitability Assessment: Exploitation Less Likely, except for the Dynamics 365 CVE (N/A) and 21408 which actually says UNLIKELY. 🤔
#microsoft #vulnerability #dynamics365 #cve #edge #chromium #chrome #infosec #cybersecurity
##updated 2025-02-07T03:32:09
1 posts
Microsoft Security Response Center (MSRC) security advisories 06 February 2025:
There are an additional three CVEs patched, first announced by Google Chrome 2 days ago. All of these are Not Exploited, Not Publicly Disclosed, and Exploitability Assessment: Exploitation Less Likely, except for the Dynamics 365 CVE (N/A) and 21408 which actually says UNLIKELY. 🤔
#microsoft #vulnerability #dynamics365 #cve #edge #chromium #chrome #infosec #cybersecurity
##updated 2025-02-07T03:32:09
1 posts
Microsoft Security Response Center (MSRC) security advisories 06 February 2025:
There are an additional three CVEs patched, first announced by Google Chrome 2 days ago. All of these are Not Exploited, Not Publicly Disclosed, and Exploitability Assessment: Exploitation Less Likely, except for the Dynamics 365 CVE (N/A) and 21408 which actually says UNLIKELY. 🤔
#microsoft #vulnerability #dynamics365 #cve #edge #chromium #chrome #infosec #cybersecurity
##updated 2025-02-07T03:32:09
1 posts
CISA: Elber Communications Equipment
With the bullshit occurring yesterday, this was less of a priority: ICS advisories are sometimes a juicy nugget and one of these two vulnerabilities (CVE-2025-0674 (9.8 critical) authentication bypass or CVE-2025-0675 (7.5 high) unauthenticated device configuration and client-side hidden functionality disclosure) in Elbers Communications products (communication equipment) has a public exploit (zero day).
Elber does not plan to mitigate these vulnerabilities because this equipment is either end of life or almost end of life.
The fuck you mean you're not going to patch your product that's still on the market?? Never buy their products again.
##updated 2025-02-07T03:32:09
1 posts
CISA: Elber Communications Equipment
With the bullshit occurring yesterday, this was less of a priority: ICS advisories are sometimes a juicy nugget and one of these two vulnerabilities (CVE-2025-0674 (9.8 critical) authentication bypass or CVE-2025-0675 (7.5 high) unauthenticated device configuration and client-side hidden functionality disclosure) in Elbers Communications products (communication equipment) has a public exploit (zero day).
Elber does not plan to mitigate these vulnerabilities because this equipment is either end of life or almost end of life.
The fuck you mean you're not going to patch your product that's still on the market?? Never buy their products again.
##updated 2025-02-07T03:32:08
4 posts
CVE Alert: CVE-2025-1082 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1082/
##CVE Alert: CVE-2025-1082 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1082/
##CVE Alert: CVE-2025-1082 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1082/
##CVE Alert: CVE-2025-1082 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1082/
##updated 2025-02-07T03:32:08
1 posts
Microsoft Security Response Center (MSRC) security advisories 06 February 2025:
There are an additional three CVEs patched, first announced by Google Chrome 2 days ago. All of these are Not Exploited, Not Publicly Disclosed, and Exploitability Assessment: Exploitation Less Likely, except for the Dynamics 365 CVE (N/A) and 21408 which actually says UNLIKELY. 🤔
#microsoft #vulnerability #dynamics365 #cve #edge #chromium #chrome #infosec #cybersecurity
##updated 2025-02-07T03:32:08
1 posts
Microsoft Security Response Center (MSRC) security advisories 06 February 2025:
There are an additional three CVEs patched, first announced by Google Chrome 2 days ago. All of these are Not Exploited, Not Publicly Disclosed, and Exploitability Assessment: Exploitation Less Likely, except for the Dynamics 365 CVE (N/A) and 21408 which actually says UNLIKELY. 🤔
#microsoft #vulnerability #dynamics365 #cve #edge #chromium #chrome #infosec #cybersecurity
##updated 2025-02-07T02:00:02.403000
6 posts
17 repos
https://github.com/DerZiad/CVE-2024-21413
https://github.com/th3Hellion/CVE-2024-21413
https://github.com/dshabani96/CVE-2024-21413
https://github.com/Cyber-Trambon/CVE-2024-21413-exploit
https://github.com/D1se0/CVE-2024-21413-Vulnerabilidad-Outlook-LAB
https://github.com/X-Projetion/CVE-2024-21413-Microsoft-Outlook-RCE-Exploit
https://github.com/duy-31/CVE-2024-21413
https://github.com/xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability
https://github.com/ThemeHackers/CVE-2024-21413
https://github.com/olebris/CVE-2024-21413
https://github.com/MSeymenD/CVE-2024-21413
https://github.com/r00tb1t/CVE-2024-21413-POC
Microsoft Outlook : cette faille critique est désormais exploitée dans des cyberattaques (CVE-2024-21413) https://www.it-connect.fr/outlook-faille-critique-desormais-exploitee-dans-cyberattaques-cve-2024-21413/ #ActuCybersécurité #Cybersécurité #Microsoft #Outlook #Office
##Critical Microsoft Outlook Vulnerability (CVE-2024-21413) Actively Exploited in Attacks – CISA Warns https://cybersecuritynews.com/critical-microsoft-outlook-vulnerability-actively-exploited-in-cyber-attacks/ #CyberSecurityNews #VulnerabilityNews #cybersecuritynews #CyberSecurity #cybersecurity #vulnerability #Exploit
##New - CVE-2024-21413
Score: 9.8 CRITICAL
The flaw is caused by improper input validation when opening emails with malicious links using vulnerable Outlook versions.
##CISA: CISA Adds Five Known Exploited Vulnerabilities to Catalog
Hot off the press!
#cisa #cisakev #kev #vulnerability #eitw #activeexploitation #infosec #cybersecurity #knownexploitedvulnerabilitiescatalog
##CVE ID: CVE-2024-21413
Vendor: Microsoft
Product: Office Outlook
Date Added: 2025-02-06
Vulnerability: Microsoft Outlook Improper Input Validation Vulnerability
Notes: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21413 ; https://nvd.nist.gov/vuln/detail/CVE-2024-21413
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-21413
CISA has updated the KEV catalogue:
- CVE-2025-0411: 7-Zip Mark of the Web Bypass Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-0411
-CVE-2022-23748: Dante Discovery Process Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2022-23748
- CVE-2024-21413: Microsoft Outlook Improper Input Validation Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-21413
- CVE-2020-29574: CyberoamOS (CROS) SQL Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2020-29574
CVE.org link updated today: CVE-2020-15069: Sophos XG Firewall Buffer Overflow Vulnerability https://www.cve.org/CVERecord?id=CVE-2020-15069 @cisagov #cybersecurity #infosec #CISA
##updated 2025-02-06T21:32:10
3 posts
"No way to prevent this" say users of only language where this regularly happens
https://xeiaso.net/shitposts/no-way-to-prevent-this/CVE-2025-0725/
"No way to prevent this" say u...
"No way to prevent this" say users of only language where this regularly happens
##Embrace. This is the new #curl CVE I expect I will get a fair amount of... "traffic" about: https://curl.se/docs/CVE-2025-0725.html
##updated 2025-02-06T21:15:23.120000
4 posts
CVE Alert: CVE-2025-1081 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1081/
##CVE Alert: CVE-2025-1081 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1081/
##CVE Alert: CVE-2025-1081 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1081/
##CVE Alert: CVE-2025-1081 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1081/
##updated 2025-02-06T21:15:21.923000
4 posts
CVE Alert: CVE-2025-0158 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0158/
##CVE Alert: CVE-2025-0158 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0158/
##CVE Alert: CVE-2025-0158 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0158/
##CVE Alert: CVE-2025-0158 - https://www.redpacketsecurity.com/cve_alert_cve-2025-0158/
##updated 2025-02-06T21:15:20.997000
1 posts
A couple Apache Cassandra advisories are out this morning. Well, yesterday afternoon for me, but I missed them then.
CVE-2025-24860: https://lists.apache.org/thread/yjo5on4tf7s1r9qklc4byrz30b8vkm2d
Incorrect Authorization vulnerability in Apache Cassandra allowing users to access a datacenter or IP/CIDR groups they should not be able to when using CassandraNetworkAuthorizer or CassandraCIDRAuthorizer.
Users with restricted data center access can update their own permissions via data control language (DCL) statements on affected versions.
This issue affects Apache Cassandra: from 4.0.0 through 4.0.15 and from 4.1.0 through 4.1.7 for CassandraNetworkAuthorizer, and from 5.0.0 through 5.0.2 for both CassandraNetworkAuthorizer and CassandraCIDRAuthorizer.
Operators using CassandraNetworkAuthorizer or CassandraCIDRAuthorizer on affected versions should review data access rules for potential breaches. Users are recommended to upgrade to versions 4.0.16, 4.1.8, 5.0.3, which fixes the issue.
CVE-2024-27137: https://lists.apache.org/thread/jsk87d9yv8r204mgqpz1qxtp5wcrpysm
##In Apache Cassandra it is possible for a local attacker without access
to the Apache Cassandra process or configuration files to manipulate
the RMI registry to perform a man-in-the-middle attack and capture usernames and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and perform unauthorized operations.This is same vulnerability that CVE-2020-13946 was issued for, but the Java option was changed in JDK10.
This issue affects Apache Cassandra from 4.0.2 through 5.0.2 running Java 11.
Operators are recommended to upgrade to a release equal to or later than 4.0.15, 4.1.8, or 5.0.3 which fixes the issue.
updated 2025-02-06T20:15:41.030000
1 posts
A couple Apache Cassandra advisories are out this morning. Well, yesterday afternoon for me, but I missed them then.
CVE-2025-24860: https://lists.apache.org/thread/yjo5on4tf7s1r9qklc4byrz30b8vkm2d
Incorrect Authorization vulnerability in Apache Cassandra allowing users to access a datacenter or IP/CIDR groups they should not be able to when using CassandraNetworkAuthorizer or CassandraCIDRAuthorizer.
Users with restricted data center access can update their own permissions via data control language (DCL) statements on affected versions.
This issue affects Apache Cassandra: from 4.0.0 through 4.0.15 and from 4.1.0 through 4.1.7 for CassandraNetworkAuthorizer, and from 5.0.0 through 5.0.2 for both CassandraNetworkAuthorizer and CassandraCIDRAuthorizer.
Operators using CassandraNetworkAuthorizer or CassandraCIDRAuthorizer on affected versions should review data access rules for potential breaches. Users are recommended to upgrade to versions 4.0.16, 4.1.8, 5.0.3, which fixes the issue.
CVE-2024-27137: https://lists.apache.org/thread/jsk87d9yv8r204mgqpz1qxtp5wcrpysm
##In Apache Cassandra it is possible for a local attacker without access
to the Apache Cassandra process or configuration files to manipulate
the RMI registry to perform a man-in-the-middle attack and capture usernames and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and perform unauthorized operations.This is same vulnerability that CVE-2020-13946 was issued for, but the Java option was changed in JDK10.
This issue affects Apache Cassandra from 4.0.2 through 5.0.2 running Java 11.
Operators are recommended to upgrade to a release equal to or later than 4.0.15, 4.1.8, or 5.0.3 which fixes the issue.
updated 2025-02-06T18:32:07
3 posts
CISA: CISA Adds Five Known Exploited Vulnerabilities to Catalog
Hot off the press!
#cisa #cisakev #kev #vulnerability #eitw #activeexploitation #infosec #cybersecurity #knownexploitedvulnerabilitiescatalog
##CVE ID: CVE-2022-23748
Vendor: Audinate
Product: Dante Discovery
Date Added: 2025-02-06
Vulnerability: Dante Discovery Process Control Vulnerability
Notes: https://www.getdante.com/support/faq/audinate-response-to-dante-discovery-mdnsresponder-exe-security-issue-cve-2022-23748/ ; https://nvd.nist.gov/vuln/detail/CVE-2022-23748
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2022-23748
CISA has updated the KEV catalogue:
- CVE-2025-0411: 7-Zip Mark of the Web Bypass Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-0411
-CVE-2022-23748: Dante Discovery Process Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2022-23748
- CVE-2024-21413: Microsoft Outlook Improper Input Validation Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-21413
- CVE-2020-29574: CyberoamOS (CROS) SQL Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2020-29574
CVE.org link updated today: CVE-2020-15069: Sophos XG Firewall Buffer Overflow Vulnerability https://www.cve.org/CVERecord?id=CVE-2020-15069 @cisagov #cybersecurity #infosec #CISA
##updated 2025-02-06T18:31:11
4 posts
CVE Alert: CVE-2025-1078 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1078/
##CVE Alert: CVE-2025-1078 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1078/
##CVE Alert: CVE-2025-1078 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1078/
##CVE Alert: CVE-2025-1078 - https://www.redpacketsecurity.com/cve_alert_cve-2025-1078/
##updated 2025-02-06T18:31:05
1 posts
2 repos
This seems... Known? Expected? Is that the word?
https://www.cve.org/CVERecord?id=CVE-2024-7595
##GRE and GRE6 Protocols (RFC2784) do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can be considered similar to CVE-2020-10136.
updated 2025-02-06T18:30:59
3 posts
CISA: CISA Adds Five Known Exploited Vulnerabilities to Catalog
Hot off the press!
#cisa #cisakev #kev #vulnerability #eitw #activeexploitation #infosec #cybersecurity #knownexploitedvulnerabilitiescatalog
##CVE ID: CVE-2020-29574
Vendor: Sophos
Product: CyberoamOS
Date Added: 2025-02-06
Vulnerability: CyberoamOS (CROS) SQL Injection Vulnerability
Notes: https://support.sophos.com/support/s/article/KBA-000007526 ; https://nvd.nist.gov/vuln/detail/CVE-2020-29574
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2020-29574
CISA has updated the KEV catalogue:
- CVE-2025-0411: 7-Zip Mark of the Web Bypass Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-0411
-CVE-2022-23748: Dante Discovery Process Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2022-23748
- CVE-2024-21413: Microsoft Outlook Improper Input Validation Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-21413
- CVE-2020-29574: CyberoamOS (CROS) SQL Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2020-29574
CVE.org link updated today: CVE-2020-15069: Sophos XG Firewall Buffer Overflow Vulnerability https://www.cve.org/CVERecord?id=CVE-2020-15069 @cisagov #cybersecurity #infosec #CISA
##updated 2025-02-06T18:30:59
3 posts
CISA: CISA Adds Five Known Exploited Vulnerabilities to Catalog
Hot off the press!
#cisa #cisakev #kev #vulnerability #eitw #activeexploitation #infosec #cybersecurity #knownexploitedvulnerabilitiescatalog
##CVE ID: CVE-2020-15069
Vendor: Sophos
Product: XG Firewall
Date Added: 2025-02-06
Vulnerability: Sophos XG Firewall Buffer Overflow Vulnerability
Notes: https://community.sophos.com/b/security-blog/posts/advisory-buffer-overflow-vulnerability-in-user-portal ; https://nvd.nist.gov/vuln/detail/CVE-2020-15069
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2020-15069
CISA has updated the KEV catalogue:
- CVE-2025-0411: 7-Zip Mark of the Web Bypass Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-0411
-CVE-2022-23748: Dante Discovery Process Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2022-23748
- CVE-2024-21413: Microsoft Outlook Improper Input Validation Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-21413
- CVE-2020-29574: CyberoamOS (CROS) SQL Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2020-29574
CVE.org link updated today: CVE-2020-15069: Sophos XG Firewall Buffer Overflow Vulnerability https://www.cve.org/CVERecord?id=CVE-2020-15069 @cisagov #cybersecurity #infosec #CISA
##updated 2025-02-06T18:15:33.030000
3 posts
XE Group Activity Detection: From Credit Card Skimming to Exploiting CVE-2024-57968 and CVE-2025-25181 VeraCore Zero-Day Vulnerabilities – Source: socprime.com https://ciso2ciso.com/xe-group-activity-detection-from-credit-card-skimming-to-exploiting-cve-2024-57968-and-cve-2025-25181-veracore-zero-day-vulnerabilities-source-socprime-com/ #ThreatDetectionMarketplace #rssfeedpostgeneratorecho #ThreatHuntingContent #CyberSecurityNews #DetectionContent #SOCPrimePlatform #Latestthreats #Vulnerability
##XE Group evolves from card skimming to vulnerability exploitation using VeraCore zero-days (CVE-2024-57968 and CVE-2025-25181) to maintain persistent access to compromised systems. Detect the group’s activity with Sigma rules from SOC Prime Platform.
https://socprime.com/blog/detect-xe-group-attacks/?utm_source=mastodon&utm_medium=social&utm_campaign=latest-threats&utm_content=blog-post
Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968) https://www.helpnetsecurity.com/2025/02/05/cybercrime-exploited-veracore-zero-day-vulnerabilities-cve-2025-25181-cve-2024-57968-xe-group/ #manufacturingsector #distributionsector #cybercriminals #SolisSecurity #SQLinjection #Don'tmiss #datatheft #Hotstuff #webshell #exploit #Intezer #0-day #News
##updated 2025-02-06T18:15:32.287000
3 posts
XE Group Activity Detection: From Credit Card Skimming to Exploiting CVE-2024-57968 and CVE-2025-25181 VeraCore Zero-Day Vulnerabilities – Source: socprime.com https://ciso2ciso.com/xe-group-activity-detection-from-credit-card-skimming-to-exploiting-cve-2024-57968-and-cve-2025-25181-veracore-zero-day-vulnerabilities-source-socprime-com/ #ThreatDetectionMarketplace #rssfeedpostgeneratorecho #ThreatHuntingContent #CyberSecurityNews #DetectionContent #SOCPrimePlatform #Latestthreats #Vulnerability
##XE Group evolves from card skimming to vulnerability exploitation using VeraCore zero-days (CVE-2024-57968 and CVE-2025-25181) to maintain persistent access to compromised systems. Detect the group’s activity with Sigma rules from SOC Prime Platform.
https://socprime.com/blog/detect-xe-group-attacks/?utm_source=mastodon&utm_medium=social&utm_campaign=latest-threats&utm_content=blog-post
Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968) https://www.helpnetsecurity.com/2025/02/05/cybercrime-exploited-veracore-zero-day-vulnerabilities-cve-2025-25181-cve-2024-57968-xe-group/ #manufacturingsector #distributionsector #cybercriminals #SolisSecurity #SQLinjection #Don'tmiss #datatheft #Hotstuff #webshell #exploit #Intezer #0-day #News
##updated 2025-02-06T15:33:54
1 posts
Go hack some Honeywell Wireless Device Managers. Old vuln, new sev:CRIT CVE so I'm sure it's patched everywhere by now...
https://nvd.nist.gov/vuln/detail/CVE-2023-5878
##Wireless Device Manager (WDM) for the following versions R310.x, R320.x, R321.x, R322.1, R322.2, R323.x, R330.1 contains a command injection vulnerability. An attacker who is authenticated could use the firmware update process to potentially exploit the vulnerability, leading to a command injection.
updated 2025-02-06T02:00:02.120000
6 posts
CVE ID: CVE-2024-53104
Vendor: Linux
Product: Kernel
Date Added: 2025-02-05
Vulnerability: Linux Kernel Out-of-Bounds Write Vulnerability
Notes: https://lore.kernel.org/linux-cve-announce/2024120232-CVE-2024-53104-d781@gregkh/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-53104
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-53104
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
Hot off the press! (In fact, it was so hot that I beat the CISA media team to starting the announcement) CVE-2024-53104 (7.8 high) Linux Kernel Out-of-Bounds Write Vulnerability.
#cisa #cisakev #kev #vulnerability #eitw #activeexploitation #infosec #cybersecurity #knownexploitedvulnerabilitiescatalog
##Hacker News: Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 https://thehackernews.com/2025/02/google-patches-47-android-security.html #news #IT
##The vulnerability in question is CVE-2024-53104 (CVSS score: 7.8), which has been described as a case of privilege escalation in a kernel component known as the USB Video Class (UVC) driver. https://thehackernews.com/2025/02/google-patches-47-android-security.html
##Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 https://thehackernews.com/2025/02/google-patches-47-android-security.html
##Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 https://thehackernews.com/2025/02/google-patches-47-android-security.html
##updated 2025-02-05T21:33:37
4 posts
Cloudflare: Resolving a Mutual TLS session resumption vulnerability
Cloudflare voluntarily provides vulnerability details for CVE-2025-23419 (CVSSv4: 5.3/v3.1: 4.3 medium) TLS Session Resumption Vulnerability which they were notified about 2 weeks ago. There's no exploitation in the wild.
#cloudflare #vulnerability #infosec #cybersecurity #CVE_2025_23419
##CVE Alert: CVE-2025-23419 - https://www.redpacketsecurity.com/cve_alert_cve-2025-23419/
##Cloudflare: Resolving a Mutual TLS session resumption vulnerability
Cloudflare voluntarily provides vulnerability details for CVE-2025-23419 (CVSSv4: 5.3/v3.1: 4.3 medium) TLS Session Resumption Vulnerability which they were notified about 2 weeks ago. There's no exploitation in the wild.
#cloudflare #vulnerability #infosec #cybersecurity #CVE_2025_23419
##CVE Alert: CVE-2025-23419 - https://www.redpacketsecurity.com/cve_alert_cve-2025-23419/
##updated 2025-02-05T18:34:52
1 posts
Progress security advisory "05" February 2024: LoadMaster Security Vulnerability CVE-2024-56131 / CVE-2024-56132 / CVE-2024-56133 / CVE-2024-56134 / CVE-2024-56135
Remote malicious actors who gain access to the management interface of LoadMaster and successfully authenticate could issue a carefully crafted HTTP request that allows arbitrary system commands to be executed. This vulnerability has been closed by sanitizing request user input to mitigate arbitrary system commands being executed.
##We have not received any reports that these vulnerabilities have been exploited and we are not aware of any direct impact on customers.
updated 2025-02-05T18:34:52
1 posts
Progress security advisory "05" February 2024: LoadMaster Security Vulnerability CVE-2024-56131 / CVE-2024-56132 / CVE-2024-56133 / CVE-2024-56134 / CVE-2024-56135
Remote malicious actors who gain access to the management interface of LoadMaster and successfully authenticate could issue a carefully crafted HTTP request that allows arbitrary system commands to be executed. This vulnerability has been closed by sanitizing request user input to mitigate arbitrary system commands being executed.
##We have not received any reports that these vulnerabilities have been exploited and we are not aware of any direct impact on customers.
updated 2025-02-05T18:34:52
1 posts
Progress security advisory "05" February 2024: LoadMaster Security Vulnerability CVE-2024-56131 / CVE-2024-56132 / CVE-2024-56133 / CVE-2024-56134 / CVE-2024-56135
Remote malicious actors who gain access to the management interface of LoadMaster and successfully authenticate could issue a carefully crafted HTTP request that allows arbitrary system commands to be executed. This vulnerability has been closed by sanitizing request user input to mitigate arbitrary system commands being executed.
##We have not received any reports that these vulnerabilities have been exploited and we are not aware of any direct impact on customers.
updated 2025-02-05T18:34:52
1 posts
Progress security advisory "05" February 2024: LoadMaster Security Vulnerability CVE-2024-56131 / CVE-2024-56132 / CVE-2024-56133 / CVE-2024-56134 / CVE-2024-56135
Remote malicious actors who gain access to the management interface of LoadMaster and successfully authenticate could issue a carefully crafted HTTP request that allows arbitrary system commands to be executed. This vulnerability has been closed by sanitizing request user input to mitigate arbitrary system commands being executed.
##We have not received any reports that these vulnerabilities have been exploited and we are not aware of any direct impact on customers.
updated 2025-02-05T18:34:52
2 posts
CVE-2025-20124 and CVE-2025-20125.
Cisco Identity Services Engine Insecure Java Deserialization and Authorization Bypass Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multivuls-FTW9AOXF @TalosSecurity #cybersecurity #infosec
##Cisco security advisories (PatchTuesday-ishing @shellsharks):
"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
##updated 2025-02-05T18:34:52
1 posts
Cisco security advisories (PatchTuesday-ishing @shellsharks):
"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
##updated 2025-02-05T18:34:52
1 posts
Cisco security advisories (PatchTuesday-ishing @shellsharks):
"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
##updated 2025-02-05T18:34:52
1 posts
Cisco security advisories (PatchTuesday-ishing @shellsharks):
"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
##updated 2025-02-05T18:34:52
1 posts
Cisco security advisories (PatchTuesday-ishing @shellsharks):
"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
##updated 2025-02-05T18:34:46
1 posts
Progress security advisory "05" February 2024: LoadMaster Security Vulnerability CVE-2024-56131 / CVE-2024-56132 / CVE-2024-56133 / CVE-2024-56134 / CVE-2024-56135
Remote malicious actors who gain access to the management interface of LoadMaster and successfully authenticate could issue a carefully crafted HTTP request that allows arbitrary system commands to be executed. This vulnerability has been closed by sanitizing request user input to mitigate arbitrary system commands being executed.
##We have not received any reports that these vulnerabilities have been exploited and we are not aware of any direct impact on customers.
updated 2025-02-05T18:34:46
1 posts
Cisco security advisories (PatchTuesday-ishing @shellsharks):
"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
##updated 2025-02-05T18:34:46
1 posts
Cisco security advisories (PatchTuesday-ishing @shellsharks):
"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
##updated 2025-02-05T18:34:46
1 posts
Cisco security advisories (PatchTuesday-ishing @shellsharks):
"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
##updated 2025-02-05T18:34:45
2 posts
CVE-2025-20124 and CVE-2025-20125.
Cisco Identity Services Engine Insecure Java Deserialization and Authorization Bypass Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multivuls-FTW9AOXF @TalosSecurity #cybersecurity #infosec
##Cisco security advisories (PatchTuesday-ishing @shellsharks):
"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
##updated 2025-02-05T18:34:45
1 posts
Cisco security advisories (PatchTuesday-ishing @shellsharks):
"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
##updated 2025-02-05T18:34:45
1 posts
Cisco security advisories (PatchTuesday-ishing @shellsharks):
"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
##updated 2025-02-05T18:34:45
1 posts
Cisco security advisories (PatchTuesday-ishing @shellsharks):
"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
##updated 2025-02-05T18:34:45
1 posts
Cisco security advisories (PatchTuesday-ishing @shellsharks):
"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."