Tag: cve
-
PoC Code Published for Linux nftables Security Vulnerability
by
in SecurityNewsSecurity researchers have published proof-of-concept (PoC) exploit code for CVE-2024-26809, a high-severity double-free vulnerability in Linux’s nftables firewall subsystem. The flaw allows local attackers to escalate privileges and execute arbitrary code, posing significant risks to unpatched systems. Technical Breakdown of CVE-2024-26809 nftables, the modern replacement for legacy iptables, manages network packet filtering through components liketables,sets, andrules.…
-
Week in review: The impact of a CVE-free future on cyber defense, Patch Tuesday forecast
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: What a future without CVEs means for cyber defense For many cybersecurity … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/11/week-in-review-the-impact-of-a-cve-free-future-on-cyber-defense-patch-tuesday-forecast/
-
FBI warns that end of life devices are being actively targeted by threat actors
by
in SecurityNews
Tags: access, antivirus, attack, authentication, botnet, china, cisco, control, credentials, cve, data-breach, exploit, firewall, firmware, Hardware, identity, infection, intelligence, Internet, malware, network, password, router, sans, service, software, technology, threat, tool, update, vulnerabilityLinksys E1200, E2500, E1000, E4200, E1500, E300, E3200, E1550, WRT320N, WRT310N, WRT610NCradlepoint E100Cisco M10Threat actors, notably Chinese state-sponsored actors, are successfully exploiting known vulnerabilities in routers exposed to the web through pre-installed remote management software, according to the FBI. They then install malware, set up a botnet, and sell proxy services or launch coordinated attacks.”The…
-
Elastic Kibana Prototype Contamination Leads to Arbitrary Code Execution Vulnerability (CVE-2025-25014)
by
in SecurityNewsOverview Recently, NSFOCUS CERT detected that Elastic issued a security bulletin to fix the arbitrary code execution vulnerability caused by Elastic Kibana prototype contamination (CVE-2025-25014); Due to the prototype contamination problem in Kibana, an attacker with specific role privileges can bypass the authentication mechanism by constructing specially crafted file uploads and specific HTTP requests to…The…
-
Schwachstelle in Samsung-Magicinfo-9-Server-Software
by
in SecurityNewsArctic Wolf hat seit Anfang Mai 2025 einen Exploit der Schwachstelle CVE-2024-7399 in Samsung beobachtet. Bei der Server-Software handelt es sich um ein Content-Management-System (CMS), das zum Management und zur Fernsteuerung digitaler Anzeigesysteme verwendet wird. Diese schwerwiegende Sicherheitslücke wurde ursprünglich im August 2024 von Samsung veröffentlicht, nachdem sie von Sicherheitsforschern gemeldet worden war. […] First…
-
Chinese Hackers Exploit SAP RCE Vulnerability to Deploy Supershell Backdoors
by
in SecurityNewsA critical remote code execution (RCE) vulnerability, identified as CVE-2025-31324, in SAP NetWeaver Visual Composer 7.x is being actively exploited by a Chinese threat actor, tracked as Chaya_004. This deserialization flaw allows attackers to upload malicious binaries, including web shells, to unpatched servers, granting full system takeover capabilities. According to research from Forescout, exploitation has…
-
Beyond Vulnerability Management Can You CVE What I CVE?
by
in SecurityNewsThe Vulnerability TreadmillThe reactive nature of vulnerability management, combined with delays from policy and process, strains security teams. Capacity is limited and patching everything immediately is a struggle. Our Vulnerability Operation Center (VOC) dataset analysis identified 1,337,797 unique findings (security issues) across 68,500 unique customer assets. 32,585 of them were distinct First seen on thehackernews.com…
-
CVE funding crisis offers chance for vulnerability remediation rethink
by
in SecurityNews
Tags: access, ai, awareness, best-practice, cisa, cve, cvss, cybersecurity, data, exploit, Hardware, healthcare, intelligence, iot, kev, least-privilege, metric, mfa, microsoft, network, open-source, penetration-testing, risk, software, threat, tool, training, update, vulnerability, vulnerability-managementAutomatic for the people: AI technologies could act as a temporary bridge for vulnerability triage, but not a replacement for a stable CVE system, according to experts consulted by CSO.”Automation and AI-based tools can also enable real-time discovery of new vulnerabilities without over-relying on standard CVE timelines,” said Haris Pylarinos, founder and chief executive of…
-
CVSS 10.0 Vulnerability Found in Ubiquity UniFi Protect Cameras
by
in SecurityNewsUbiquity has disclosed two security vulnerabilities affecting its widely used video surveillance platform, UniFi Protect. One of the flaws, now assigned the identifier CVE-2025-23123, has been rated as critical with a maximum CVSS score of 10.0. Both issues have been addressed in recent firmware and application updates, and the company is urging users to install…
-
SonicWall fixed SMA 100 flaws that could be chained to execute arbitrary code
by
in SecurityNewsSonicWall addressed three SMA 100 flaws, including a potential zero-day, that could allow remote code execution if chained. SonicWall patches three SMA 100 vulnerabilities (CVE-2025-32819, CVE-2025-32820, and CVE-2025-32821), including a potential zero-day, that could be chained by a remote attacker to execute arbitrary code. The first flaw, tracked as CVE-2025-32819 (CVSS score of 8.8), is…
-
Researchers Uncover Remote Code Execution Flaw in macOS CVE-2024-44236
by
in SecurityNewsSecurity researchers Nikolai Skliarenko and Yazhi Wang of Trend Micro’s Research Team have disclosed critical details about CVE-2024-44236, a memory corruption vulnerability in Apple’s macOS Scriptable Image Processing System (sips). Discovered by Hossein Lotfi through Trend Micro’s Zero Day Initiative, this flaw allows arbitrary code execution via maliciously crafted ICC profile files. Patched in October…
-
SonicWall SMA 100 Series Critical Post-Authentication Vulnerabilities (CVE-2025-32819, CVE-2025-32820, CVE-2025-32821)
by
in SecurityNewsSummary On May 7, 2025, SonicWall and Rapid7 disclosed three vulnerabilities affecting SonicWall Secure Mobile Access (SMA) 100 Series appliances, including models 200, 210, 400, First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/05/09/sonicwall-sma-100-series-critical-post-authentication-vulnerabilities-cve-2025-32819-cve-2025-32820-cve-2025-32821/
-
Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
by
in SecurityNewsA China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver.Forescout Vedere Labs, in a report published today, said it uncovered a malicious infrastructure likely associated with the hacking group weaponizing CVE-2025-31324 (CVSS score: 10.0) since April 29, 2025.CVE-2025-31324 refers to a critical SAP NetWeaver flaw First…
-
IXON VPN Client Vulnerability Allows Privilege Escalation for Attackers
by
in SecurityNewsA critical security vulnerability in IXON’s widely used VPN client has exposed Windows, Linux, and macOS systems to local privilege escalation attacks, enabling non-privileged users to gain root or SYSTEM-level access. Designated as CVE-2025-26168 and CVE-2025-26169, these flaws affect versions 1.4.3 and earlier of the software, posing severe risks to industrial, enterprise, and managed service…
-
Radware Cloud Web App Firewall Flaw Allows Attackers to Bypass Security Filters
by
in SecurityNewsSecurity researchers have uncovered two critical vulnerabilities in Radware’s Cloud Web Application Firewall (WAF) that enable attackers to bypass security filters and deliver malicious payloads to protected web applications. These flaws, designated CVE-2024-56523 and CVE-2024-56524, highlight systemic weaknesses in how the WAF processes non-standard HTTP requests and user-supplied input containing special characters. The vulnerabilities, disclosed…
-
Life Without CVEs? It’s Time to Act
by
in SecurityNewsDespite all MITRE has done for cybersecurity, it is clear we should not wait 11 months to discuss the future of the CVE database. It’s simply too important for that. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/life-without-cves-time-act
-
SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root
by
in SecurityNewsSonicWall has released patches to address three security flaws affecting SMA 100 Secure Mobile Access (SMA) appliances that could be fashioned to result in remote code execution.The vulnerabilities are listed below -CVE-2025-32819 (CVSS score: 8.8) – A vulnerability in SMA100 allows a remote authenticated attacker with SSL-VPN user privileges to bypass the path traversal checks…
-
CVE-2025-20188: Cisco Fixes 10.0-Rated Wireless Controller Flaw
by
in SecurityNewsCisco has rolled out software patches to address a severe security vulnerability, tracked as CVE-2025-20188, in its IOS XE Wireless Controller software. The flaw, which has been assigned the highest possible CVSS score of 10.0, could allow unauthenticated remote attackers to gain full root access on affected systems. First seen on thecyberexpress.com Jump to article:…
-
Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT
by
in SecurityNewsCisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system.The vulnerability, tracked as CVE-2025-20188, has been rated 10.0 on the CVSS scoring system.”This vulnerability is due to the presence of a hard-coded JSON…
-
Security update causes new problem for Windows Hello for Business authentication
by
in SecurityNews
Tags: advisory, authentication, business, credentials, cve, flaw, identity, login, microsoft, update, vulnerability, windowsfixing vulnerabilities, of which CVE-2025-26647, the flaw addressed by the buggy fix, was serious enough to warrant immediate attention.But Windows environments are varied, and exceptions arise, especially in relation to the complex subject of authentication. In some cases, the fix for a vulnerability can cause new problems that Microsoft only detects when customers shout about…
-
Google Rolls Out May 2025 Android Security Bulletin, Fixes 46 Vulnerabilities Including CVE-2025-27363
by
in SecurityNewsGoogle has published its Android Security Bulletin for May 2025, delivering critical updates to the Android ecosystem. This monthly update resolves 46 vulnerabilities, one of which”, CVE-2025-27363″, has already been exploited in the wild. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/android-security-bulletin-2/
-
U.S. CISA adds FreeType flaw to its Known Exploited Vulnerabilities catalog
by
in SecurityNewsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds FreeType flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added a FreeType flaw, tracked as CVE-2025-27363 (CVSS score of 8.1), to its Known Exploited Vulnerabilities (KEV) catalog. In mid-March, Metawarnedthat the out-of-bounds write vulnerabilityCVE-2025-27363may have been actively exploited in attacks. “An out…
-
Researcher Says Patched Commvault Bug Still Exploitable
by
in SecurityNewsCISA added CVE-2025-34028 to its catalog of known exploited vulnerabilities, citing active attacks in the wild. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/researcher-patched-commvault-bug-exploitable
-
Samsung MagicINFO flaw exploited days after PoC exploit publication
by
in SecurityNewsThreat actors started exploiting a vulnerability in Samsung MagicINFO only days after a PoC exploit was published. Arctic Wolf researchers observed threat actors beginning to exploit a high-severity vulnerability, tracked as CVE-2024-7399 (CVSS score: 8.8), in the Samsung MagicINFO content management system (CMS) just days after proof-of-concept (PoC) exploit code was publicly released. The vulnerability…
-
Apache Parquet exploit tool detect servers vulnerable to critical flaw
by
in SecurityNewsA proof-of-concept exploit has been publicly released for a maximum severity Apache Parquet vulnerability, tracked as CVE-2025-30065, making it easy to find vulnerable servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apache-parquet-exploit-tool-detect-servers-vulnerable-to-critical-flaw/
-
Experts warn of a second wave of attacks targeting SAP NetWeaver bug CVE-2025-31324
by
in SecurityNewsThreat actors launch second wave of attacks on SAP NetWeaver, exploiting webshells from a recent zero-day vulnerability. In April, ReliaQuest researchers warned that a zero-day vulnerability, tracked as CVE-2025-31324 (CVSS score of 10/10), in SAP NetWeaver is potentially being exploited. Thousands of internet-facing applications are potentially at risk. The flaw in SAP NetWeaver Visual Composer Metadata Uploader…
-
U.S. CISA adds Langflow flaw to its Known Exploited Vulnerabilities catalog
by
in SecurityNewsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Langflow flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added a Langflow flaw, tracked as CVE-2025-3248 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. Langflow is a popular tool used for building agentic AI workflows. CVE-2025-3248 is a…
-
Schwachstelle in SAP-Netweaver-Visual-Composer ermöglicht Cyberkriminellen die Ausführung von Remotecode
by
in SecurityNewsEine kritische Schwachstelle für den Datei-Upload mit einem CVSS-Score von 10,0 betrifft die Metadaten-Uploader-Komponente des SAP-NetWeaver-Visual-Composer. Als besonders schwerwiegende Sicherheitslücke vereint die Schwachstelle CVE-2025-31324 mehrere sehr große Risikofaktoren: Sie weist den maximalen CVSS-Score auf, benötigt keine Authentifizierung, betrifft ein in vielen großen Unternehmen weit verbreitetes Produkt und wurde bereits aktiv für die Ausführung von Remotecodes…
-
Android Security Update -A Critical RCE Vulnerability Actively Exploited in the Wild
by
in SecurityNewsGoogle has released critical security patches for Android devices to address 57 vulnerabilities across multiple subsystems, including an actively exploited remote code execution flaw tracked as CVE-2025-27363. The May 2025 security bulletin confirms this high-severity vulnerability in Android’s System component enables local code execution without requiring additional privileges or user interaction. Devices running Android 13…
-
Google fixed actively exploited Android flaw CVE-2025-27363
by
in SecurityNewsGoogle addressed 46 Android security vulnerabilities, including one issue that has been exploited in attacks in the wild. Google’s monthly security updates for Android addressed 46 flaws, including a high-severity vulnerability, tracked as CVE-2025-27363 (CVSS score of 8.1), that has been exploited in the wild. The company did not disclose any details regarding the attacks…