Tag: cve
-
Fluent Bit vulnerabilities could enable full cloud takeover
Tags: backdoor, cloud, computing, container, cve, docker, flaw, malicious, open-source, remote-code-execution, vulnerabilityFile writes, container overflow, and full agent takeover: Oligo also disclosed a chain of remote code execution (RCE) and path traversal vulnerabilities affecting the tool. CVE-2025-12972 targets the “out_file” output plugin. When Tag values are user-controlled, and no fixed File parameter is set, attackers can abuse the Tag value (e.g.,”../”) to cause path-traversal file writes…
-
NVIDIA Isaac-GROOT Flaws Let Attackers Inject Malicious Code
NVIDIA has released security updates addressing two critical code injection vulnerabilities in its Isaac-GR00T robotics software platform. The flaws could allow attackers with local system access to execute arbitrary code, escalate privileges, and tamper with sensitive data, potentially compromising robotic systems and their underlying infrastructure. The vulnerabilities, tracked as CVE-2025-33183 and CVE-2025-33184, affect all versions…
-
Azure Bastion mit schwerer Schwachstelle CVE-2025-49752
Der Microsoft Azure Bastion-Dienst zum sicheren und nahtlosen RDP- und SSH-Zugriff auf virtuelle Azure-Maschinen (VMs) weist für alle Bereitstellungen vor dem 20. November 2025 eine schwere Schwachstelle CVE-2025-49752 (CVSS Score 10.0) auf. Am 21. November 2025 hat Microsoft den Dienst … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/25/azure-bastion-mit-schwerer-schwachstelle-cve-2025-49752/
-
Fortinet FortiWeb Schwachstelle (CVE-2025-58034)
Administratoren von Fortinet FortiWeb-Instanzen sehen sich erneut binnen weniger Tage mit einer Schwachstelle konfrontiert. Der Hersteller hat zum 18. November 2025 einen Sicherheitshinweis zur Schwachstelle CVE-2025-58034 veröffentlicht und in seine FortiWeb Produkte gepatcht. FortiWeb Schwachstelle (CVE-2025-58034) Der Sicherheitshinweis zur Schwachstelle … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/24/fortinet-fortiweb-schwachstelle-cve-2025-58034/
-
Critical Flaw in Oracle Identity Manager Under Exploitation
The exploitation of CVE-2025-61757 follows a breach of Oracle Cloud earlier this year as well as a recent extortion campaign targeting Oracle E-Business Suite customers. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/critical-flaw-oracle-identity-manager-under-exploitation
-
What keeps CISOs awake at night, and why Zurich might hold the cure
Tags: access, ai, api, attack, breach, ciso, conference, control, cve, cyber, cybersecurity, deep-fake, detection, endpoint, exploit, finance, firmware, framework, group, incident response, injection, LLM, malware, mandiant, microsoft, mitre, network, phishing, phone, ransomware, resilience, risk, soc, strategy, supply-chain, threat, tool, training, update, zero-dayA safe space in the Alps: Over two days at Zurich’s stunning Dolder Grand, hosted by the Swiss Cyber Institute, I witnessed something I’ve seldom seen at cybersecurity events: real vulnerability. In a closed, attribution-free environment, leaders shared not just strategies, but doubts. And that made this event stand out, not as another conference, but…
-
What keeps CISOs awake at night, and why Zurich might hold the cure
Tags: access, ai, api, attack, breach, ciso, conference, control, cve, cyber, cybersecurity, deep-fake, detection, endpoint, exploit, finance, firmware, framework, group, incident response, injection, LLM, malware, mandiant, microsoft, mitre, network, phishing, phone, ransomware, resilience, risk, soc, strategy, supply-chain, threat, tool, training, update, zero-dayA safe space in the Alps: Over two days at Zurich’s stunning Dolder Grand, hosted by the Swiss Cyber Institute, I witnessed something I’ve seldom seen at cybersecurity events: real vulnerability. In a closed, attribution-free environment, leaders shared not just strategies, but doubts. And that made this event stand out, not as another conference, but…
-
Years-old bugs in open source tool left every major cloud open to disruption
Fluent Bit has 15B+ deployments “¦ and 5 newly assigned CVEs First seen on theregister.com Jump to article: www.theregister.com/2025/11/24/fluent_bit_cves/
-
Grafana Flags Maximum-Severity SCIM Vulnerability Enabling Privilege Escalation
Grafana Labs has issued a warning regarding a maximum-severity security flaw, identified as CVE-2025-41115, affecting its Enterprise product. The vulnerability can allow attackers to impersonate administrators or escalate privileges if certain SCIM (System for Cross-domain Identity Management) settings are enabled. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/grafana-scim-vulnerability-cve-2025-41115/
-
PoC Published for W3 Total Cache Flaw Exposing 1M+ Sites to RCE
Security researchers have published a proof-of-concept exploit for a critical remote code execution vulnerability in W3 Total Cache, one of WordPress’s most popular caching plugins with over one million active installations. The flaw, tracked as CVE-2025-9501, allows attackers to execute arbitrary code on vulnerable websites under specific conditions. Field Details CVE ID CVE-2025-9501 Affected Product…
-
PoC Published for W3 Total Cache Flaw Exposing 1M+ Sites to RCE
Security researchers have published a proof-of-concept exploit for a critical remote code execution vulnerability in W3 Total Cache, one of WordPress’s most popular caching plugins with over one million active installations. The flaw, tracked as CVE-2025-9501, allows attackers to execute arbitrary code on vulnerable websites under specific conditions. Field Details CVE ID CVE-2025-9501 Affected Product…
-
vLLM Flaw Allows Remote Code Execution Through Malicious Payloads
A high security vulnerability has been discovered in vLLM, a widely used high-throughput inference and serving engine for Large Language Models. The flaw, identified as CVE-2025-62164, enables attackers to execute arbitrary code remotely through maliciously crafted payloads sent to the Completions API endpoint. Attribute Details CVE ID CVE-2025-62164 Severity High CVSS Score 8.8/10 Affected Product vLLM…
-
vLLM Flaw Allows Remote Code Execution Through Malicious Payloads
A high security vulnerability has been discovered in vLLM, a widely used high-throughput inference and serving engine for Large Language Models. The flaw, identified as CVE-2025-62164, enables attackers to execute arbitrary code remotely through maliciously crafted payloads sent to the Completions API endpoint. Attribute Details CVE ID CVE-2025-62164 Severity High CVSS Score 8.8/10 Affected Product vLLM…
-
vLLM Flaw Allows Remote Code Execution Through Malicious Payloads
A high security vulnerability has been discovered in vLLM, a widely used high-throughput inference and serving engine for Large Language Models. The flaw, identified as CVE-2025-62164, enables attackers to execute arbitrary code remotely through maliciously crafted payloads sent to the Completions API endpoint. Attribute Details CVE ID CVE-2025-62164 Severity High CVSS Score 8.8/10 Affected Product vLLM…
-
ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access
Tags: access, cve, exploit, flaw, intelligence, malware, microsoft, open-source, service, threat, update, vulnerability, windowsA recently patched security flaw in Microsoft Windows Server Update Services (WSUS) has been exploited by threat actors to distribute malware known as ShadowPad.”The attacker targeted Windows Servers with WSUS enabled, exploiting CVE-2025-59287 for initial access,” AhnLab Security Intelligence Center (ASEC) said in a report published last week. “They then used PowerCat, an open-source First…
-
ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access
Tags: access, cve, exploit, flaw, intelligence, malware, microsoft, open-source, service, threat, update, vulnerability, windowsA recently patched security flaw in Microsoft Windows Server Update Services (WSUS) has been exploited by threat actors to distribute malware known as ShadowPad.”The attacker targeted Windows Servers with WSUS enabled, exploiting CVE-2025-59287 for initial access,” AhnLab Security Intelligence Center (ASEC) said in a report published last week. “They then used PowerCat, an open-source First…
-
SonicWall flags SSLVPN flaw allowing firewall crashes
SonicWall warns of a high-severity buffer overflow flaw in SonicOS SSLVPN (CVE-2025-40601) that lets attackers crash Gen7 and Gen8 firewalls. A new high-severity SonicOS SSLVPN flaw, tracked as CVE-2025-40601 (CVSS score of 7.5), allows attackers to crash SonicWall Gen7 and Gen8 firewalls. SonicWall is urging all customers to apply patches immediately, as the issue stems…
-
Windows 11 24H2/Windows Server 2025: ZScaler über kritischen Grafik-Bug CVE-2025-50165
In Windows 11 24H2 sowie in Windows Server 2025 gab es eine kritische Schwachstelle CVE-2025-50165 in den Windows Grafik-Komponenten. Die im August 2025 geschlossene Schwachstelle ist mit einem CVSS 3.1-Score von 9,8 bewertet worden und ermöglichte eine Remote Code Execution … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/23/windows-11-24h2-windows-server-2025-zscaler-ueber-kritischen-grafik-bug-cve-2025-50165/
-
CISA Issues Warning as Hackers Target Oracle Identity Manager RCE Flaw
Tags: authentication, cisa, cve, cyber, cybersecurity, exploit, flaw, hacker, identity, infrastructure, kev, oracle, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new Oracle vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that attackers are already exploiting it in real-world attacks. The bug, tracked as CVE-2025-61757, affects Oracle Identity Manager, part of Oracle Fusion Middleware. The flaw is rated as a “missing authentication for critical…
-
Metasploit Releases New Exploit for Fresh FortiWeb 0-Day Vulnerabilities
Tags: authentication, cve, cyber, exploit, firewall, flaw, fortinet, injection, remote-code-execution, vulnerability, waf, zero-dayRapid7’s Metasploit team has released a new exploit module targeting critical zero-day vulnerabilities in Fortinet’s FortiWeb web application firewall, chaining two security flaws to achieve unauthenticated remote code execution with root privileges.”‹ CVE ID Vulnerability Type Affected Product Impact CVE-2025-64446 Authentication Bypass Fortinet FortiWeb Administrative account creation, privilege escalation CVE-2025-58034 Command Injection Fortinet FortiWeb Remote…
-
U.S. CISA adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog
Tags: authentication, cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, oracle, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a an Oracle Fusion Middleware flaw, tracked as CVE-2025-61757 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability is a missing authentication for a critical function that…
-
7-ZIP-Schwachstelle CVE-2025-11001: Exploits und Angriffe, AMD-Nutzer müssen handeln
In der Packer-Software 7-ZIP gibt es (vor Version 25.x) die Schwachstelle CVE-2025-11001 (hatte ich bisher nicht thematisiert). Seit einigen Tagen sind Exploits bekannt und die Schwachstelle wird angegriffen. Nutzer sollten 7-ZIP also unverzüglich patchen. Problem sind aber Anwendungen, in denen … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/22/7-zip-schwachstelle-cve-2025-11001-exploits-und-angriffe-amd-nutzer-muessen-handeln/
-
CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability
Tags: authentication, cisa, cve, cybersecurity, exploit, flaw, identity, infrastructure, kev, oracle, vulnerability, zero-dayThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability in question is CVE-2025-61757 (CVSS score: 9.8), a case of missing authentication for a critical function that can result in pre-authenticated First seen…
-
Critical Azure Bastion Vulnerability Lets Attackers Bypass Login and Escalate Privileges
A critical authentication bypass vulnerability in Azure Bastion, its managed remote access service, enables attackers to escalate privileges to administrative levels with a single network request. The vulnerability, designated CVE-2025-49752, affects all Azure Bastion deployments and received an emergency security patch on November 20, 2025. Attribute Details CVE ID CVE-2025-49752 Vulnerability Type Authentication Bypass /…
-
CISA warns Oracle Identity Manager RCE flaw is being actively exploited
Tags: attack, cisa, cve, cybersecurity, exploit, flaw, government, identity, infrastructure, oracle, rce, remote-code-execution, updateThe U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning government agencies to patch an Oracle Identity Manager tracked as CVE-2025-61757 that has been exploited in attacks, potentially as a zero-day. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-oracle-identity-manager-rce-flaw-is-being-actively-exploited/
-
CISA warns Oracle Identity Manager RCE flaw is being actively exploited
Tags: attack, cisa, cve, cybersecurity, exploit, flaw, government, identity, infrastructure, oracle, rce, remote-code-execution, updateThe U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning government agencies to patch an Oracle Identity Manager tracked as CVE-2025-61757 that has been exploited in attacks, potentially as a zero-day. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-oracle-identity-manager-rce-flaw-is-being-actively-exploited/
-
Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation
Grafana has released security updates to address a maximum severity security flaw that could allow privilege escalation or user impersonation under certain configurations.The vulnerability, tracked as CVE-2025-41115, carries a CVSS score of 10.0. It resides in the System for Cross-domain Identity Management (SCIM) component that allows automated user provisioning and management. First First seen on…
-
Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation
Grafana has released security updates to address a maximum severity security flaw that could allow privilege escalation or user impersonation under certain configurations.The vulnerability, tracked as CVE-2025-41115, carries a CVSS score of 10.0. It resides in the System for Cross-domain Identity Management (SCIM) component that allows automated user provisioning and management. First First seen on…
-
Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation
Grafana has released security updates to address a maximum severity security flaw that could allow privilege escalation or user impersonation under certain configurations.The vulnerability, tracked as CVE-2025-41115, carries a CVSS score of 10.0. It resides in the System for Cross-domain Identity Management (SCIM) component that allows automated user provisioning and management. First First seen on…
-
Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation
Grafana has released security updates to address a maximum severity security flaw that could allow privilege escalation or user impersonation under certain configurations.The vulnerability, tracked as CVE-2025-41115, carries a CVSS score of 10.0. It resides in the System for Cross-domain Identity Management (SCIM) component that allows automated user provisioning and management. First First seen on…