Tag: cve
-
Android Issues Security Update to Patch Actively Exploited 0-Day Flaws
Google has released a criticalAndroid Security Bulletinfor September 2025, addressing multiple high-severity vulnerabilities that are currently being actively exploited in the wild. The security patch level2025-09-05or later is required to protect Android devices from these serious threats. The security bulletin reveals thattwo CVEs are under limited, targeted exploitation, making this update particularly urgent for Android…
-
Android Issues Security Update to Patch Actively Exploited 0-Day Flaws
Google has released a criticalAndroid Security Bulletinfor September 2025, addressing multiple high-severity vulnerabilities that are currently being actively exploited in the wild. The security patch level2025-09-05or later is required to protect Android devices from these serious threats. The security bulletin reveals thattwo CVEs are under limited, targeted exploitation, making this update particularly urgent for Android…
-
IIS WebDeploy RCE Vulnerability Gets Public PoC
A newly disclosed remote code execution (RCE) vulnerability in Microsoft’s IIS Web Deploy toolchain has captured industry attention after the release of a public proof-of-concept. Tracked as CVE-2025-53772, this flaw resides in the unsafe deserialization logic of the msdeployagentservice and msdeploy.axd endpoints, allowing authenticated attackers to run arbitrary code on vulnerable web servers. IIS Web…
-
CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation
Tags: authentication, cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, vulnerability, wifiThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity security flaw impacting TP-Link TL-WA855RE Wi-Fi Ranger Extender products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability, CVE-2020-24363 (CVSS score: 8.8), concerns a case of missing authentication that could be abused to obtain First seen on thehackernews.com…
-
Gitblit Authentication Bypass Vulnerability (CVE-2024-28080)
Overview Recently, NSFOCUS CERT detected that Gitblit issued a security announcement and fixed the Gitblit authentication bypass vulnerability (CVE-2024-28080); Because Gitblit’s SSH service has defects in the public key authentication process, unauthenticated attackers can use the client’s public key to trigger signature verification failure and fall back to password-based authentication to complete SSH login with…The…
-
Top CVEs Vulnerabilities of August 2025- Risks, Impacts Fixes
August 2025 saw critical CVEs surface, including high-impact flaws in WinRAR and Microsoft SharePoint. This blog highlights the most urgent vulnerabilities, their potential business risks, and the patch actions security teams should prioritize to stay ahead of threats. The post Top CVEs & Vulnerabilities of August 2025- Risks, Impacts & Fixes appeared first on Strobes…
-
HashiCorp Vault Vulnerability Allows Attackers to Crash Servers
A critical vulnerability in HashiCorp Vault”, tracked as CVE-2025-6203 and HCSEC-2025-24″, has been disclosed that allows malicious actors to submit specially crafted payloads capable of exhausting server resources and rendering Vault instances unresponsive. The flaw affects both Vault Community and Enterprise editions, spanning versions 1.15.0 through 1.20.2 (with select earlier patch versions), and was publicly…
-
Authenticated Attackers Could Exploit IBM Watsonx Vulnerability to Access Sensitive Data
A newly disclosed security vulnerability, tracked as CVE-2025-0165, has been reported, specifically concerning the users of the IBM Watsonx Orchestrate Cartridge within the IBM Cloud Pak for Data platform. The flaw, officially acknowledged in a security bulletin released by IBM on August 31, 2025, enables blind SQL injection attacks, potentially allowing authenticated attackers to manipulate…
-
SUSE Fleet: Plain Text Storage of Vulnerability Exploit Helm Values
A high-severity vulnerability in SUSE’s Fleet, a GitOps management tool for Kubernetes clusters, has been disclosed by security researcher samjustus via GitHub Security Advisory GHSA-6h9x-9j5v-7w9h. The vulnerability, tracked as CVE-2024-52284, allows Helm chart values”, often containing sensitive credentials”, to be stored inside BundleDeployment resources in plain text, exposing them to any user with GET or…
-
SUSE Fleet: Plain Text Storage of Vulnerability Exploit Helm Values
A high-severity vulnerability in SUSE’s Fleet, a GitOps management tool for Kubernetes clusters, has been disclosed by security researcher samjustus via GitHub Security Advisory GHSA-6h9x-9j5v-7w9h. The vulnerability, tracked as CVE-2024-52284, allows Helm chart values”, often containing sensitive credentials”, to be stored inside BundleDeployment resources in plain text, exposing them to any user with GET or…
-
Critical Next.js Flaw Lets Attackers Bypass Authorization Controls
A newly disclosed critical vulnerability in the Next.js framework, tracked as CVE-2025-29927, allows unauthenticated attackers to bypass middleware-based authorization checks by exploiting improper handling of the x-middleware-subrequest HTTP header. This flaw impacts all versions of Next.js that rely on this header to differentiate between internal subrequests and external traffic, risking exposure of protected routes and administrative interfaces.…
-
Linux UDisks Daemon Vulnerability Lets Attackers Access Privileged User Files
Red Hat has disclosed a critical security flaw in the Udisks daemon that allows unprivileged users to exploit an out-of-bounds read vulnerability and gain access to files owned by privileged accounts. The vulnerability, tracked as CVE-2025-8067, was publicly released on August 28, 2025, and has been classified with an Important severity rating by Red Hat Product Security.…
-
FreePBX: CVE-2025-57819 (CVSS 10.0); 6620 ungepatchte Telefonanlagen
In Telefonanlagen mit der Software FreePBX gibt es die Schwachstelle CVE-2025-57819 mit einem CVSS Index von 10.0. Da brennt bildlich gesprochen die Hütte, und die Anlagen müssten unverzüglich gepatcht werden. Die Sicherheitsforscher von The Shadowserver Foundation haben das Internet gescannt … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/01/freepbx-cve-2025-57819-cvss-10-0-6620-ungepatchte-telefonanlagen/
-
Netskope Windows Client Vulnerability Enables Privilege Escalation via Rogue Server
A serious security vulnerability in Netskope’s Windows client has been discovered that could allow attackers to escalate privileges from a low-privileged user to full system-level access. The flaw, tracked as CVE-2025-0309, affects all versions of the Netskope Windows client prior to version R129 and has prompted the company to release urgent security updates. Exploiting Rogue…
-
WhatsApp Patches Zero-Click Exploit Targeting iOS and macOS Devices
WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks.The vulnerability, CVE-2025-55177 (CVSS score: 8.0 [CISA-ADP]/5.4 [Facebook]), relates to a case of insufficient authorization of linked device synchronization…
-
Citrix 0-Day Flaw Under Active Exploitation Since May
Tags: attack, citrix, cve, cyber, exploit, flaw, government, remote-code-execution, vulnerability, zero-daySecurity researcher Kevin Beaumont has revealed alarming details about CVE-2025-6543, a critical Citrix NetScaler vulnerability that was actively exploited as a zero-day attack for months before the company issued patches. What Citrix initially downplayed as a simple >>denial of service
-
WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices
WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks.The vulnerability, CVE-2025-55177 (CVSS score: 8.0), relates to a case of insufficient authorization of linked device synchronization messages. Internal…
-
Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks
Tags: access, advisory, attack, authentication, china, cisa, cisco, credentials, cve, cyber, cybersecurity, data, espionage, exploit, firewall, fortinet, germany, government, identity, infrastructure, injection, ivanti, kev, malicious, microsoft, military, mitigation, mitre, network, remote-code-execution, risk, software, tactics, threat, update, vulnerability, zero-dayAn analysis of Tenable telemetry data shows that the vulnerabilities being exploited by Chinese state-sponsored actors remain unremediated on a considerable number of devices, posing major risk to the organizations that have yet to successfully address these flaws. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ)…
-
WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices
WhatsApp has issued a critical security advisory addressing a newly discovered zero-day vulnerability, tracked as CVE-2025-55177, which has been exploited in highly sophisticated zero-click attacks targeting Mac and iOS users. The vulnerability, combined with an OS-level flaw (CVE-2025-43300), has raised alarms about the potential compromise of user devices and data, including sensitive messages. Vulnerability Details…
-
Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution
Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution. The flaws, per watchTowr Labs, are listed below -CVE-2025-53693 – HTML cache poisoning through unsafe reflectionsCVE-2025-53691 – Remote code execution (RCE) through insecure deserializationCVE-2025-53694 – First seen on thehackernews.com Jump to…
-
Experts warn of actively exploited FreePBX zero-day
Sangoma warns of an actively exploited FreePBX zero-day affecting systems with publicly exposed admin control panels. The Sangoma FreePBX Security Team addressed an actively exploited FreePBX zero-day vulnerability, tracked as CVE-2025-57819 (CVSS score of 10.0), impacting systems with an internet-facing administrator control panel (ACP). FreePBXis an open-source telephony software platform that provides a web-based graphical…
-
Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page
Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates to address an authentication bypass vulnerability in its software.The issue, which is yet to be assigned a CVE identifier, has been addressed in Passwordstate 9.9 (Build 9972), released August 28, 2025.The Australian company said it fixed a “potential First…
-
CrushFTP Schwachstelle CVE-2025-54309 wird ausgenutzt
Jemand aus der Blog-Leserschaft, der das Programm CrushFTP zum Dateitransfer verwendet? Seit Juli 2025 ist die Schwachstelle CVE-2025-54309 bekannt und gefixt. Nun ist mir eine Meldung untergekommen, dass Hacker die Schwachstelle über Exploits adressieren. Was ist CrushFTP? CrushFTP ist ein … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/08/29/crushftp-schwachstelle-cve-2025-54309-wird-ausgenutzt/
-
Cisco IMC Virtual Keyboard Vulnerability Allows Attackers to Redirect Users to Malicious Websites
Cisco has released urgent security updates to remediate a high-severity vulnerability in its Integrated Management Controller (IMC) virtual keyboard video monitor (vKVM) module that could allow unauthenticated, remote attackers to hijack sessions and redirect users to malicious websites. The flaw, tracked as CVE-2025-20317, carries a CVSS base score of 7.1 and affects a wide range…
-
CISA Issues Alert on Citrix NetScaler 0-Day RCE Exploited in the Wild
Tags: cisa, citrix, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert after detecting active exploitation of a critical zero-day remote code execution (RCE) vulnerability in Citrix NetScaler devices. Designated CVE-2025-7775, the flaw stems from a memory overflow in NetScaler’s traffic management subsystem and was recently added to CISA’s Known Exploited Vulnerabilities (KEV) Catalog. Evidence…
-
Attackers exploiting NetScaler ADC and Gateway zero day flaw, Citrix warns
Tags: access, advisory, attack, authentication, backdoor, citrix, control, country, cve, cvss, cyber, cybersecurity, exploit, flaw, group, infrastructure, mitigation, rce, remote-code-execution, service, update, vulnerability, zero-dayNetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or service groups bound with IPv6 servers, and those bound with DBS IPv6 services or…
-
Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE-2025-7775
Over 28,200 Citrix NetScaler ADC/Gateway instances remain exposed to critical RCE flaw CVE-2025-7775, already under active exploitation. Experts at the Shadowserver Foundation warn that more than 28,200 Citrix instances are vulnerable to the vulnerability CVE-2025-7775, which is under active exploitation. CVE-2025-7775 (CVSS score: 9.2) is a memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service.…
-
U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler flaw, tracked as CVE-2025-7775, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Citrix addressed three security flaws (CVE-2025-7775, CVE-2025-7776, CVE-2025-8424) in NetScaler ADC and NetScaler Gateway, including one (CVE-2025-7775) that it…