Tag: cve
-
U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScalervulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added Citrix NetScaler vulnerability, tracked as CVE-2025-6543, to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2025-6543 (CVSS score of 9.2) is a memory overflow vulnerability in NetScaler ADC and NetScaler Gateway when configured…
-
Top 5 High-Risk CVEs of June 2025
Each month brings a flood of vulnerability disclosures. But only a few truly matter. The ones being exploited. The ones buried in critical systems. The ones that could take down… The post Top 5 High-Risk CVEs of June 2025 appeared first on Strobes Security. First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2025/06/top-5-high-risk-cves-of-june-2025/
-
Hackers Leverage Critical Langflow Flaw to Deploy Flodrix Botnet and Seize System Control
Tags: ai, botnet, control, cve, cvss, cyber, cyberattack, exploit, flaw, framework, hacker, rce, remote-code-execution, vulnerabilityA sophisticated cyberattack campaign has emerged, exploiting a critical vulnerability in Langflow, a widely-used Python-based framework for building AI applications, to deploy the destructive Flodrix botnet. Identified as CVE-2025-3248 and carrying a near-perfect CVSS score of 9.8, this unauthenticated remote code execution (RCE) flaw impacts Langflow versions prior to 1.3.0. Unveiling a Severe RCE Vulnerability…
-
CitrixBleed 2 might be actively exploited (CVE-2025-5777)
While Citrix has observed some instances where CVE-2025-6543 has been exploited on vulnerable NetScaler networking appliances, the company still says that they don’t … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/30/citrixbleed-2-might-be-actively-exploited-cve-2025-5777/
-
Gefährliche Lücke in Brother-Druckern
Tags: access, authentication, bug, ceo, cve, cvss, cybersecurity, data-breach, firmware, jobs, network, service, update, vulnerability, wifiEine Schwachstelle in Brother-Druckern zur Umgehung der Authentifizierung kann mit einer anderen Lücke gekoppelt werden, um Code auf den betroffenen Geräten remote auszuführen.Brother Industries hat mit einer kritischen Sicherheitslücke zu kämpfen, die Hunderte verschiedener Druckermodelle betrifft. Diese Schwachstelle ermöglicht in Verbindung mit einer weiteren Lücke die Ausführung von nicht authentifiziertem Remote-Code (RCE) auf den Geräten.Das…
-
Citrix Bleed Teil 2: Wird Schwachstelle CVE-20255777 bereits ausgenutzt?
Die Tage hatte ich über gravierende Schwachstellen in Citrix NetScaler ADC und das NetScaler Gateway berichtet, die zeitnah gepatcht werden sollten. Zum 23. Juni 2025 wurde die Beschreibung der Sicherheitslücke CVE-20255777 (CVSS 9.3) geändert, diese ist noch kritischer als gedacht. … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/30/citrix-bleed-teil-2-wird-schwachstelle-cve-2025-5777-bereits-ausgenutzt/
-
Gefährliche Lücke in Brother Druckern
Tags: access, authentication, bug, ceo, cve, cvss, cybersecurity, data-breach, firmware, jobs, network, service, update, vulnerability, wifiEine Schwachstelle in Brother Druckern zur Umgehung der Authentifizierung kann mit einer anderen Lücke gekoppelt werden, um Remotecode auf den betroffenen Geräten auszuführen.Brother Industries hat mit einer kritischen Sicherheitslücke zu kämpfen, die Hunderte verschiedener Druckermodelle betrifft. Diese Schwachstelle ermöglicht in Verbindung mit einer weiteren Lücke die Ausführung von nicht authentifiziertem Remote-Code (RCE) auf den Geräten.Das…
-
Beyond CVE: The hunt for other sources of vulnerability intel
Tags: advisory, application-security, china, cisa, cve, cyber, cybersecurity, data, exploit, flaw, github, government, guide, infrastructure, intelligence, kev, microsoft, nvd, oracle, ransomware, risk, siem, soar, software, threat, tool, update, vulnerability, zero-dayCurrent alternatives include diverse vendor sources: Independent providers of aggregated vulnerability information such as Flashpoint, VulnCheck, Tenable, BitSight and others are another option. Many of these vendors offer curated datasets that capture vulnerabilities often missed or delayed by CVE, Lefkowitz points out. They also offer critical context such as exploitability, ransomware risk, and social risk.”To…
-
CVE-2025-5777, CVE-2025-6543: Frequently Asked Questions About CitrixBleed 2 and Citrix NetScaler Exploitation
Frequently asked questions about recent Citrix NetScaler ADC and Gateway vulnerabilities that have reportedly been exploited in the wild, including CVE-2025-5777 known as CitrixBleed 2. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding CVE-2025-5777 and CVE-2025-6543, two Citrix NetScaler ADC and Gateway vulnerabilities that have…
-
TeamViewer-Schwachstelle CVE-2025-36537 im Remote Management
Noch ein kurzer Nachtrag von dieser Woche betreffs der Fernwartungssoftware TeamViewer. Deren Entwickler haben bereits zum 24. Juni 2025 eine Sicherheitswarnung vor einer kritischen Schwachstelle (CVE-2025-36537) im TeamViewer Remote Management unter Windows vermeldet. Patchen ist angesagt. TeamViewer-Schwachstelle CVE-2025-36537 Die Schwachstelle CVE-2025-36537 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/27/teamviewer-schwachstelle-cve-2025-36537-im-remote-management/
-
Some Brother printers have a remote code execution vulnerability, and they can’t fix it
The centerpiece of Rapid7’s disclosure is CVE-2024-51978, a vulnerability rated critical (CVSS 9.8 out of 10) that enables attackers to derive the default administrator password from the device’s serial number.While another of the discovered flaws, a medium severity information disclosure vulnerability (CVE-2024-51977), potentially allows an attacker to leak the prerequisite unique serial number via the…
-
Frequently Asked Questions About Iranian Cyber Operations
Tags: access, advisory, api, apt, attack, authentication, awareness, cisa, cloud, credentials, cve, cyber, cybersecurity, data, data-breach, defense, dos, exploit, finance, framework, government, group, Hardware, identity, infrastructure, injection, Internet, iran, ivanti, malware, mfa, microsoft, middle-east, military, mitre, monitoring, network, password, ransomware, rce, remote-code-execution, risk, service, software, supply-chain, tactics, technology, terrorism, threat, tool, update, vpn, vulnerability, windowsTenable’s Research Special Operations team focuses on some frequently asked questions about Iranian cyber operations, including the tactics, techniques and procedures employed by Iran-based threat actors. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding Iranian cyber operations in the wake of the recent conflict and…
-
Hunt Electronic DVR Vulnerability Leaves Admin Credentials Unprotected
A newly disclosed critical vulnerability in Hunt Electronics’ hybrid DVRs has left thousands of surveillance systems dangerously exposed, with administrator credentials accessible in plaintext to anyone on the internet. Security researchers have assigned this flaw the identifier CVE-2025-6561, and it carries a maximum CVSS severity score of 9.8, underscoring the urgent need for immediate action…
-
Mitsubishi Electric AC Flaw Lets Hackers Remotely Control Systems
A critical security vulnerability has been discovered in multiple Mitsubishi Electric air conditioning systems, potentially allowing hackers to bypass authentication and remotely control affected units. The flaw, identified as CVE-2025-3699, was disclosed by Mitsubishi Electric on June 26, 2025, and has been assigned a maximum CVSS base score of 9.8, indicating its severity. Authentication Bypass…
-
MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted
Threat intelligence firm GreyNoise is warning of a “notable surge” in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025″, suggesting that attackers may be preparing for another mass exploitation campaign or probing for unpatched systems.MOVEit Transfer is a popular managed file transfer solution used by businesses and government agencies to share sensitive…
-
IBM WebSphere Application Server Flaw Enables Arbitrary Code Execution
A severe security flaw has been identified in IBM WebSphere Application Server, potentially allowing remote attackers to execute arbitrary code on affected systems. Tracked under CVE-2025-36038, this vulnerability stems from a deserialization of untrusted data issue, classified under CWE-502. IBM has assigned a critical CVSS Base Score of 9 to this flaw, with a vector…
-
The Toxic Cloud Trilogy: Why Your Workloads Are a Ticking Time Bomb
Tags: access, attack, breach, business, cloud, container, credentials, cve, data, data-breach, detection, exploit, group, iam, identity, infrastructure, Internet, least-privilege, mitigation, monitoring, network, remote-code-execution, risk, service, vulnerabilityDon’t let hidden cloud risks become tomorrow’s headline breach. The time to dismantle the toxic cloud trilogy is now. Here’s how Tenable Cloud Security can help. In today’s cloud environments, individual misconfigurations or vulnerabilities are dangerous, but it’s their combinations that can lead to catastrophic breaches. The Tenable Cloud Security Risk Report 2025 reveals that…
-
Gogs Remote Command Execution Vulnerability (CVE-2024-56731)
Overview Recently, NSFOCUS CERT detected that Gogs issued a security bulletin and fixed the Gogs remote command execution vulnerability (CVE-2024-56731); Due to the incomplete CVE-2024-39931 fix, an authenticated attacker can delete files in the .git directory through symbolic links and execute arbitrary commands on the Gogs instance using the account permissions specified by RUN_USER in…The…
-
Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access
Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could permit an unauthenticated attacker to execute arbitrary commands as the root user.The vulnerabilities, assigned the CVE identifiers CVE-2025-20281 and CVE-2025-20282, carry a CVSS score of 10.0 each. A description of the defects…
-
SAP-Schwachstellen gefährden Windows-Nutzerdaten
Tags: access, compliance, cve, cvss, cyberattack, encryption, fortinet, GDPR, PCI, phishing, risk, sap, spear-phishing, update, vulnerability, windowsSchwachstellen in SAP GUI geben sensible Daten durch schwache oder fehlende Verschlüsselung preis.Die Forscher Jonathan Stross von Pathlock, und Julian Petersohn von Fortinet warnen vor zwei neuen Sicherheitslücken in einer Funktion von SAP GUI, die für die Speicherung der Benutzereingaben in den Windows- (CVE-2025-0055) und Java-Versionen (CVE-2025-0056) zuständig ist .Dadurch werden sensible Informationen wie Benutzernamen,…
-
Cisco fixed critical ISE flaws allowing Root-level remote code execution
Cisco released patches to address two critical vulnerabilities in ISE and ISE-PIC that could let remote attackers execute to code as root. Cisco addressed two critical vulnerabilities, tracked as CVE-2025-20281 and CVE-2025-20282, in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could allow remote, unauthenticated attackers to execute arbitrary code with root…
-
HPE OneView for VMware vCenter Vulnerability Allows Elevated Access
Hewlett Packard Enterprise (HPE) has issued a critical security bulletin warning customers of a significant vulnerability in its OneView for VMware vCenter (OV4VC) software. The flaw, tracked as CVE-2025-37101, could allow attackers with only read-only privileges to escalate their access and perform administrative actions, putting enterprise IT environments at risk. Vulnerability Overview The vulnerability, detailed…
-
IBM i Vulnerability Allows Attackers to Escalate Privileges
A critical security vulnerability has been identified in IBM i, potentially allowing attackers to escalate privileges and execute arbitrary code with administrator rights. The flaw, tracked as CVE-2025-36004, affects IBM Facsimile Support for i across multiple versions of the IBM i operating system, raising concerns for organizations relying on this platform for business-critical operations. Vulnerability…
-
CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet
Tags: authentication, cisa, cve, cybersecurity, exploit, flaw, fortinet, infrastructure, kev, router, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added three security flaws, each impacting AMI MegaRAC, D-Link DIR-859 router, and Fortinet FortiOS, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The list of vulnerabilities is as follows -CVE-2024-54085 (CVSS score: 10.0) – An authentication bypass by spoofing First seen…
-
WinRAR patches bug letting malware launch from extracted archives
WinRAR has addressed a directory traversal vulnerability tracked as CVE-2025-6218 that, under certain circumstances, allows malware to be executed after extracting a malicious archive. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/winrar-patches-bug-letting-malware-launch-from-extracted-archives/
-
Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC
Citrix has released security updates to address a critical flaw affecting NetScaler ADC that it said has been exploited in the wild.The vulnerability, tracked as CVE-2025-6543, carries a CVSS score of 9.2 out of a maximum of 10.0.It has been described as a case of memory overflow that could result in unintended control flow and…
-
Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure
Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to access sensitive information under certain conditions.The vulnerabilities, tracked as CVE-2025-0055 and CVE-2025-0056 (CVSS scores: 6.0), were patched by SAP as part of its monthly updates for January First…
-
SAP GUI flaws expose sensitive data via weak or no encryption
Tags: attack, breach, cve, data, encryption, exploit, flaw, phishing, sap, spear-phishing, threat, update, vulnerability, windowsThe impact could be much greater: Dani noted that a breach through these vulnerabilities can facilitate further targeted attacks. “Not undermining the fact that this extracted data provides attackers with enough gunpowder for reconnaissance activities, a threat actor could comprehend organizational structure, usage patterns, and system configurations from the exploitation of these vulnerabilities and weaponize…
-
Citrix Bleed Teil 2: Schwachstelle CVE-20255777 weitet sich aus
Ist jemand unter der Leserschaft für Citrix NetScaler ADC und das NetScaler Gateway als Administrator verantwortlich. Die Tage hatte ich über gravierende Schwachstellen berichtet, die zeitnah geschlossen werden sollten. Nun hat Citrix die Beschreibung von CVE-20255777 geändert, die Sicherheitslücke (CVSS … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/25/citrix-bleed-teil-2-schwachstelle-cve-2025-5777-weitet-sich-aus/
-
CentOS Web Panel Vulnerability Allows Remote Code Execution PoC Released
A critical security vulnerability has been discovered in CentOS Web Panel (CWP), a widely used web hosting management solution. The flaw, tracked as CVE-2025-48703, allows unauthenticated attackers to execute arbitrary commands on affected systems, potentially leading to full server compromise. A proof-of-concept (PoC) exploit demonstrating remote code execution (RCE) has been publicly released, raising concerns…