Tag: cve
-
Critical SAP NetWeaver Vuln Faces Barrage of Cyberattacks
As threat actors continue to hop on the train of exploiting CVE-2025-31324, researchers are recommending that SAP administrators patch as soon as possible so that they don’t fall victim next. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/critical-sap-netweaver-vuln-cyberattacks
-
CISA Alerts on Active Exploitation of Zero-Day Vulnerability in Multiple Fortinet Products
Tags: cisa, communications, cve, cyber, cybersecurity, detection, email, exploit, fortinet, infrastructure, network, vulnerability, zero-dayThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding five zero-day vulnerabilities affecting multiple Fortinet products, after evidence emerged of active exploitation in the wild. The vulnerabilities, tracked as CVE-2025-32756, impact Fortinet’s FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera platforms, widely used in enterprise environments for unified communications, email, network detection,…
-
Node.js Vulnerability Enables Attackers to Crash Processes and Disrupt Services
Node.js project has released a critical security update addressing several vulnerabilities that could allow attackers to crash server processes and disrupt critical services. The security fixes, announced on May 14, 2025 by Node.js maintainer RafaelGSS, affect multiple release lines (LTS and Current) and target issues identified as CVE-2025-23166, CVE-2025-23167, and CVE-2025-23165. The updates are immediately…
-
Stealth RAT uses a PowerShell loader for fileless attacks
Threat actors have been spotted using a PowerShell-based shellcode loader to stealthily deploy Remcos RAT, a popular espionage-ready tool in line with a broader shift toward fileless techniques.As discovered by Qualys, the campaign executes a number of steps to phish an obfuscated .HTA (HTML Application) file that runs layered PowerShell scripts entirely in memory.”The attackers…
-
Ivanti Fixes RCE and Auth Bypass Vulnerabilities in Endpoint Manager Mobile
Tags: cve, endpoint, exploit, ivanti, mobile, rce, remote-code-execution, risk, software, vulnerabilityIvanti has released security patches to address two vulnerabilities in its Endpoint Manager Mobile (EPMM) software, which were being actively exploited in limited attacks. These vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, have the potential to allow attackers to execute remote code on vulnerable systems, posing a severe risk to organizations using the software. First seen…
-
European Vulnerability Database is Live: What This ‘Essential Tool’ Offers Security Experts
The announcement comes after concerns that the US government would stop funding the operations of MITRE, the nonprofit behind the CVE database. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-european-vulnerability-database/
-
Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit
Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild.The vulnerability, tracked as CVE-2025-4632 (CVSS score: 9.8), has been described as a path traversal flaw.”Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052…
-
As US CVE Database Fumbles, EU ‘Replacement’ Goes Live
Diesen Kuß der ganzen Welt! European Union Vulnerability Database (EUVD) launches this week. And not a moment too soon. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/euvd-launch-cve-richixbw/
-
New Adobe Photoshop Vulnerability Enables Arbitrary Code Execution
Adobe has released critical security updates addressing three high-severity vulnerabilities (CVE-2025-30324, CVE-2025-30325, CVE-2025-30326) in Photoshop 2024 and 2025 that could enable arbitrary code execution on Windows and macOS systems. The flaws, discovered by external researcher yjdfy through Adobe’s HackerOne bug bounty program, involve memory corruption risks stemming from integer manipulation and uninitialized pointer access. While…
-
Severe Adobe Illustrator Flaw Allows Remote Code Execution
Adobe has issued an urgent security update for its widely used graphic design software, Adobe Illustrator, following the discovery of a critical heap-based buffer overflow vulnerability tracked as CVE-2025-30330. This flaw, which allows arbitrary code execution on affected systems, impacts both Windows and macOS versions of Illustrator 2024 and 2025. Rated with a CVSS score…
-
Critical Vulnerability in Windows Remote Desktop Gateway Allows DenialService Attacks
Microsoft has disclosed two critical vulnerabilities in its Remote Desktop Gateway (RDG) service, posing significant risks to organizational networks. CVE-2025-26677 and CVE-2025-29831, both rated Important by Microsoft, enable denial-of-service (DoS) attacks and remote code execution (RCE), respectively. These flaws, patched in Microsoft’s May 2025 security update, underscore persistent challenges in securing remote access infrastructure. Security…
-
Neue EU-Schwachstellen-Datenbank geht an den Start
Tags: bug, cve, cvss, cybersecurity, cyersecurity, governance, government, infrastructure, mitre, nis-2, risk, sap, software, technology, tool, vulnerabilityDie neue EU-Schwachstellen-Datenbank EUVD soll das CVE-Programm ergänzen.Seit dieser Woche verfügt die Technologiebranche über eine neue Datenbank, um die neuesten Sicherheitslücken in Software zu überprüfen: die European Union Vulnerability Database (EUVD). Das Programm wurde von der Europäischen Agentur für Cybersicherheit (ENISA) zur Umsetzung der EU-Cybersicherheitsrichtlinie NIS2 eingerichtet.Hier stellt sich die Frage: Warum braucht es ein…
-
Microsoft tackles 5 Windows zero-days on May Patch Tuesday
The company addresses 72 unique CVEs this month, but several AI features bundled in a larger-than-usual update could bog down some networks. First seen on techtarget.com Jump to article: www.techtarget.com/searchwindowsserver/news/366623978/Microsoft-tackles-5-Windows-zero-days-on-May-Patch-Tuesday
-
INE Security Alert: Continuous CVE Practice Closes Critical Gap Between Vulnerability Alerts and Effective Defense
Cary, North Carolina, 14th May 2025, CyberNewsWire First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/ine-security-alert-continuous-cve-practice-closes-critical-gap-between-vulnerability-alerts-and-effective-defense/
-
CVE Foundation eyes year-end launch following 11th-hour rescue of MITRE program
An apparent bureaucratic contract snafu has sparked a fire under experts trying to save the CVE program from the precarity of a single government funder. One rival to the existing program says it is ready to launch in December. First seen on cyberscoop.com Jump to article: cyberscoop.com/cve-program-funding-crisis-cve-foundation-mitre/
-
INE Security Alert: Continuous CVE Practice Closes Critical Gap Between Vulnerability Alerts and Effective Defense
Cary, North Carolina, 14th May 2025, CyberNewsWire First seen on hackread.com Jump to article: hackread.com/ine-security-alert-continuous-cve-practice-closes-critical-gap-between-vulnerability-alerts-and-effective-defense/
-
Microsoft Alerts on AD CS Flaw Enabling Remote DenialService Attacks
Microsoft has issued a security advisory for a newly identified vulnerability in Active Directory Certificate Services (AD CS), tracked as CVE-2025-29968, which could allow authenticated attackers to disrupt critical certificate management operations over a network. Rated Important with a CVSS v3.1 score of 6.5, the flaw stems from improper input validation (CWE-20) and enables denial-of-service…
-
Chinese Hackers Exploit SAP NetWeaver Zero-Day Vulnerability to Target Critical Infrastructure
Tags: china, cve, cyber, espionage, exploit, flaw, hacker, infrastructure, remote-code-execution, sap, threat, vulnerability, zero-dayEclecticIQ analysts have uncovered a sophisticated cyber-espionage campaign orchestrated by China-nexus nation-state Advanced Persistent Threats (APTs) targeting critical infrastructure worldwide. In April 2025, these threat actors launched a high-tempo exploitation campaign against SAP NetWeaver Visual Composer, exploiting a zero-day vulnerability identified as CVE-2025-31324. This unauthenticated file upload flaw allows remote code execution (RCE), providing attackers…
-
Windows CLFS Zero-Day Vulnerability Actively Exploited in the Wild
Microsoft has disclosed two critical security vulnerabilities in the Windows Common Log File System (CLFS) Driver that are currently being exploited in the wild. Released on May 13, 2025, the vulnerabilities-identified as CVE-2025-32706 and CVE-2025-32701-both allow local privilege escalation and have been classified as >>Important
-
Windows Ancillary for WinSock 0-Day Vulnerability Actively Exploited to Gain Admin Access
Microsoft has confirmed active exploitation of a critical privilege escalation vulnerability in the Windows Ancillary Function Driver for WinSock, tracked as CVE-2025-32709. This use-after-free flaw enables local attackers with basic user privileges to gain SYSTEM-level access, posing significant risks to unpatched systems. First publicly documented on 13 May 2025, the vulnerability carries a base score…
-
New Windows RDP Vulnerability Enables Network-Based Attacks
Microsoft has disclosed two critical vulnerabilities in its Windows Remote Desktop services that could allow attackers to execute arbitrary code on vulnerable systems over a network. Designated CVE-2025-29966 and CVE-2025-29967, these heap-based buffer overflow flaws affect the Windows Remote Desktop Protocol (RDP) and Remote Desktop Gateway (RD Gateway) service, respectively. Both vulnerabilities carry a CVSS…
-
Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems
Fortinet has patched a critical security flaw that it said has been exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems.The vulnerability, tracked as CVE-2025-32756, carries a CVSS score of 9.6 out of 10.0.”A stack-based overflow vulnerability [CWE-121] in FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera may allow a remote unauthenticated attacker to First…
-
Ivanti Patches EPMM Vulnerabilities Exploited for Remote Code Execution in Limited Attacks
Tags: access, attack, authentication, credentials, cve, endpoint, exploit, flaw, ivanti, mobile, remote-code-execution, software, update, vulnerabilityIvanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM) software that have been chained in attacks to gain remote code execution.The vulnerabilities in question are listed below -CVE-2025-4427 (CVSS score: 5.3) – An authentication bypass in Ivanti Endpoint Manager Mobile allowing attackers to access protected resources without proper credentials…
-
CVE-2025-4427, CVE-2025-4428: Ivanti Endpoint Manager Mobile (EPMM) Remote Code Execution
Tags: access, advisory, api, attack, authentication, cve, endpoint, exploit, flaw, ivanti, mobile, open-source, programming, rce, remote-code-execution, software, vulnerability, waf, zero-dayRemote code execution vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks Background On May 13, Ivanti released a security advisory to address a high severity remote code execution (RCE) and a medium severity authentication bypass vulnerability in its Endpoint Manager Mobile (EPMM) product, a…
-
Microsoft’s May 2025 Patch Tuesday Addresses 71 CVEs (CVE-2025-32701, CVE-2025-32706, CVE-2025-30400)
5Critical 66Important 0Moderate 0Low Microsoft addresses 71 CVEs including seven zero-days, five of which were exploited in the wild. Microsoft patched 71 CVEs in its May 2025 Patch Tuesday release, with five rated critical and 66 rated as important. This month’s update includes patches for: .NET, Visual Studio, and Build Tools for Visual Studio Active…
-
What Does EU’s Bug Database Mean for Vulnerability Tracking?
The EU cyber agency ENISA has launched its vulnerability database, the EUVD; security experts shared their thoughts regarding what this means for CVEs, as well as the larger conversation around how bugs are tracked. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/eu-bug-database-vulnerability-tracking
-
Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428)
Attackers have exploited vulnerabilities in open-source libraries to compromise on-prem Ivanti Endpoint Manager Mobile (EPMM) instances of a >>very limited
-
Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428)
Attackers have exploited vulnerabilities in open-source libraries to compromise on-prem Ivanti Endpoint Manager Mobile (EPMM) instances of a >>very limited
-
China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide
Tags: apt, breach, china, cve, exploit, flaw, infrastructure, remote-code-execution, sap, vulnerabilityA recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks.”Actors leveraged CVE-2025-31324, an unauthenticated file upload vulnerability that enables remote code execution (RCE),” EclecticIQ researcher Arda Büyükkaya said in an analysis published today.Targets of the campaign First seen on thehackernews.com Jump to article:…