Tag: cve
-
Apache Tomcat Vulnerability Exploited to Execute Malicious Arbitrary Code on Servers
A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-24813, is being actively exploited in Apache Tomcat servers. Critical RCE Flaw in Apache Tomcat The flaw allows attackers to upload malicious files via unauthenticated HTTP PUT requests, followed by a GET request to trigger deserialization, leading to arbitrary code execution. Affected versions include Tomcat 9.0.0-M1…
-
NCSC Urges Users to Patch Next.js Flaw Immediately
The UK’s National Cyber Security Agency has called on Next.js users to patch CVE-2025-29927 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ncsc-urges-patch-nextjs-flaw/
-
CISA warns of RESURGE malware exploiting Ivanti flaw
Tags: attack, cisa, cve, cybersecurity, exploit, flaw, infrastructure, ivanti, malicious, malware, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of RESURGE malware, targeting a vulnerability in Ivanti Connect Secure (ICS) appliances. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published a Malware Analysis Report (MAR) on a new malware calledRESURGE. The malicious code has been used in attacks targeting the flaw CVE-2025-0282 in Ivanti Connect…
-
New Security Flaws Found in VMware Tools and CrushFTP, High Risk, PoC Released
Broadcom has issued security patches to address a high-severity security flaw in VMware Tools for Windows that could lead to an authentication bypass.Tracked as CVE-2025-22230, the vulnerability is rated 7.8 on the ten-point Common Vulnerability Scoring System (CVSS).”VMware Tools for Windows contains an authentication bypass vulnerability due to improper access control,” Broadcom said in an…
-
In Other News: Hellcat Hackers Unmasked, CrushFTP Bug Controversy, NYU Hacked
Noteworthy stories that might have slipped under the radar: Key members of Hellcat ransomware group identified, controversy around CrushFTP flaw CVE, NYU website hacked and defaced. The post In Other News: Hellcat Hackers Unmasked, CrushFTP Bug Controversy, NYU Hacked appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/in-other-news-hellcat-hackers-unmasked-crushftp-bug-controversy-nyu-hacked/
-
Mozilla fixed critical Firefox vulnerability CVE-2025-2857
Mozilla addressed a critical vulnerability, tracked as CVE-2025-2857, impacting its Firefox browser for Windows. Mozilla has released security updates to address a critical flaw, tracked as CVE-2025-2857, impacting its Firefox browser for Windows. Recently, Google addressed a similar vulnerability, tracked as CVE-2025-2783, in Chrome that has been actively exploited in the wild as a zero-day.…
-
U.S. CISA adds Google Chromium Mojo flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium Mojo flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added a Google Chromium Mojo sandbox escape vulnerability, tracked as CVE-2025-2783, to its Known Exploited Vulnerabilities (KEV) catalog. This week Google has released out-of-band fixes to address a high-severity security…
-
Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857)
Google’s fixing of CVE-2025-2783, a Chrome zero-day vulnerability exploited by state-sponsored attackers, has spurred Firefox developers to check whether the browser … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/28/critical-firefox-tor-browser-sandbox-escape-flaw-fixed-cve-2025-2857/
-
Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability
Mozilla has released updates to address a critical security flaw impacting its Firefox browser for Windows, merely days after Google patched a similar flaw in Chrome that came under active exploitation as a zero-day.The security vulnerability, CVE-2025-2857, has been described as a case of an incorrect handle that could lead to a sandbox escape.”Following the…
-
CrushFTP CEO’s feisty response to VulnCheck’s CVE for critical makeadmin bug
Screenshot shows company head unhappy, claiming ‘real CVE is pending’ First seen on theregister.com Jump to article: www.theregister.com/2025/03/27/crushftp_cve/
-
Kubernetes Ingress-nginx Remote Code Execution Vulnerability (CVE-2025-1974)
Overview Recently, NSFOCUS CERT detected that Kubernetes issued a security announcement and fixed the Kubernetes Ingress-nginx remote code execution vulnerability (CVE-2025-1974). The Ingress controller deployed in Kubernetes Pod can be accessed through the network without authentication. When the Admission webhook is open, an unauthenticated attacker can remotely inject any nginx configuration by sending a special…The…
-
U.S. CISA adds Sitecore CMS and XP, and GitHub Action flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Sitecore CMS and XP, and GitHub Action flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added [1,2] the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2019-9875 (CVSS score of 8.8) is a Deserialization of Untrusted Data in the anti…
-
CISA Adds Sitecore CMS Code Execution Vulnerability to Exploited List
The Cybersecurity and Infrastructure Security Agency (CISA) has included a critical deserialization vulnerability affecting Sitecore CMS and Experience Platform (XP). This vulnerability, tracked as CVE-2019-9874, allows unauthenticated attackers to execute arbitrary code by manipulating HTTP POST parameters, specifically the __CSRFTOKEN field. The vulnerability exploits a weakness in the Sitecore.Security.AntiCSRF module, enabling malicious actors to send…
-
PoC Exploit Released for Ingress-NGINX RCE Vulnerabilities
A recently disclosed vulnerability in Ingress-NGINX, tracked as CVE-2025-1974, has raised concerns about the security of Kubernetes environments. This vulnerability allows for Remote Code Execution (RCE) through the validating webhook server integrated into Ingress-NGINX. A Proof of Concept (PoC) exploit has been released, demonstrating how attackers could exploit this flaw. CVE-2025-1974 affects versions of Ingress-NGINX…
-
CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The vulnerabilities are listed below -CVE-2019-9874 (CVSS score: 9.8) – A deserialization vulnerability in the Sitecore.Security.AntiCSRF First seen on thehackernews.com Jump to…
-
Exim UseFree Vulnerability Enables Privilege Escalation
A significant security threat has been uncovered in Exim, a popular open-source mail transfer agent (MTA) widely used in Linux distributions. Identified as CVE-2025-30232, this vulnerability allows for a potentially severe form of exploitation known as a use-after-free (UAF). This type of bug can lead to privilege escalation, posing substantial risks for administrators and users…
-
Splunk RCE Vulnerability Enables Remote Code Execution via File Upload
A severe vulnerability in Splunk Enterprise and Splunk Cloud Platform has been identified, allowing for Remote Code Execution (RCE) via file uploads. This exploit can be triggered by a low-privileged user, highlighting significant security risks for affected organizations. Vulnerability Overview: The vulnerability, tracked as CVE-2025-20229, has a CVSSv3.1 score of 8.0, classified as High. The…
-
DrayTek routers face active exploitation of older vulnerabilities
The company’s devices are also randomly rebooting in connection with additional CVEs disclosed earlier this month. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/draytek-routers-exploitation-vulnerabilities/743587/
-
CVE-2025-2783: Chrome Zero-Day Targets Russian Organizations
Google Issues Emergency Patch for Chrome Zero-Day Exploit Google has released an urgent security update for its Chrome browser on Windows after uncovering a critical vulnerability that has already been exploited in the wild. The flaw, tracked as CVE-2025-2783, involves… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-2783-chrome-zero-day/
-
Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication
CVE-2025-22230 is described as an “authentication bypass vulnerability” by Broadcom, allowing hackers to perform high-privilege operations without the necessary credentials. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-vmware-tools-windows-vulnerability/
-
Exploited! Kentico Xperience Staging Service Authentication Bypass Vulnerabilities (CVE-2025-2746 CVE-2025-2747)
Recently, two critical security flaws were discovered in Kentico Xperience 13, a popular digital experience platform (CMS). Tracked as CVE-2025-2746 and CVE-2025-2747, these vulnerabilities allow unauthenticated attackers to bypass the Staging Sync Server’s authentication, potentially gaining administrative control over the CMS. Both issues carry a CVSS score of 9.8 (Critical) (Warning: Multiple Critical & High……
-
Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783)
Google is in the process of rolling out Chrome v134.0.6998.178 to Windows users to fix CVE-2025-2783, a zero-day vulnerability that allowed attackers to to bypass Chrome … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/26/google-fixes-exploited-chrome-sandbox-bypass-zero-day-cve-2025-2783/
-
Chrome Releases Critical Update to Address CVE-2025-2783 Vulnerability
Google has rolled out a new security update for Chrome users, following the discovery of a vulnerability, CVE-2025-2783, affecting the Windows version of the browser. The update was made available on Tuesday, March 25, 2025, as part of the Stable Channel Update for Desktop. This release includes a crucial fix for the vulnerability and will…
-
Critical NetApp SnapCenter Server Vulnerability Allows Attackers to Gain Admin Access
A critical vulnerability has been identified in NetApp’s SnapCenter Server, affecting versions before 6.0.1P1 and 6.1P1. This flaw allows an authenticated SnapCenter Server user to potentially escalate their privileges to admin on remote systems where SnapCenter plug-ins are installed. The vulnerability has been designated as CVE-2025-26512 and carries a Critical severity rating with a CVSS…
-
Authentication bypass CVE-2025-22230 impacts VMware Windows Tools
Broadcom addressed a high-severity authentication bypass vulnerability, tracked as CVE-2025-22230, in VMware Tools for Windows. Broadcom released security updates to address a high-severity authentication bypass vulnerability, tracked as CVE-2025-22230 (CVSS score 9.8), impacting VMware Tools for Windows. VMware Tools for Windows is a suite of utilities that enhances the performance and usability of virtual machines…
-
Appsmith Developer Tool Vulnerability Exposes Systems to Remote Code Execution
A recent analysis by Rhino Security Labs has uncovered a series of critical vulnerabilities in the Appsmith developer tool, a platform used for building internal applications such as dashboards and customer support tools. The most severe of these vulnerabilities is CVE-2024-55963, which enables unauthenticated remote code execution due to a misconfigured PostgreSQL database that ships…