Tag: cve
-
Google Chrome Zero-Day Vulnerability Actively Exploited in the Wild
Google has released an urgent update for its Chrome browser to patch a zero-day vulnerability known as CVE-2025-2783. This vulnerability has been actively exploited in targeted attacks, utilizing sophisticated malware to bypass Chrome’s sandbox protections. The update, version 134.0.6998.177 for Windows, addresses this critical issue and is set to roll out over the coming days.…
-
New Security Flaws Found in VMware Tools and CrushFTP, High Risk, No Workaround
Broadcom has issued security patches to address a high-severity security flaw in VMware Tools for Windows that could lead to an authentication bypass.Tracked as CVE-2025-22230, the vulnerability is rated 7.8 on the ten-point Common Vulnerability Scoring System (CVSS).”VMware Tools for Windows contains an authentication bypass vulnerability due to improper access control,” Broadcom said in an…
-
Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks
Google has released out-of-band fixes to address a high-severity security flaw in its Chrome browser for Windows that it said has been exploited in the wild as part of attacks targeting organizations in Russia. The vulnerability, tracked as CVE-2025-2783, has been described as a case of “incorrect handle provided in unspecified circumstances in Mojo on…
-
Critical RCE flaws put Kubernetes clusters at risk of takeover
Two ways to mitigate the flaws: The best fix is to upgrade the Ingress-NGINX component to one of the patched versions. Admins can determine if it’s being used inside their clusters by typing: kubectl get pods all-namespaces selector app.kubernetes.io/name=ingress-nginxIn situations where an immediate version upgrade is not possible, admins can reduce risk by deleting the…
-
CVE-2025-2783: Chrome Zero-Day Exploited in State-Sponsored Espionage Campaign
Kaspersky Labs has uncovered a sophisticated cyber-espionage campaign”, dubbed Operation ForumTroll”, leveraging a previously unknown Google Chrome zero-day exploit, now First seen on securityonline.info Jump to article: securityonline.info/cve-2025-2783-chrome-zero-day-exploited-in-state-sponsored-espionage-campaign/
-
Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky
Tags: attack, browser, chrome, cve, exploit, google, kaspersky, remote-code-execution, vulnerability, zero-dayThe vulnerability, tracked as CVE-2025-2783, was chained with a second exploit for remote code execution in attacks in Russian. The post Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/google-patches-chrome-sandbox-escape-zero-day-caught-by-kaspersky/
-
Critical vulnerabilities put Kubernetes environments in jeopardy
Wiz researchers warned that several CVEs in Ingress NGINX Controller for Kubernetes make nearly half of all cloud environments at risk of takeover. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/critical-vulnerabilities-kubernetes-jeopardy/743448/
-
VMware Patches Authentication Bypass Flaw in Windows Tools Suite
The authentication bypass vulnerability, tagged as CVE-2025-22230, carries a CVSS severity score of 7.8/10. The post VMware Patches Authentication Bypass Flaw in Windows Tools Suite appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/vmware-patches-authentication-bypass-flaw-in-windows-tools-suite/
-
CVE-2025-26633: Water Gamayun Exploits Windows MMC in Active Zero-Day Campaign
A zero-day vulnerability tracked as CVE-2025-26633 is being actively exploited in the wild by a sophisticated Russian-linked threat First seen on securityonline.info Jump to article: securityonline.info/cve-2025-26633-water-gamayun-exploits-windows-mmc-in-active-zero-day-campaign/
-
CVE-2025-1974: IngressNightmare Flaws Threaten Kubernetes Clusters
Critical Flaws in Ingress NGINX Controller Enable Remote Code Execution A newly disclosed set of five severe vulnerabilities, dubbed IngressNightmare by cloud security firm Wiz, has put more than 6,500 Kubernetes clusters at risk. These critical flaws impact the Ingress… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-1974-ingressnightmare-flaws-threaten-kubernetes-clusters/
-
NIST Facing Challenges in Managing CVE Backlog in National Database
The National Institute of Standards and Technology (NIST) recently issued an update on its efforts to manage the backlog of Common Vulnerabilities and Exposures (CVEs) in the National Vulnerability Database (NVD). While NIST has regained its pre-summer 2024 processing speed for incoming CVEs, a significant increase in submissions has left the organization struggling to keep…
-
Next.js Middleware Permission Bypass Vulnerability (CVE-2025-29927)
Overview Recently, NSFOCUS CERT detected that Next.js issued a security announcement and fixed the middleware permission bypass vulnerability (CVE-2025-29927). Because Next.js lacks effective verification of the source of the x-middleware-subrequest header, when configuring to use middleware for authentication and authorization, an unauthenticated attacker can bypass system permission controls by manipulating the x-middleware-subrequest header to access…The…
-
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare
Tags: access, advisory, attack, cve, cvss, exploit, flaw, hacker, injection, kubernetes, mitigation, network, open-source, vulnerability, zero-dayFrequently asked questions about five vulnerabilities in the Ingress NGINX Controller for Kubernetes, collectively known as IngressNightmare. Background The Tenable Security Response Team (SRT) has compiled this blog to answer Frequently Asked Questions (FAQ) regarding IngressNightmare. FAQ What is IngressNightmare? IngressNightmare is the name given to a series of vulnerabilities in the Ingress NGINX Controller…
-
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
A set of five critical security shortcomings have been disclosed in the Ingress NGINX Controller for Kubernetes that could result in unauthenticated remote code execution, putting over 6,500 clusters at immediate risk by exposing the component to the public internet.The vulnerabilities (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974 ), assigned a CVSS score of First seen…
-
CVE-2025-29927: Critical Next.js Flaw Enables Authorization Bypass
A newly disclosed vulnerability in the Next.js React framework has been assigned a CVSS score of 9.1, marking it as a critical security risk. Tracked as CVE-2025-29927, the flaw can be exploited under specific conditions to bypass middleware-based authorization checks,… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-29927-nextjs-flaw/
-
WordPress Plugin Vulnerability Opens Door to SQL Injection Exploits
A critical vulnerability in the popular WordPress plugin GamiPress has been uncovered, leaving users exposed to unauthenticated SQL injection attacks. The issue, assigned the identifier CVE-2024-13496, carries a high CVSS 3.1 score of 7.5, indicating significant potential for exploitation. CVE-2024-13496 was discovered during a security assessment of GamiPress version 7.2.1. The vulnerability affects all versions…
-
Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks
A critical security flaw has been disclosed in the Next.js React framework that could be potentially exploited to bypass authorization checks under certain conditions.The vulnerability, tracked as CVE-2025-29927, carries a CVSS score of 9.1 out of 10.0.”Next.js uses an internal header x-middleware-subrequest to prevent recursive requests from triggering infinite loops,” Next.js said in an First…
-
Despite challenges, the CVE program is a public-private partnership that has shown resilience
In 1999, Dave Mann and Steve Christey, two researchers from the nonprofit R&D corporation MITRE, debuted a concept for security vulnerabilities that laid the groundwork for the common vulnerability and exposures framework (CVE) that organizes information around computer vulnerabilities. Twenty-five years later, the CVE program, which assigns a unique record to each reported vulnerability, is…
-
WordPress Plugin Flaw Exposes 200,000+ Sites at Risk of Code Execution
A critical security vulnerability has been discovered in the popular WordPress plugin, WP Ghost, which boasts over 200,000 active installations. This flaw, tracked as CVE-2025-26909, concerns an unauthenticated Local File Inclusion (LFI) vulnerability that could potentially lead to Remote Code Execution (RCE) attacks on nearly all server environments. The vulnerability has been addressed in the…
-
CVE-2025-29927 Understanding the Next.js Middleware Vulnerability
When security vulnerabilities appear in popular frameworks, they can affect thousands of websites overnight. That’s exactly what’s happening with a newly discovered vulnerability in Next.js one of the most… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/cve-2025-29927-understanding-the-next-js-middleware-vulnerability/
-
Critical Next.js Middleware Vulnerability Allows Attackers to Bypass Authorization
A severe vulnerability has been identified in Next.js, a popular React framework used for building web applications, under the designation CVE-2025-29927. This critical flaw allows attackers to bypass security controls implemented by middleware, posing significant risks to authentication, authorization, and security header implementations, as per a report by Zeropath. CVE-2025-29927: Overview The exploit works by…
-
Kritische AMI-BMC-Schwachstelle CVE-2024-54085 ermöglicht Server-Übernahme
Kurze Warnung bzw. Information für Administratoren, die AMI MegaRAC BMC einsetzen. Das Unternehmen hat bereits zum 11. März 2025 eine Sicherheitswarnung veröffentlicht. Es gibt eine kritische Schwachstelle CVE-2024-54085 (CVSS v4 Score von 10.0), die eine Remote Server-Übernahme oder gar “das Bricken” … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/24/kritische-ami-bmc-schwachstelle-cve-2024-54085-ermoeglicht-server-uebernahme/
-
CVE-2025-24813: Apache Tomcat Vulnerable to RCE Attacks
IntroductionCVE-2025-24813 was originally published on March 10 with a medium severity score of 5.5, and Apache Tomcat released an update to fix it. On March 12, the first attack was detected in Poland by Wallarm researchers, even before a Proof-of-Concept (PoC) was made public. After the PoC was released on March 13 on GitHub and…
-
Researchers Reveal macOS Vulnerability Exposing System Passwords
A recent article by Noah Gregory has highlighted a significant vulnerability in macOS, identified as CVE-2024-54471, which was patched in the latest security updates for macOS Sequoia 15.1, macOS Sonoma 14.7.1, and macOS Ventura 13.7.1. This vulnerability could potentially expose system passwords, emphasizing the importance of updating macOS devices to the latest versions. Background and…
-
New Attacks Exploit Year-Old ServiceNow Flaws Israel Hit Hardest
ServiceNow vulnerability alert: Hackers are actively exploiting year-old flaws (CVE-2024-4879, CVE-2024-5217, CVE-2024-5178) for database access. Learn how to… First seen on hackread.com Jump to article: hackread.com/attacks-exploit-servicenow-flaws-israel-hit-hardest/
-
Hackers Actively Exploit Apache Tomcat Servers via CVE-2025-24813 Patch Now
A concerning development has emerged with the active exploitation of Apache Tomcat servers through the recently disclosed vulnerability, CVE-2025-24813. This vulnerability allows attackers to potentially execute remote code (RCE) if successfully exploited. The cybersecurity firm GreyNoise has identified multiple IPs involved in these attacks across several regions, highlighting the urgency for organizations to update their…
-
Veeam RCE Vulnerability Allows Domain Users to Hack Backup Servers
Researchers uncovered critical Remote Code Execution (RCE) vulnerabilities in the Veeam Backup & Replication solution. These vulnerabilities, which include CVE-2025-23120, exploit weaknesses in deserialization mechanisms, potentially allowing any domain user to gain SYSTEM access to Veeam backup servers. This is particularly concerning for organizations that have integrated their Veeam servers into their Active Directory domains.…
-
Cisco Smart Licensing Utility flaws actively exploited in the wild
Experts warn of the active exploitation of two recently patched security vulnerabilities affecting Cisco Smart Licensing Utility. Cisco disclosed two vulnerabilities in its Smart Licensing Utility: CVE-2024-20439, a static credential backdoor, and CVE-2024-20440, an information disclosure flaw. Attackers can exploit the backdoor to access sensitive log files. While no active exploitation was initially observed, the…