Tag: cve
-
0-day-Schwachstellen in VMWare ESXi, Workstation und Fusion
Zum 4. März 2025 hat VMware by Broadcom einen Sicherheitshinweis veröffentlicht, um vor drei Zero-Day-Schwachstellen CVE-2025-22224, CVE-2025-22225 und CVE-2025-22226), die bereits in freier Wildbahn ausgenutzt wurden, zu warnen. Patchen ist dringend angesagt. VMware Advisory VMSA-2025-0004 Dem Advisory VMSA-2025-0004 zufolge betreffen die … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/05/0-day-schwachstellen-in-vmware-esxi-workstation-und-fusion/
-
CVE-2025-22224, CVE-2025-22225, CVE-2025-22226: Zero-Day Vulnerabilities in VMware ESXi, Workstation and Fusion Exploited
Tags: advisory, attack, cloud, cve, exploit, flaw, infrastructure, intelligence, leak, microsoft, threat, update, vmware, vulnerability, zero-dayBroadcom published an advisory for three flaws in several VMware products that were exploited in the wild as zero-days. Organizations are advised to apply the available patches. Background On March 4, Broadcom published an advisory (VMSA-2025-0004) for three zero-day vulnerabilities across multiple VMware products: CVE Description CVSSv3 CVE-2025-22224 VMware ESXi and Workstation Heap-Overflow Vulnerability 9.3…
-
U.S. CISA adds Linux kernel and VMware ESXi and Workstation flaws to its Known Exploited Vulnerabilities catalog
Tags: android, cisa, cve, cybersecurity, exploit, google, infrastructure, kev, linux, vmware, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux kernel and VMware ESXi and Workstation flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: The first issue, tracked as CVE-2024-50302, was addressed by Google with the release of the Android…
-
VMware fixed three actively exploited zero-days in ESX products
Broadcom has addressed three VMware zero-day vulnerabilities in ESX products that are actively exploited in the wild. Broadcom released security updates to address three VMware zero-day vulnerabilities in ESX products that are actively exploited in the wild. The flaws, respectively tracked as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, impact multiple VMware ESX products, including VMware ESXi, vSphere,…
-
VMware Security Flaws Exploited in the Wild”, Broadcom Releases Urgent Patches
Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure.The list of vulnerabilities is as follows -CVE-2025-22224 (CVSS score: 9.3) – A Time-of-Check Time-of-Use (TOCTOU) vulnerability that leads to an out-of-bounds write, which a malicious actor with…
-
Google fixed two actively exploited Android flaws
Android March 2025 security update addresses over 40 vulnerabilities, including two flaws actively exploited in attacks in the wild. Android March 2025 security update addressed over 40 vulnerabilities, including two flaws, respectively tracked as CVE-2024-43093 and CVE-2024-50302, which are actively exploited in attacks in the wild. >>There are indications that the following may be under…
-
Broadcom Patches 3 VMware Zero-Days Exploited in the Wild
Broadcom patched VMware zero-days CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 after Microsoft warned it of exploitation. The post Broadcom Patches 3 VMware Zero-Days Exploited in the Wild appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/broadcom-patches-3-vmware-zero-days-exploited-in-the-wild/
-
CISA Urges Government to Patch Exploited Cisco, Microsoft Flaws
CISA has added five more CVEs into its known exploited vulnerabilities catalog First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-govt-patch-exploited-cisco/
-
Update Alert: Google Warns of Critical Android Vulnerabilities Under Exploit
Tags: android, cve, cyber, exploit, flaw, google, remote-code-execution, risk, update, vulnerabilityGoogle’s March 2025 Android Security Bulletin has unveiled two critical vulnerabilities”, CVE-2024-43093 and CVE-2024-50302″, currently under limited, targeted exploitation. These flaws, impacting Android versions 12 through 15, underscore escalating risks for billions of devices. The bulletin mandates the immediate installation of the 2025-03-05 security patch, which resolves remote code execution and privilege escalation threats. Critical…
-
BigAnt Server 0-Day Vulnerability Lets Attackers Run Malicious Code Remotely
A critical vulnerability in BigAntSoft’s enterprise chat server software has exposed ~50 internet-facing systems to unauthenticated remote code execution attacks. Designated CVE-2025-0364, this exploit chain enables attackers to bypass authentication protocols, create administrative accounts, and execute malicious PHP code on vulnerable servers running BigAnt Server v5.6.06 and earlier. CVE-2025-0364: Authentication Bypass to PHP Code Execution The…
-
IBM Storage Virtualize Flaws Allow Remote Code Execution
Two critical security flaws in IBM Storage Virtualize products could enable attackers to bypass authentication protections and execute malicious code on enterprise storage systems, according to a security bulletin issued by the company. Tracked as CVE-2025-0159 and CVE-2025-0160, these vulnerabilities impact the graphical user interface (GUI) components of IBM’s SAN Volume Controller, Storwize, Spectrum Virtualize,…
-
Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited”, CISA Sounds Alarm
Tags: cisa, cisco, cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, microsoft, software, vulnerability, windowsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The list of vulnerabilities is as follows -CVE-2023-20118 (CVSS score: 6.5) – A command injection First seen…
-
Paragon Partition Manager Vulnerabilities Allow Attackers to Escalate Privileges and Trigger DoS Attacks
Security researchers have uncovered five significant vulnerabilities in Paragon Partition Manager’s BioNTdrv.sys driver, affecting versions prior to 2.0.0. These flaws, identified as CVE-2025-0285, CVE-2025-0286, CVE-2025-0287, CVE-2025-0288, and CVE-2025-0289, pose serious security risks, enabling attackers to escalate privileges to SYSTEM level and potentially cause denial-of-service (DoS) scenarios. Multiple Critical Flaws Discovered in BioNTdrv.sys Driver The vulnerabilities,…
-
Top CVEs Vulnerabilities February 2025
Cyber threats don’t take a break, and February 2025 proved just that. This month, we saw some serious vulnerabilities that could cause major problems if not patched quickly. From remote… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/top-cves-vulnerabilities-february-2025/
-
Trigon: Latest iOS Kernel Exploit Uncovered
A sophisticated kernel exploit leveraging CVE-2023-32434, an integer overflow vulnerability in Apple’s XNU virtual memory subsystem, has been unveiled by security researchers. DubbedTrigon, this exploit chain enables deterministic kernel read/write primitives on A10(X) devices, bypassing Apple’s KTRR and PPL protections through physical memory mapping techniques. Initially exploited in the Operation Triangulation campaign against Kaspersky researchers,…
-
Cisco fixed command injection and DoS flaws in Nexus switches
Cisco addressed command injection and denial-of-service (DoS) vulnerabilities in some models of its Nexus switches. Cisco released security updates to address command injection and DoS vulnerabilities in Nexus switches, including a high-severity flaw. The most severe issue, tracked as CVE-2025-20111 (CVSS Score of 7.4), resides in the health monitoring diagnostics of Cisco Nexus 3000 Series…
-
CVE volumes head towards 50,000 in 2025, analysts claim
Many trends, notably a big shift to open source tools, are behind an expected boom in the number of disclosed vulnerabilities First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366619678/CVE-volumes-head-towards-50000-in-2025-analysts-claim
-
MITRE Caldera Hit by Critical RCE Flaw (CVE-2025-27364) Here’s What You Need to Know
CVE-2025-27364, a critical Remote Code Execution (RCE) flaw has been discovered in MITRE Caldera, an open-source adversary emulation platform used by security professionals. This flaw could allow attackers to execute arbitrary code on the server running Caldera, leading to the compromise of sensitive systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2025-27364-in-mitre-caldera/
-
Schwachstelle CVE-2025-0514 in LibreOffice Fix mit LibreOffice 24.8.5
Die LibreOffice-Entwickler haben LibreOffice 24.8.5 veröffentlicht, um eine Link-Schwachstelle CVE-2025-0514 zu schließen. Über die Schwachstelle könnten sich Links missbrauchen lassen. Die Schwachstelle CVE-2025-0514 Die Schwachstelle CVE-2025-0514 geht auf eine unzureichende Eingabevalidierung in LibreOffice zurück. Das ermöglicht die bedingungslose Ausführung von … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/02/28/schwachstelle-cve-2025-0514-in-libreoffice-fix-mit-libreoffice-24-8-5/
-
CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation
Tags: access, cisa, control, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The vulnerabilities in question are as follows -CVE-2024-49035 (CVSS score: 8.7) – An improper access control First seen on…
-
Black Basta ransomware leak sheds light on targets, tactics
VulnCheck found the ransomware gang targeted CVEs in popular enterprise products from Microsoft, Citrix, Cisco, Fortinet, Palo Alto Networks, Confluence Atlassian and more. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366619641/Black-Basta-ransomware-leak-sheds-light-on-targets-tactics
-
Attackers exploiting Cisco vulnerabilities tied to Salt Typhoon campaign
GreyNoise observed exploitation of CVE-2018-0171, which Cisco Talos researchers said was used in a recent attack by the China-backed threat group. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/attackers-exploiting-cisco-vulnerabilities-tied-to-salt-typhoon-campaign/740859/
-
Hackers Exploiting Cisco Small Business Routers RCE Vulnerability Deploying Webshell
Tags: backdoor, business, cisco, cve, cyber, cybercrime, exploit, flaw, hacker, rce, remote-code-execution, router, vulnerabilityA critical remote code execution (RCE) vulnerability, CVE-2023-20118, affecting Cisco Small Business Routers, has become a focal point for cybercriminals deploying webshells and advanced backdoor payloads. The vulnerability, caused by improper input validation in the routers’ web-based management interface, allows unauthenticated attackers to execute arbitrary commands by sending specially crafted HTTP requests. This flaw has…
-
Critical deserialization bugs in Adobe, Oracle software actively exploited, warns CISA
Oracle Agile PLM flaw open to N-days: The other vulnerability, fixed in January 2024, is a high severity (CVSS 8.8/10) flaw in the export component of the Oracle’s PLM software, and stems from the improper handling of serialized data. It’s tracked as CVE-2024-20953. Successful exploitation could enable a low-privileged attacker with network access via HTTP…
-
Palo Alto PAN-OS Bug Severity Upgraded, Exploited in Wild
Summary Earlier this month we published an advisory about CVE-2025-0108, a vulnerability which allows an unauthenticated attacker to access the web management user interface of First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/02/25/palo-alto-pan-os-bug-severity-upgraded-exploited-in-wild/
-
CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability
CISA has added CVE-2024-20953, an Oracle Agile PLM vulnerability patched in January 2024, to its KEV catalog. The post CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisa-warns-of-attacks-exploiting-oracle-agile-plm-vulnerability/
-
U.S. CISA adds Adobe ColdFusion and Oracle Agile PLM flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM)vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added SonicWall SonicOS and Palo Alto PAN-OS vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The two vulnerabilities are: CVE-2017-3066(CVSS score of 9.8) is a…