Securing Critical Infrastructure in the Cloud Era: A Policy and Technology Blueprint

Why Securing Critical Infrastructure Requires a Modern Approach...

编号撤回

Nagios XI is a suite of IT infrastructure monitoring solutions from Nagios, USA. The solution supports monitoring and alerting of applications, services, operating systems, and more. This CVE number has been withdrawn...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2012R1.6, which stems from an authorization...

event-driven-ansible: Event Stream Test Mode Exposes Sensitive Headers in AAP EDA

A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible EDA Event Stream API. This vulnerability allows exposure of sensitive client credentials and internal infrastructure headers via the testheaders field when an event stream is in test mode. The possible outcome...

Mapping Attack Surface for Enterprises: A 5-Step Guide

An attacker doesn’t see your company the way you do. They don’t see departments, projects, or business units. They see a collection of potential entry points—a web of digital assets they can probe for a single weakness. Their goal is to find the one unlocked door you forgot about. This is why...

PhantomCaptcha RAT Attack Targets Aid Groups Supporting Ukraine

SentinelLABS’ research reveals PhantomCaptcha, a highly coordinated, one-day cyber operation on Oct 8, 2025, targeting the International Red Cross, UNICEF, and Ukraine government groups using fake emails and a Remote Access Trojan RAT linked to Russian infrastructure...

'Jingle Thief' Hackers Exploit Cloud Infrastructure to Steal Millions in Gift Cards

Cybersecurity researchers have shed light on a cybercriminal group called Jingle Thief that has been observed targeting cloud environments associated with organizations in the retail and consumer services sectors for gift card fraud. "Jingle Thief attackers use phishing and smishing to steal...

PT-2025-43547

Name of the Vulnerable Software and Affected Versions Captive Portal affected versions not specified Description A security issue exists in Captive Portal that may lead to the disclosure of sensitive information. The issue affects network infrastructure. Approximately 100 million devices worldwid...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7835-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7835-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

CVE-2025-61756

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: System Configuration. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated...

CVE-2025-61751

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Platform. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows low privileged attacker with...

CVE-2025-53035

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Platform. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows low privileged attacker with...

CVE-2025-53037

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Platform. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2025-53036

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Platform. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2025-53034

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Platform. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with...

OpenBao leaks HTTPRawBody in Audit Logs

Impact OpenBao's audit log experienced a regression wherein raw HTTP bodies used by few endpoints were not correctly redacted HMAC'd. This impacted the following subsystems: - When using the ACME functionality of PKI, this would result in short-lived ACME verification challenge codes being leaked...

USN-7835-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

USN-7835-2: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

USN-7835-1 linux, linux-aws, linux-azure, linux-azure-6.8, linux-gcp, linux-gkeop, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oracle vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

USN-7835-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...