720 matches found
CVE-2025-2313
creationtimestamp| type| source ---|---|--- 2025-08-27 11:17:18+00:00| seen| Telegram/JzqS30rbsZkXX-J9q-FpBkOr8wylmkM98sbVjWjXhrVNsA 2025-08-27 11:17:20+00:00| seen| Telegram/ssOidBomCKbG8sjcbyELy9TqieNAw9NmIvZVU6qSPqCeW2g 2025-08-27 11:17:24+00:00| seen|...
How a scam hunter got scammed (Lock and Code S06E17)
This week on the Lock and Code podcast… If there’s one thing that scam hunter Julie-Anne Kearns wants everyone to know, it is that no one is immune from a scam. And she would know—she fell for one last year. For years now, Kearns has made a name for herself on TikTok as a scam awareness and...
ae.teletronics.nlp:entityextraction (>=1.3 <=1.4), ai.stainless:grails-tika (=0.1.0) +739 more potentially affected by CVE-2025-54988 +1 more via org.apache.tika:tika-parsers (>=1.13 <=1.9)
org.apache.tika:tika-parsers MAVEN version =1.13, =1.3, =1.0.1, =3.6.1, =3.11.0, =4.6.0, =8.10.1.3, =8.10.1.3, =8.10.1.3, =0.1, =3.0.0, =3.0.1 and more Source cves: CVE-2025-54988, CVE-2025-66516 Source advisory: SNYK:JAVA-ORGAPACHETIKA-14188256...
CVE-2025-7693
A security issue exists due to improper handling of malformed CIP Forward Close packets during fuzzing. The controller enters a solid red Fault LED state and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and...
CVE-2025-41685
creationtimestamp| type| source ---|---|--- 2025-08-19 08:11:01+00:00| seen| https://infosec.exchange/users/certvde/statuses/115054415790248821 2025-08-19 08:11:10+00:00| seen| https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lwqhmwyihxm2 2025-08-19 10:19:23+00:00| seen|...
CVE-2025-38537
In the Linux kernel, the following vulnerability has been resolved: net: phy: Don't register LEDs for genphy If a PHY has no driver, the genphy driver is probed/removed directly in phyattach/detach. If the PHY's ofnode has an "leds" subnode, then the LEDs will be unregistered when probing/removin...
CISA Releases Malware Analysis Report Associated with Microsoft SharePoint Vulnerabilities
CISA published a Malware Analysis Report MAR with analysis and associated detection signatures on files related to Microsoft SharePoint vulnerabilities: CVE-2025-49704link is external CWE-94: Code Injectionlink is external, CVE-2025-49706link is external CWE-287: Improper Authenticationlink is...
CVE-2025-43217
The issue was addressed by adding additional logic. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9. Privacy Indicators for microphone or camera access may not be correctly displayed...
CVE-2025-43217
The issue was addressed by adding additional logic. This issue is fixed in iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6. Privacy Indicators for microphone or camera access may not be correctly displayed...
CVE-2025-43217
The issue was addressed by adding additional logic. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9. Privacy Indicators for microphone or camera access may not be correctly displayed...
CVE-2025-43217
The issue was addressed by adding additional logic. This issue is fixed in iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6. Privacy Indicators for microphone or camera access may not be correctly displayed...
CVE-2025-43217
The issue was addressed by adding additional logic. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9. Privacy Indicators for microphone or camera access may not be correctly displayed...
CVE-2025-43217
CVE-2025-43217 affects Apple iPadOS and iOS where privacy indicators for microphone or camera access may not be correctly displayed. The issue is mitigated by Apple in iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6 through added logic changes. CVSSv3.1 metrics indicate a Local attack vector, Low confide...
PT-2025-31301
Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.6 iPadOS versions prior to 17.7.9 iPadOS versions prior to 18.6 Description Privacy Indicators for microphone or camera access may not be correctly displayed. The issue was addressed by adding additional logic...
About the security content of iOS 18.6 and iPadOS 18.6
About the security content of iOS 18.6 and iPadOS 18.6 This document describes the security content of iOS 18.6 and iPadOS 18.6. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...
About the security content of iPadOS 17.7.9
About the security content of iPadOS 17.7.9 This document describes the security content of iPadOS 17.7.9. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...
Vulnerabilities fixed in Citrix NetScaler ADC and NetScaler Gateway
Citrix has fixed vulnerabilities in NetScaler ADC and NetScaler Gateway. The vulnerability with reference CVE-2025-5777 involves an Out-of-Bounds Read. This vulnerability arises from insufficient input validation in systems configured as Gateway services. These include VPN virtual servers, ICA...
Exploit for Code Injection in Craftcms Craft_Cms
🧨 CVE-2025-32432 – Craft CMS Pre-auth RCE 🧨 🕵️ Overview...
Innovative Tunnelling and Forensic Tool Abuse: IR Tales from the Field
Rapid7 Incident Response consultants Willow Shipperley and Noah Hemker contributed analysis and insight to this blog. Executive summary Rapid7’s Incident Response IR team was engaged to investigate an incident involving an attempted Cobalt Strike execution. The investigation uncovered twists and...
Vulnerability fixed in Wing FTP Server
The developer of Wing FTP Server has fixed a vulnerability in version 7.4.4. The vulnerability is in the way Wing FTP Server processes null bytes in the user parameter. This allows a remote malicious person to inject arbitrary Lua code into session files, which can lead to the execution of...