389 matches found
About Remote Code Execution โ SAP NetWeaver (CVE-2025-31324, CVE-2025-42999) vulnerability
About Remote Code Execution - SAP NetWeaver CVE-2025-31324, CVE-2025-42999 vulnerability. SAP NetWeaver is the core SAP platform for running applications and integrating systems. Vulnerabilities were found in its Visual Composer component - a web tool for business app modeling. A lack of...
September Microsoft Patch Tuesday
September Microsoft Patch Tuesday. A total of 103 vulnerabilities, 29 fewer than in August. Of these, 25 vulnerabilities were added between the August and September MSPT. So far, no vulnerabilities are known to be exploited in the wild. Two have public PoC exploits: DoS - Newtonsoft.Json...
August Linux Patch Wednesday
AugustLinux Patch Wednesday. Iโm late with this LPW since I was improving the generation of LPW bulletin lists and the operation of Vulristics. In August, Linux vendors addressed 867 vulnerabilities, nearly twice Julyโs total, including 455 in the Linux Kernel. One vulnerability is confirmed...
About Remote Code Execution โ WinRAR (CVE-2025-6218, CVE-2025-8088) vulnerabilities
About Remote Code Execution - WinRAR CVE-2025-6218, CVE-2025-8088 vulnerabilities. A crafted file path inside an archive may cause the extraction process to move into unintended directories including the Startup directories , which can result in archive extraction leading to the execution of...
๐ Vulners Lookup โ augmented CVE reality
Vulners Lookup โ augmented CVE reality. Yesterday, VulnCheck unveiled a prototype Chrome/Chromium plugin that highlights CVE identifiers on any website and shows a popup with vulnerability details, including whether the vulnerability is in the VulnCheck KEV an extended CISA KEV. The Vulners team...
Statistics on 2024 trending vulnerabilities were featured in the OIC-CERT annual report
Statistics on2024 trending vulnerabilitieswere featured in the OIC-CERT annual report. The Organisation of Islamic Cooperation OIC is the largest and most influential official intergovernmental Muslim international organization. It currently unites 57 countries with a population of about 2 billio...
August Microsoft Patch Tuesday
August Microsoft Patch Tuesday. A total of 132 vulnerabilities, 20 fewer than in July. Of these, 25 were added between the July and August MSPT. Three are actively exploited, including two related to the trending SharePoint "ToolShell" flaw, exploited since July 17. RCE - Microsoft SharePoint...
August โIn the Trend of VMโ (#18): vulnerabilities in Microsoft Windows and SharePoint
August "In the Trend of VM" 18: vulnerabilities in Microsoft Windows and SharePoint. A traditional monthly roundup - this time, it's extremely short. Post on Habr rus Digest on the PT website rus Only two trending vulnerabilities: Remote Code Execution - Microsoft SharePoint Server "ToolShell"...
About Elevation of Privilege โ Windows Update Service (CVE-2025-48799) vulnerability
About Elevation of Privilege - Windows Update Service CVE-2025-48799 vulnerability. This vulnerability is from the July Microsoft Patch Tuesday. Improper link resolution before file access 'link following' in the Windows Update Service allows an authorized attacker to elevate privileges to "NT...
Qualys has introduced Agentic AI, a solution for autonomous cyber risk management
Qualys hasintroducedAgentic AI, a solution for autonomous cyber risk management. As part of this solution, Qualys provides ready-to-use Cyber Risk Agents that operate autonomously and act as an additional skilled digital workforce. Agentic AI not only detects issues and provides analytics but als...
July Linux Patch Wednesday
JulyLinux Patch Wednesday. This time, there are 470 vulnerabilities, slightly fewer than in June. Of these, 291 are in the Linux Kernel. One vulnerability shows signs of being exploited in the wild CISA KEV: SFB - Chromium CVE-2025-6554 There are also 36 vulnerabilities for which public exploits...
About Remote Code Execution โ Microsoft SharePoint Server โToolShellโ (CVE-2025-53770) vulnerability
About Remote Code Execution - Microsoft SharePoint Server "ToolShell" CVE-2025-53770 vulnerability. SharePoint is a web application developed by Microsoft for corporate intranet portals, document management, and collaborative work. A flaw in the deserialization mechanism of an on-premises...
July โIn the Trend of VMโ (#17): vulnerabilities in Microsoft Windows and Roundcube
July "In the Trend of VM" 17: vulnerabilities in Microsoft Windows and Roundcube. A traditional monthly roundup. This time, it's a very short one. Post on Habr rus Digest on the PT website rus Only three trending vulnerabilities: Remote Code Execution - Internet Shortcut Files CVE-2025-33053...
About Remote Code Executionย โ Internet Shortcut Files (CVE-2025-33053) vulnerability
About Remote Code Execution - Internet Shortcut Files CVE-2025-33053 vulnerability. A vulnerability from the June Microsoft Patch Tuesday. This vulnerability immediately showed signs of exploitation in the wild. This flaw allows a remote attacker to execute arbitrary code when a victim opens a...
About Remote Code Execution โ Roundcube (CVE-2025-49113) vulnerability
About Remote Code Execution - Roundcube CVE-2025-49113 vulnerability. Roundcube is a popular open-source webmail client IMAP. An authenticated attacker can exploit this vulnerability to execute arbitrary code on the Roundcube Webmail server. The issue is caused by the Deserialization of Untrusted...
July Microsoft Patch Tuesday
July Microsoft Patch Tuesday. A total of 152 vulnerabilities - twice as many as in June. Of these, 15 vulnerabilities were added between the June and July MSPT. One vulnerability is exploited in the wild: Memory Corruption - Chromium CVE-2025-6554 One vulnerability has an exploit available on...
About Elevation of Privilege โ Windows SMB Client (CVE-2025-33073) vulnerability
About Elevation of Privilege - Windows SMB Client CVE-2025-33073 vulnerability. A vulnerability from the June Microsoft Patch Tuesday allows an attacker to execute a malicious script, forcing the victim's host to connect to the attacker's SMB server and authenticate, resulting in gaining SYSTEM...
June Linux Patch Wednesday
JuneLinux Patch Wednesday. This time, there are 598 vulnerabilities, almost half as many as in May. Of these, 355 are in the Linux Kernel. There are signs of exploitation in the wild for 3 vulnerabilities CISA KEV. SFB - Chromium CVE-2025-2783 MemCor - Chromium CVE-2025-5419 CodeInj - Hibernate...
I added support for ALT Linux OVAL content in Linux Patch Wednesday
I added support forALT Linux OVAL contentin Linux Patch Wednesday. Now I track when specific CVEs were fixed in ALT Linux packages and take that into account when generating the monthly bulletins. The more data sources on patched vulnerabilities in Linux distributions are used, the more accurate...
June โIn the Trend of VMโ (#16): vulnerabilities in Microsoft Windows, Apache HTTP Server, the web interfaces of MDaemon and Zimbra, and the 7-Zip archiver
June "In the Trend of VM" 16: vulnerabilities in Microsoft Windows, Apache HTTP Server, the web interfaces of MDaemon and Zimbra, and the 7-Zip archiver. A traditional monthly vulnerability roundup. Post on Habr rus Digest on the PT website rus A total of 7 trending vulnerabilities: Elevation of...
June Microsoft Patch Tuesday
June Microsoft Patch Tuesday. A total of 81 vulnerabilities, roughly the same as in May. Among them, 15 vulnerabilities were added between the May and June MSPT. There are 3 vulnerabilities with signs of exploitation in the wild: RCE - WEBDAV/Internet Shortcut Files CVE-2025-33053. For successful...
About Elevation of Privilege โ Windows Common Log File System Driver (CVE-2025-32701, CVE-2025-32706) vulnerabilities
About Elevation of Privilege - Windows Common Log File System Driver CVE-2025-32701, CVE-2025-32706 vulnerabilities. When Microsoft disclosed these vulnerabilities in the May Patch Tuesday, attackers were already exploiting them in the wild. The Common Log File System CLFS is a general-purpose...
About Elevation of Privilege โ Microsoft DWM Core Library (CVE-2025-30400) vulnerability
About Elevation of Privilege - Microsoft DWM Core Library CVE-2025-30400 vulnerability. The vulnerability, patched as part of May Microsoft Patch Tuesday, affects the Desktop Window Manager component. This is a compositing window manager that has been part of Windows since Windows Vista. Successf...
About Cross Site Scripting โ Zimbra Collaboration (CVE-2024-27443) vulnerability
About Cross Site Scripting - Zimbra Collaboration CVE-2024-27443 vulnerability. Zimbra Collaboration is a collaboration software suite that includes a mail server and a web client. An attacker can send an email containing a specially crafted calendar header with an embedded payload. If the user...
About Cross Site Scripting โ MDaemon Email Server (CVE-2024-11182)
About Cross Site Scripting - MDaemon Email Server CVE-2024-11182. An attacker can send an HTML-formatted email containing malicious JavaScript code embedded in an img tag. If the user opens the email in the MDaemon Email Server's web interface, the malicious JavaScript code will execute in the...
Vulnerabilities of Western logistics
Vulnerabilities of Western logistics. On May 21, Western intelligence agencies released joint advisory AA25-141A about attacks targeting infrastructure of Western logistics and tech companies. Alongside the usual Five Eyes, intelligence services from Germany, Czech Republic, Poland, Denmark,...
Impressions from PHDays Fest
Impressions from PHDays Fest. The scale was just insane. You walk and walk - and there's action everywhere, and all of it is PHDays, every bit of it. It totally blew my mind, I saw just a tiny fraction of everything that was going on. In the public area, I was impressed by the university pavilion...
May
MayLinux Patch Wednesday. This time: 1091 vulnerabilities. Of those, 716 are in the Linux Kernel. 5 vulnerabilities are exploited in the wild: RCE - PHP CSS Parser CVE-2020-13756. In AttackerKB, an exploit exists. DoS - Apache ActiveMQ CVE-2025-27533. In AttackerKB, an exploit exists. SFB -...
May โIn the Trend of VMโ (#15): vulnerabilities in Microsoft Windows and the Erlang/OTP framework
May "In the Trend of VM" 15: vulnerabilities in Microsoft Windows and the Erlang/OTP framework. A traditional monthly vulnerability roundup. Post on Habr rus Digest on the PT website rus A total of 4 trending vulnerabilities: Elevation of Privilege - Windows Common Log File System Driver...
About Remote Code Execution โ 7-Zip (BDU:2025-01793) vulnerability
About Remote Code Execution - 7-Zip BDU:2025-01793 vulnerability. It's about the fact that files unpacked using 7-Zip don't get the Mark-of-the-Web. As a result, Windows security mechanisms don't block the execution of the unpacked malware. If you remember, there was a similar vulnerability in...
Iโm done preparing the slides for my talk about Vulristics at PHDays
I 'm done preparing the slides for my talk about Vulristics at PHDays. I'll be speaking on the last day of the festival - Saturday, May 24, at 16:00 in Popov Hall 25. If you're there at that time, I'd be glad to see you. If not - join online! I'll have an hour to dive into Vulristics, vulnerabili...
I checked out the European vulnerability database, EUVD, which was officially launched yesterday
I checked out the European vulnerability database,EUVD, which was officiallylaunchedyesterday. Its usefulness is questionable for now. !๐คทโโ๏ธhttps://s.w.org/images/core/emoji/15.1.0/72x72/1f937-200d-264...
May Microsoft Patch Tuesday
May Microsoft Patch Tuesday. A total of 93 vulnerabilities - about 1.5 times fewer than in April. Of these, 22 were added between the April and May MSPT. There are 5 vulnerabilities show signs of in-the-wild exploitation: EoP - Microsoft DWM Core Library CVE-2025-30400 EoP - Windows CLFS Driver...
About Remote Code Execution โ Erlang/OTP (CVE-2025-32433) vulnerability
About Remote Code Execution - Erlang/OTP CVE-2025-32433 vulnerability. Erlang is a programming language used to build massively scalable soft real-time systems with requirements for high availability. Used in telecom, banking, e-commerce, telephony, and messaging. OTP is a set of Erlang libraries...
About Elevation of Privilege โ Windows Common Log File System Driver (CVE-2025-29824) vulnerability
About Elevation of Privilege - Windows Common Log File System Driver CVE-2025-29824 vulnerability. The vulnerability from the April Microsoft Patch Tuesday allows an attacker operating under a regular user account to escalate their privileges to SYSTEM level. According to Microsoft, the...
About Spoofing โ Windows NTLM (CVE-2025-24054) vulnerability
About Spoofing - Windows NTLM CVE-2025-24054 vulnerability. It was patched in the March Microsoft Patch Tuesday. VM vendors didn't mention this vulnerability in their reviews; it was only known to be exploited via user interaction with a malicious file. A month later, on April 16, Check Point...
About Remote Code Execution & Arbitrary File Reading โ Apache HTTP Server (CVE-2024-38475) vulnerability
About Remote Code Execution & Arbitrary File Reading - Apache HTTP Server CVE-2024-38475 vulnerability. Improper escaping of output in modrewrite module leads to remote code execution or arbitrary file reading. Successful exploitation does not require authentication. Apache HTTP Server 2.4.60,...
April Linux Patch Wednesday
AprilLinux Patch Wednesday. Total vulnerabilities: 251. 164 in the Linux Kernel. No vulnerabilities show signs of being exploited in the wild. There are 7 vulnerabilities that appear to have publicly available exploits. For 2 vulnerabilities, exploit code with detailed explanation is available on...
About Elevation of Privilege โ Windows Process Activation (CVE-2025-21204) vulnerability
About Elevation of Privilege - Windows Process Activation CVE-2025-21204 vulnerability. This vulnerability from the April Microsoft Patch Tuesday was not highlighted by VM vendors in their reviews. It affects the Windows Update Stack component and is related to improper link resolution before fil...
April โIn the Trend of VMโ (#14): vulnerabilities in Microsoft Windows, VMware products, Kubernetes, and Apache Tomcat
April "In the Trend of VM" 14: vulnerabilities in Microsoft Windows, VMware products, Kubernetes, and Apache Tomcat. We decided to pause recording new videos, so for now only text. Post on Habr rus Digest on the PT website rus A total of 11 trending vulnerabilities: Elevation of Privilege - Windo...
March episode โIn the Trend of VMโ (#13): vulnerabilities of Microsoft, PAN-OS, ะกommuniGate and who should patch hosts with deployed application
March episode "In the Trend of VM" 13: vulnerabilities of Microsoft, PAN-OS, ะกommuniGate and who should patch hosts with deployed application. I'm posting the translated video with a big delay, but it's better than never. Video on YouTube and LinkedIn Post on Habr rus Digest on the PT website...
April Microsoft Patch Tuesday
April Microsoft Patch Tuesday. A total of 153 vulnerabilities, 2 times more than in March. Of these, 32 were added between the March and April MSPTs. Three vulnerabilities show signs of exploitation in the wild: EoP - Windows Common Log File System Driver CVE-2025-29824. An attacker can gain SYST...
About Elevation of Privilege โ Windows Cloud Files Mini Filter Driver (CVE-2024-30085) vulnerability
About Elevation of Privilege - Windows Cloud Files Mini Filter Driver CVE-2024-30085 vulnerability. cldflt.sys is a Windows Cloud Files Mini Filter driver responsible for representing cloud-stored files and folders as if they were located on the local machine. The vulnerability in this driver,...
About Remote Code Execution โ Apache Tomcat (CVE-2025-24813) vulnerability
About Remote Code Execution - Apache Tomcat CVE-2025-24813 vulnerability. Apache Tomcat is an open-source software that provides a platform for Java web applications. The vulnerability allows a remote attacker to upload and execute arbitrary files on the server due to flaws in the handling of...
About Remote Code Execution โ Kubernetes (CVE-2025-1974) vulnerability
About Remote Code Execution - Kubernetes CVE-2025-1974 vulnerability. An unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. In the default...
About Remote Code Execution โ Veeam Backup & Replication (CVE-2025-23120) vulnerability
About Remote Code Execution - Veeam Backup & Replication CVE-2025-23120 vulnerability. Veeam B&R is a client-server software solution for centralized backup of virtual machines in VMware vSphere and Microsoft Hyper-V environments. A deserialization flaw CWE-502 lets an attacker run arbitrary code...
March Linux Patch Wednesday
MarchLinux Patch Wednesday. Total vulnerabilities: 1083. 879 in the Linux Kernel. Two vulnerabilities show signs of exploitation in the wild: Code Injection - GLPI CVE-2022-35914. An old vulnerability from CISA KEV, but first patched on March 3 in RedOS Linux. Memory Corruption - Safari...
About Spoofing โ Windows File Explorer (CVE-2025-24071) vulnerability
About Spoofing - Windows File Explorer CVE-2025-24071 vulnerability. The vulnerability is from the March Microsoft Patch Tuesday. The VM vendors didn't highlight it in their reviews. A week later, on March 18, researcher 0x6rss published a write-up and a PoC exploit. According to him, the...
March Microsoft Patch Tuesday
March Microsoft Patch Tuesday. 77 CVEs, 20 of which were added during the month. 7 vulnerabilities with signs of exploitation in the wild: RCE - Windows Fast FAT File System Driver CVE-2025-24985 RCE - Windows NTFS CVE-2025-24993 SFB - Microsoft Management Console CVE-2025-26633 EoP - Windows Win...
New episode โIn the Trend of VMโ (#12): 8 February CVEs & Why the Darknet Matters for VM Specialists
New episode "In the Trend of VM" 12: 8 February CVEs & Why the Darknet Matters for VM Specialists. Now with a new design and new video editing. Video on YouTube and LinkedIn Post on Habr rus Digest on the PT website Content: 00:00 Greetings 00:23 Remote Code Execution - Windows Lightweight...