Tag: cve
-
Palo Alto PAN-OS Flaw Lets Attackers Force Firewall Reboots via Malicious Packets
Palo Alto Networks has disclosed a denial-of-service vulnerability in its PAN-OS software that allows attackers to force firewalls into unexpected reboots using specially crafted network packets. The flaw, tracked as CVE-2025-4619, affects multiple versions of PAN-OS running on PA-Series and VM-Series firewalls, as well as Prisma Access deployments. The vulnerability enables unauthenticated attackers to trigger…
-
>>Patched<< but still exposed: US federal agencies must remediate Cisco flaws (again)
CISA has ordered US federal agencies to fully address two actively exploited vulnerabilities (CVE-2025-20333, CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/13/cisa-directive-cve-2025-20333-cve-2025-20362/
-
>>Patched<< but still exposed: US federal agencies must remediate Cisco flaws (again)
CISA has ordered US federal agencies to fully address two actively exploited vulnerabilities (CVE-2025-20333, CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/13/cisa-directive-cve-2025-20333-cve-2025-20362/
-
SAP Pushes Emergency Patch for 9.9 Rated CVE-2025-42887 After Full Takeover Risk
CVE 2025 42887 vulnerability, rated 9.9, allows code injection through Solution Manager giving attackers full SAP control urgent patch needed to block system takeover. First seen on hackread.com Jump to article: hackread.com/sap-patch-cve-2025-42887-takeover-vulnerability/
-
SAP Pushes Emergency Patch for 9.9 Rated CVE-2025-42887 After Full Takeover Risk
CVE 2025 42887 vulnerability, rated 9.9, allows code injection through Solution Manager giving attackers full SAP control urgent patch needed to block system takeover. First seen on hackread.com Jump to article: hackread.com/sap-patch-cve-2025-42887-takeover-vulnerability/
-
CISA Warns of Active Exploitation of Windows Kernel 0-Day Enabling Privilege Escalation
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, microsoft, vulnerability, windows, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about the active exploitation of a new zero-day vulnerability in Microsoft Windows. This security flaw, tracked as CVE-2025-62215, affects the Windows Kernel and could allow attackers to escalate their privileges if successfully exploited. Overview of the Vulnerability CVE-2025-62215 is a race condition vulnerability…
-
Kibana Vulnerabilities Expose Systems to SSRF and XSS Attacks
Elastic has released a security advisory addressing an origin validation error in Kibana that could expose systems to Server-Side Request Forgery (SSRF) attacks. The vulnerability, tracked as CVE-2025-37734, affects multiple versions of the popular data visualization and exploration platform and has prompted immediate patching across all affected deployments. CVE ID Vulnerability Affected Versions CVSS Score Fixed Versions…
-
CISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The vulnerability in question is CVE-2025-9242 (CVSS score: 9.3), an out-of-bounds write vulnerability affecting Fireware OS 11.10.2 up to and including First seen on thehackernews.com…
-
Critical Dell Data Lakehouse Flaw Allows Remote Attackers to Escalate Privileges
Dell Technologies has disclosed a critical security vulnerability affecting its Data Lakehouse platform that could allow attackers with high-level privileges to escalate their access and compromise system integrity. The flaw, tracked as CVE-2025-46608, carries a maximum CVSS severity score of 9.1, indicating an exceptionally high risk to affected environments. CVE ID Product Affected Versions Remediated…
-
Citrix NetScaler ADC and Gateway Flaw Allows Cross-Site Scripting (XSS) Attacks
Cloud Software Group has disclosed a cross-site scripting (XSS) vulnerability affecting NetScaler ADC and NetScaler Gateway platforms. The flaw, tracked as CVE-2025-12101, poses a moderate security risk to organizations relying on these network appliances for authentication and secure access services. Field Value CVE ID CVE-2025-12101 Vulnerability Type Cross-Site Scripting (XSS) CWE Classification CWE-79: Improper Neutralization…
-
CISA Warns of Active Exploitation of WatchGuard Firebox OutBounds Write Flaw
Tags: cisa, cve, cyber, cybersecurity, exploit, firewall, flaw, infrastructure, kev, network, risk, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting WatchGuard Firebox firewalls to its Known Exploited Vulnerabilities (KEV) catalog, warning of active exploitation in the wild. The flaw, tracked as CVE-2025-9242, poses severe risks to organizations relying on these devices for network security. The Vulnerability WatchGuard Firebox firewalls contain an out-of-bounds write…
-
Citrix NetScaler ADC and Gateway Flaw Allows Cross-Site Scripting (XSS) Attacks
Cloud Software Group has disclosed a cross-site scripting (XSS) vulnerability affecting NetScaler ADC and NetScaler Gateway platforms. The flaw, tracked as CVE-2025-12101, poses a moderate security risk to organizations relying on these network appliances for authentication and secure access services. Field Value CVE ID CVE-2025-12101 Vulnerability Type Cross-Site Scripting (XSS) CWE Classification CWE-79: Improper Neutralization…
-
‘Advanced’ hacker seen exploiting Cisco, Citrix zero-days
The hackers notably used custom malware and were exploiting CVE-2025-5777, now known colloquially as “Citrix Bleed Two”, before it was disclosed publicly in July. First seen on therecord.media Jump to article: therecord.media/advanced-hacker-exploiting-cisco-citrix-zero-days-amazon
-
SAP fixed a maximum severity flaw in SQL Anywhere Monitor
SAP fixed 19 security issues, including a critical flaw in SQL Anywhere Monitor with hardcoded credentials that could enable remote code execution. SAP addressed 19 security vulnerabilities, including a critical flaw in SQL Anywhere Monitor, with the release of November 2025 notes. The vulnerability, tracked as CVE-2025-42890 (CVSS score of 10/10), is an insecure key…
-
Cl0p Ransomware Lists NHS UK as Victim, Days After Washington Post Breach
Cl0p ransomware lists NHS UK as a victim days after The Washington Post confirms a major Oracle E-Business breach linked to CVE-2025-61882. First seen on hackread.com Jump to article: hackread.com/cl0p-ransomware-nhs-uk-washington-post-breach/
-
Microsoft Patch Tuesday for November 2025 Fix for 0-day and Other 62 Vulnerabilities
Microsoft has released its November 2025 Patch Tuesday update, addressing 63 security vulnerabilities across its software lineup. The update includes a critical fix for a zero-day vulnerability in the Windows Kernel that is confirmed to be actively exploited in the wild. The most critical patch in this month’s release is for CVE-2025-62215, an Elevation of…
-
Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042)
CISA has added CVE-2025-21042, a vulnerability affecting Samsung mobile devices, to its Known Exploited Vulnerabilities (KEV) catalog, and has ordered US federal civilian … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/11/samsung-spyware-cve-2025-21042/
-
Ivanti Endpoint Manager Vulnerabilities Let Attackers Write Files Anywhere on Target Systems
Ivanti has released critical security updates for Ivanti Endpoint Manager to address three high-severity vulnerabilities that could allow authenticated attackers to write arbitrary files to any location on affected systems. The company disclosed the security advisory on November 10, 2025, with the latest patch becoming available immediately. CVE Number Description CVSS Score Severity CVE-2025-10918 Insecure…
-
Ivanti Endpoint Manager Vulnerabilities Let Attackers Write Files Anywhere on Target Systems
Ivanti has released critical security updates for Ivanti Endpoint Manager to address three high-severity vulnerabilities that could allow authenticated attackers to write arbitrary files to any location on affected systems. The company disclosed the security advisory on November 10, 2025, with the latest patch becoming available immediately. CVE Number Description CVSS Score Severity CVE-2025-10918 Insecure…
-
Ivanti Endpoint Manager Vulnerabilities Let Attackers Write Files Anywhere on Target Systems
Ivanti has released critical security updates for Ivanti Endpoint Manager to address three high-severity vulnerabilities that could allow authenticated attackers to write arbitrary files to any location on affected systems. The company disclosed the security advisory on November 10, 2025, with the latest patch becoming available immediately. CVE Number Description CVSS Score Severity CVE-2025-10918 Insecure…
-
Zoom Workplace for Windows Flaw Allows Local Privilege Escalation
A security vulnerability has been discovered in Zoom Workplace’s VDI Client for Windows that could allow attackers to escalate their privileges on affected systems. The flaw, tracked as CVE-2025-64740 and assigned bulletin ZSB-25042, has been rated as High severity with a CVSS score of 7.5. Attribute Details CVE ID CVE-2025-64740 Bulletin ID ZSB-25042 Product Zoom Workplace VDI…
-
Zoom Workplace for Windows Flaw Allows Local Privilege Escalation
A security vulnerability has been discovered in Zoom Workplace’s VDI Client for Windows that could allow attackers to escalate their privileges on affected systems. The flaw, tracked as CVE-2025-64740 and assigned bulletin ZSB-25042, has been rated as High severity with a CVSS score of 7.5. Attribute Details CVE ID CVE-2025-64740 Bulletin ID ZSB-25042 Product Zoom Workplace VDI…
-
moveIT a series of breaches, all enabled by APIs FireTail Blog
Nov 11, 2025 – Jeremy Snyder – In mid-2023, a software vulnerability was discovered in a file transfer application known as moveIT. Because of the application’s popularity, numerous companies and organizations have found themselves vulnerable to the breach. This blog post will attempt to explain the vulnerability, map out the kill chain (also sometimes called…
-
moveIT a series of breaches, all enabled by APIs FireTail Blog
Nov 11, 2025 – Jeremy Snyder – In mid-2023, a software vulnerability was discovered in a file transfer application known as moveIT. Because of the application’s popularity, numerous companies and organizations have found themselves vulnerable to the breach. This blog post will attempt to explain the vulnerability, map out the kill chain (also sometimes called…
-
U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Samsung mobile devices flaw, tracked as CVE-2025-21042 (CVSS score of 8.8), to its Known Exploited Vulnerabilities (KEV) catalog. The now-patched Samsung Galaxy flaw CVE-2025-21042 was exploited as a zero-day…
-
Devolutions Server Flaw Allows Attackers to Impersonate Users via Pre-MFA Cookie
Devolutions Server has been found vulnerable to a critical security flaw that allows low-privileged authenticated users to impersonate other accounts by replaying pre-MFA cookies. The vulnerability, identified as CVE-2025-12485, carries a critical CVSS score of 9.4 and affects all versions up to 2025.3.5. The company has released patches to address this and a second vulnerability…
-
Devolutions Server Flaw Allows Attackers to Impersonate Users via Pre-MFA Cookie
Devolutions Server has been found vulnerable to a critical security flaw that allows low-privileged authenticated users to impersonate other accounts by replaying pre-MFA cookies. The vulnerability, identified as CVE-2025-12485, carries a critical CVSS score of 9.4 and affects all versions up to 2025.3.5. The company has released patches to address this and a second vulnerability…