Tag: remote-code-execution
-
Python JSON Logger Vulnerability Enables Remote Code Execution PoC Released
by
in SecurityNewsA recent security disclosure has revealed a remote code execution (RCE) vulnerability, CVE-2025-27607, in the Python JSON Logger package, affecting versions between 3.2.0 and 3.2.1. This vulnerability arises from a missing dependency, >>msgspec-python313-pre,
-
Critical pgAdmin Flaw Allows Remote Code Execution
by
in SecurityNewsA severe Remote Code Execution (RCE) vulnerability in pgAdmin (CVE-2025-2945), the popular PostgreSQL database management tool, has been patched after researchers discovered attackers could hijack servers through malicious API requests. The flaw affects pgAdmin versions ≤9.1 and allows authenticated users to execute arbitrary commands on affected systems. Technical Breakdown The vulnerability stems from improper use…
-
RCE Vulnerability in Apache Parquet Poses Risk to Big Data Systems
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/rce-vulnerability-in-apache-parquet-poses-risk-to-big-data-systems
-
Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild
by
in SecurityNewsApril 5, 2025 Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways. Rated at a CVSS score of 9.0, this stack-based buffer overflow has been actively exploited since mid-March 2025, posing a severe risk to organizations using these […]…
-
Chinese Hackers Exploit Ivanti VPN Vulnerability to Deliver Malware Payloads
by
in SecurityNewsIvanti disclosed a critical security vulnerability, CVE-2025-22457, affecting its Connect Secure (ICS) VPN appliances, particularly versions 22.7R2.5 and earlier. This buffer overflow vulnerability enables attackers to achieve remote code execution when exploited successfully. Security researchers from Mandiant and Ivanti have confirmed active exploitation of this vulnerability in the wild, targeting ICS 9.X (end-of-life) and earlier…
-
Big hole in big data: Critical deserialization bug in Apache Parquet allows RCE
by
in SecurityNewsNo known exploits yet: Neither Endor Labs nor NIST’s NVD entry reported any exploit attempts using CVE-2025-30065 as of publication of this article. Apache silently pushed a fix with the release of 1.15.1 on March 16, 2025, with a GitHub redirect to changes made in the update.Endor Labs advised prompt patching of the vulnerability, which…
-
CVE-2025-22457: New Critical Ivanti Flaw Could Expose Entire Networks
by
in SecurityNewsOverview of the Vulnerability Ivanti has recently disclosed a significant security vulnerability, identified as CVE-2025-22457, affecting its Connect Secure, Policy Secure, and ZTA Gateway products. While specific details are pending, such vulnerabilities typically involve issues such as remote code execution,… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-22457-critical-ivanti-flaw/
-
Critical Apache Parquet Vulnerability Leads to Remote Code Execution
by
in SecurityNewsA critical vulnerability in Apache Parquet can be exploited to execute arbitrary code remotely, leading to complete system compromise. The post Critical Apache Parquet Vulnerability Leads to Remote Code Execution appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/critical-apache-parquet-vulnerability-leads-to-remote-code-execution/
-
Critical flaw in Apache Parquet’s Java Library allows remote code execution
by
in SecurityNewsExperts warn of a critical vulnerability impacting Apache Parquet’s Java Library that could allow remote code execution. Apache Parquet’s Java Library is a software library for reading and writing Parquet files in the Java programming language. Parquet is a columnar storage file format that is optimized for use with large-scale data processing frameworks, such as…
-
Critical Apache Parquet Vulnerability Allows Remote Code Execution
by
in SecurityNewsA severe vulnerability has been identified in the Apache Parquet Java library, specifically within itsparquet-avromodule. This flaw, tracked as CVE-2025-30065, exposes systems to potential Remote Code Execution (RCE) attacks. It has been ratedCriticalwith a CVSS score of 10.0, indicating the highest level of severity. The root cause is categorized asDeserialization of Untrusted Data (CWE-502). The vulnerability impacts systems…
-
Chinese State Hackers Exploiting Newly Disclosed Ivanti Flaw
by
in SecurityNews
Tags: china, espionage, exploit, flaw, hacker, ivanti, mandiant, remote-code-execution, vulnerabilityMandiant warned that Chinese espionage actor UNC5221 is actively exploiting a critical Ivanti vulnerability, which can lead to remote code execution First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-state-hackers-ivanti-flaw/
-
Max severity RCE flaw discovered in widely used Apache Parquet
by
in SecurityNewsA maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and including 1.15.0. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/max-severity-rce-flaw-discovered-in-widely-used-apache-parquet/
-
China-linked group UNC5221 exploited Ivanti Connect Secure zero-day since mid-March
by
in SecurityNews
Tags: china, exploit, flaw, group, ivanti, remote-code-execution, threat, update, vulnerability, zero-dayIvanti addressed a critical remote code execution flaw in Connect Secure, which has been exploited since at least mid-March 2025. Ivanti released security updates to address a critical Connect Secure remote code execution vulnerability tracked as CVE-2025-22457. The vulnerability has been exploited by a China-linked threat actor since at least mid-March 2025. Ivanti did not disclose…
-
Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
by
in SecurityNewsA suspected Chinese APT group has exploited CVE-2025-22457 a buffer overflow bug that was previously thought not to be exploitable to compromise appliances … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/03/ivanti-vpn-customers-targeted-via-unrecognized-rce-vulnerability-cve-2025-22457/
-
Ivanti patches Connect Secure zero-day exploited since mid-March
by
in SecurityNews
Tags: china, espionage, exploit, ivanti, malware, remote-code-execution, update, vulnerability, zero-dayIvanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ivanti-patches-connect-secure-zero-day-exploited-since-mid-march/
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances
by
in SecurityNewsIvanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild exploits. The post Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances/
-
Google Quick Share Bug Bypasses Allow Zero-Click File Transfer
by
in SecurityNewsGoogle addresses patch bypasses for CVE-2024-38272 and CVE-2024-38271, part of the previously announced QuickShell silent RCE attack chain against Windows users. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/google-quick-share-bug-bypasses-zero-click-file-transfer
-
Google’s Quick Share for Windows Vulnerability Allows Remote Code Execution
by
in SecurityNews
Tags: cyber, cybersecurity, exploit, flaw, google, remote-code-execution, risk, vulnerability, windowsCybersecurity researchers from SafeBreach Labs have revealed new vulnerabilities in Google’s Quick Share file-transfer utility for Windows, including a critical flaw that allows attackers to execute code on targeted devices. The findings, disclosed this week, highlight risks in the widely used tool”, even after Google patched earlier issues reported in 2024. The QuickShell Exploit Chain…
-
An Update on QuickShell: Sharing Is Caring about an RCE Attack Chain on Quick Share
by
in SecurityNewsSee how a SafeBreach Labs researcher discovered a bypass for a fix to a critical vulnerability they previously reported in Google’s Quick Share data transfer utility. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/an-update-on-quickshell-sharing-is-caring-about-an-rce-attack-chain-on-quick-share/
-
Google Released Second Fix for Quick Share Flaws After Patch Bypass
by
in SecurityNewsGoogle’s patches for Quick Share for Windows vulnerabilities leading to remote code execution were incomplete and could be easily bypassed. The post Google Released Second Fix for Quick Share Flaws After Patch Bypass appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/google-released-second-fix-for-quick-share-flaws-after-patch-bypass/
-
Canon Printer Flaw Enables Remote Code Execution
by
in SecurityNewsCritical Vulnerability in Drivers Affects Multiple Canon Printers. The office printer could mete out more than ordinary frustration now that researchers discovered a vulnerability in drivers for Canon printer enabling attackers to execute arbitrary code. The flaw is an out-of-bounds vulnerability in Enhanced Metafile Recode processing. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/canon-printer-flaw-enables-remote-code-execution-a-27894
-
Kentico Xperience CMS XSS Vulnerability Allows Remote Code Execution
by
in SecurityNewsKentico Xperience CMS, a widely used platform designed for enterprises and organizations, is under scrutiny after a vulnerability chain was discovered that exploits Cross-Site Scripting (XSS) to enable Remote Code Execution (RCE). This vulnerability was disclosed by researchers who demonstrated its potential harm through a detailed proof of concept. CVE-2025-2748: Cross-Site Scripting Vulnerability According to…
-
Threat Actors Embed Malware in WordPress Sites to Enable Remote Code Execution
by
in SecurityNewsSecurity researchers have uncovered a new wave of cyberattacks targeting WordPress websites through the exploitation of the >>mu-plugins
-
Hewlett Packard RCE Vulnerability Allows Attackers to Bypass Authentication and Execute Remote Commands
by
in SecurityNewsA critical unauthenticated remote code execution (RCE) vulnerability in HPE Insight Cluster Management Utility (CMU) v8.2 allows attackers to bypass authentication and execute commands as root on high-performance computing (HPC) clusters, researchers revealed today. Tracked as CVE-2024-13804, the flaw exposes HPC environments to full cluster compromise through weaponized Java client applications. Technical Breakdown The vulnerability stems from…
-
Apache Tomcat Vulnerability Exploited to Execute Malicious Arbitrary Code on Servers
by
in SecurityNewsA critical remote code execution (RCE) vulnerability, tracked as CVE-2025-24813, is being actively exploited in Apache Tomcat servers. Critical RCE Flaw in Apache Tomcat The flaw allows attackers to upload malicious files via unauthenticated HTTP PUT requests, followed by a GET request to trigger deserialization, leading to arbitrary code execution. Affected versions include Tomcat 9.0.0-M1…
-
Splunk Patches Dozens of Vulnerabilities
by
in SecurityNewsSplunk patches high-severity remote code execution and information disclosure flaws in Splunk Enterprise and Secure Gateway App. The post Splunk Patches Dozens of Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/splunk-patches-dozens-of-vulnerabilities/
-
Kubernetes Ingress-nginx Remote Code Execution Vulnerability (CVE-2025-1974)
by
in SecurityNewsOverview Recently, NSFOCUS CERT detected that Kubernetes issued a security announcement and fixed the Kubernetes Ingress-nginx remote code execution vulnerability (CVE-2025-1974). The Ingress controller deployed in Kubernetes Pod can be accessed through the network without authentication. When the Admission webhook is open, an unauthenticated attacker can remotely inject any nginx configuration by sending a special…The…
-
PoC Exploit Released for Ingress-NGINX RCE Vulnerabilities
by
in SecurityNewsA recently disclosed vulnerability in Ingress-NGINX, tracked as CVE-2025-1974, has raised concerns about the security of Kubernetes environments. This vulnerability allows for Remote Code Execution (RCE) through the validating webhook server integrated into Ingress-NGINX. A Proof of Concept (PoC) exploit has been released, demonstrating how attackers could exploit this flaw. CVE-2025-1974 affects versions of Ingress-NGINX…
-
CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices
by
in SecurityNews
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The vulnerabilities are listed below -CVE-2019-9874 (CVSS score: 9.8) – A deserialization vulnerability in the Sitecore.Security.AntiCSRF First seen on thehackernews.com Jump to…