🚨 CVE-2025-41102
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in '/events/save'.
🎖@cveNotify
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in '/events/save'.
🎖@cveNotify
www.incibe.es
Multiple vulnerabilities in Fairsketch's RISE CRM Framework
INCIBE has coordinated the publication of 6 medium-severity vulnerabilities that affect Fairsketch's R
🚨 CVE-2024-25420
An issue in Ignite Realtime Openfire before 4.8.1 allows a remote attacker to escalate privileges via the admin.authorizedJIDs system property component.
🎖@cveNotify
An issue in Ignite Realtime Openfire before 4.8.1 allows a remote attacker to escalate privileges via the admin.authorizedJIDs system property component.
🎖@cveNotify
GitHub
Openfire/xmppserver/src/main/java/org/jivesoftware/openfire/admin/AdminManager.java at main · igniterealtime/Openfire
An XMPP server licensed under the Open Source Apache License. - igniterealtime/Openfire
🚨 CVE-2025-9566
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file.
Binary-Affected: podman
Upstream-version-introduced: v4.0.0
Upstream-version-fixed: v5.6.1
🎖@cveNotify
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file.
Binary-Affected: podman
Upstream-version-introduced: v4.0.0
Upstream-version-fixed: v5.6.1
🎖@cveNotify
🚨 CVE-2025-11084
A security issue exists within DataMosaix™ Private Cloud, allowing attackers to bypass MFA during setup and obtain a valid login-token cookie without knowing the users password. This vulnerability occurs when MFA is enabled but not completed within a 7-day period.
🎖@cveNotify
A security issue exists within DataMosaix™ Private Cloud, allowing attackers to bypass MFA during setup and obtain a valid login-token cookie without knowing the users password. This vulnerability occurs when MFA is enabled but not completed within a 7-day period.
🎖@cveNotify
Rockwell Automation
SD1758 | Security Advisory | Rockwell Automation | US
FactoryTalk® DataMosaix™ Private Cloud – Multiple Vulnerabilities
🚨 CVE-2025-11085
A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website.
🎖@cveNotify
A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website.
🎖@cveNotify
Rockwell Automation
SD1758 | Security Advisory | Rockwell Automation | US
FactoryTalk® DataMosaix™ Private Cloud – Multiple Vulnerabilities
🚨 CVE-2025-11696
A local server-side request forgery (SSRF) security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes.
🎖@cveNotify
A local server-side request forgery (SSRF) security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes.
🎖@cveNotify
Rockwell Automation
SD1760 | Security Advisory | Rockwell Automation | US
Studio 5000 ® Simulation Interface - Multiple Vulnerabilities
🚨 CVE-2025-11697
A local code execution security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts with Administrator privileges on system reboot.
🎖@cveNotify
A local code execution security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts with Administrator privileges on system reboot.
🎖@cveNotify
Rockwell Automation
SD1760 | Security Advisory | Rockwell Automation | US
Studio 5000 ® Simulation Interface - Multiple Vulnerabilities
🚨 CVE-2025-11862
A security issue was discovered within Verve Asset Manager allowing unauthorized read-only users to read, update, and delete users via the API.
🎖@cveNotify
A security issue was discovered within Verve Asset Manager allowing unauthorized read-only users to read, update, and delete users via the API.
🎖@cveNotify
Rockwell Automation
SD1759 | Security Advisory | Rockwell Automation | US
Verve Asset Manager Access Control Vulnerability
🚨 CVE-2025-12101
Cross-Site Scripting (XSS) in NetScaler ADC and NetScaler Gateway when the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
🎖@cveNotify
Cross-Site Scripting (XSS) in NetScaler ADC and NetScaler Gateway when the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
🎖@cveNotify
🚨 CVE-2025-9223
Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improper configuration in the execute program action feature.
🎖@cveNotify
Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improper configuration in the execute program action feature.
🎖@cveNotify
Manageengine
Security Updates - CVE Details - CVE-2025-9223 | ManageEngine Applications Manager
This page details security vulnerability fixes made in various releases of Applications Manager. This page lists the security updates and CVE details of CVE-2025-9223.
🚨 CVE-2025-9227
Zohocorp ManageEngine OpManager versions 128609 and below are vulnerable to Stored XSS Vulnerability in the SNMP trap processor.
🎖@cveNotify
Zohocorp ManageEngine OpManager versions 128609 and below are vulnerable to Stored XSS Vulnerability in the SNMP trap processor.
🎖@cveNotify
Manageengine
Security Updates - CVE-2025-9227| ManageEngine OpManager
🚨 CVE-2025-24085
A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.
🎖@cveNotify
A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.
🎖@cveNotify
Apple Support
About the security content of iOS 18.3 and iPadOS 18.3 - Apple Support
This document describes the security content of iOS 18.3 and iPadOS 18.3.
🚨 CVE-2025-24201
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).
🎖@cveNotify
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).
🎖@cveNotify
Apple Support
About the security content of iOS 18.3.2 and iPadOS 18.3.2 - Apple Support
This document describes the security content of iOS 18.3.2 and iPadOS 18.3.2.
🚨 CVE-2025-54115
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
🎖@cveNotify
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
🎖@cveNotify
🚨 CVE-2025-61984
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)
🎖@cveNotify
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)
🎖@cveNotify
🚨 CVE-2025-11622
Insecure deserialization in Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to escalate their privileges.
🎖@cveNotify
Insecure deserialization in Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to escalate their privileges.
🎖@cveNotify
Ivanti
Security Advisory Ivanti Endpoint Manager (EPM) October 2025
<div class="OutlineElement Ltr SCXW245559320 BCX0" style="margin: 0px;padding: 0px;user-select: text;clear: both;cursor: text;overflow: visible;direction: ltr;color: #000000;font-family: 'Segoe UI', 'Segoe UI Web', Arial, Verdana, sans-serif;font-size: 12px;white…
🚨 CVE-2025-9713
Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.
🎖@cveNotify
Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.
🎖@cveNotify
Ivanti
Security Advisory Ivanti Endpoint Manager (EPM) October 2025
<div class="OutlineElement Ltr SCXW245559320 BCX0" style="margin: 0px;padding: 0px;user-select: text;clear: both;cursor: text;overflow: visible;direction: ltr;color: #000000;font-family: 'Segoe UI', 'Segoe UI Web', Arial, Verdana, sans-serif;font-size: 12px;white…
🚨 CVE-2025-58726
Improper access control in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
🎖@cveNotify
Improper access control in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
🎖@cveNotify
🚨 CVE-2025-59287
Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
🎖@cveNotify
Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
🎖@cveNotify
🚨 CVE-2025-11748
The Groups plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.7.0 via the 'group_id' parameter of the group_join function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to register for groups other than ones set in the shortcode.
🎖@cveNotify
The Groups plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.7.0 via the 'group_id' parameter of the group_join function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to register for groups other than ones set in the shortcode.
🎖@cveNotify
🚨 CVE-2024-57695
An issue in Agnitum Outpost Security Suite 7.5.3 (3942.608.1810) and 7.6 (3984.693.1842) allows a local attacker to execute arbitrary code via the lock function. The manufacturer fixed the vulnerability in version 8.0 (4164.652.1856) from December 17, 2012.
🎖@cveNotify
An issue in Agnitum Outpost Security Suite 7.5.3 (3942.608.1810) and 7.6 (3984.693.1842) allows a local attacker to execute arbitrary code via the lock function. The manufacturer fixed the vulnerability in version 8.0 (4164.652.1856) from December 17, 2012.
🎖@cveNotify
Habr
Обход проактивной защиты Agnitum Outpost Security Suite в 2 строчки
Ранее я уже заявлял об этом и даже делился видео-демонстрацией, но не раскрывая подробности. К сожалению, Разработчик забил болт так и не отреагировал на моё письмо о проблеме (моё обращение было...