🚨 CVE-2025-11697
A local code execution security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts with Administrator privileges on system reboot.
🎖@cveNotify
A local code execution security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts with Administrator privileges on system reboot.
🎖@cveNotify
Rockwell Automation
SD1760 | Security Advisory | Rockwell Automation | US
Studio 5000 ® Simulation Interface - Multiple Vulnerabilities
🚨 CVE-2025-11862
A security issue was discovered within Verve Asset Manager allowing unauthorized read-only users to read, update, and delete users via the API.
🎖@cveNotify
A security issue was discovered within Verve Asset Manager allowing unauthorized read-only users to read, update, and delete users via the API.
🎖@cveNotify
Rockwell Automation
SD1759 | Security Advisory | Rockwell Automation | US
Verve Asset Manager Access Control Vulnerability
🚨 CVE-2025-12101
Cross-Site Scripting (XSS) in NetScaler ADC and NetScaler Gateway when the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
🎖@cveNotify
Cross-Site Scripting (XSS) in NetScaler ADC and NetScaler Gateway when the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
🎖@cveNotify
🚨 CVE-2025-9223
Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improper configuration in the execute program action feature.
🎖@cveNotify
Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improper configuration in the execute program action feature.
🎖@cveNotify
Manageengine
Security Updates - CVE Details - CVE-2025-9223 | ManageEngine Applications Manager
This page details security vulnerability fixes made in various releases of Applications Manager. This page lists the security updates and CVE details of CVE-2025-9223.
🚨 CVE-2025-9227
Zohocorp ManageEngine OpManager versions 128609 and below are vulnerable to Stored XSS Vulnerability in the SNMP trap processor.
🎖@cveNotify
Zohocorp ManageEngine OpManager versions 128609 and below are vulnerable to Stored XSS Vulnerability in the SNMP trap processor.
🎖@cveNotify
Manageengine
Security Updates - CVE-2025-9227| ManageEngine OpManager
🚨 CVE-2025-24085
A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.
🎖@cveNotify
A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.
🎖@cveNotify
Apple Support
About the security content of iOS 18.3 and iPadOS 18.3 - Apple Support
This document describes the security content of iOS 18.3 and iPadOS 18.3.
🚨 CVE-2025-24201
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).
🎖@cveNotify
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).
🎖@cveNotify
Apple Support
About the security content of iOS 18.3.2 and iPadOS 18.3.2 - Apple Support
This document describes the security content of iOS 18.3.2 and iPadOS 18.3.2.
🚨 CVE-2025-54115
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
🎖@cveNotify
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
🎖@cveNotify
🚨 CVE-2025-61984
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)
🎖@cveNotify
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)
🎖@cveNotify
🚨 CVE-2025-11622
Insecure deserialization in Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to escalate their privileges.
🎖@cveNotify
Insecure deserialization in Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to escalate their privileges.
🎖@cveNotify
Ivanti
Security Advisory Ivanti Endpoint Manager (EPM) October 2025
<div class="OutlineElement Ltr SCXW245559320 BCX0" style="margin: 0px;padding: 0px;user-select: text;clear: both;cursor: text;overflow: visible;direction: ltr;color: #000000;font-family: 'Segoe UI', 'Segoe UI Web', Arial, Verdana, sans-serif;font-size: 12px;white…
🚨 CVE-2025-9713
Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.
🎖@cveNotify
Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.
🎖@cveNotify
Ivanti
Security Advisory Ivanti Endpoint Manager (EPM) October 2025
<div class="OutlineElement Ltr SCXW245559320 BCX0" style="margin: 0px;padding: 0px;user-select: text;clear: both;cursor: text;overflow: visible;direction: ltr;color: #000000;font-family: 'Segoe UI', 'Segoe UI Web', Arial, Verdana, sans-serif;font-size: 12px;white…
🚨 CVE-2025-58726
Improper access control in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
🎖@cveNotify
Improper access control in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
🎖@cveNotify
🚨 CVE-2025-59287
Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
🎖@cveNotify
Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
🎖@cveNotify
🚨 CVE-2025-11748
The Groups plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.7.0 via the 'group_id' parameter of the group_join function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to register for groups other than ones set in the shortcode.
🎖@cveNotify
The Groups plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.7.0 via the 'group_id' parameter of the group_join function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to register for groups other than ones set in the shortcode.
🎖@cveNotify
🚨 CVE-2024-57695
An issue in Agnitum Outpost Security Suite 7.5.3 (3942.608.1810) and 7.6 (3984.693.1842) allows a local attacker to execute arbitrary code via the lock function. The manufacturer fixed the vulnerability in version 8.0 (4164.652.1856) from December 17, 2012.
🎖@cveNotify
An issue in Agnitum Outpost Security Suite 7.5.3 (3942.608.1810) and 7.6 (3984.693.1842) allows a local attacker to execute arbitrary code via the lock function. The manufacturer fixed the vulnerability in version 8.0 (4164.652.1856) from December 17, 2012.
🎖@cveNotify
Habr
Обход проактивной защиты Agnitum Outpost Security Suite в 2 строчки
Ранее я уже заявлял об этом и даже делился видео-демонстрацией, но не раскрывая подробности. К сожалению, Разработчик забил болт так и не отреагировал на моё письмо о проблеме (моё обращение было...
🚨 CVE-2025-11959
Files or Directories Accessible to External Parties, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Premierturk Information Technologies Inc. Excavation Management Information System allows Footprinting, Functionality Misuse.This issue affects Excavation Management Information System: before v.10.2025.01.
🎖@cveNotify
Files or Directories Accessible to External Parties, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Premierturk Information Technologies Inc. Excavation Management Information System allows Footprinting, Functionality Misuse.This issue affects Excavation Management Information System: before v.10.2025.01.
🎖@cveNotify
🚨 CVE-2021-33624
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.
🎖@cveNotify
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.
🎖@cveNotify
🚨 CVE-2025-6020
A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.
🎖@cveNotify
A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.
🎖@cveNotify
🚨 CVE-2025-9900
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file.
By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.
🎖@cveNotify
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file.
By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.
🎖@cveNotify
🚨 CVE-2025-10905
Collision in MiniFilter driver in Avast Software Avast Free Antivirus before 25.9 on Windows allows a local attacker with administrative privileges to disable real-time protection and self-defense mechanisms.
🎖@cveNotify
Collision in MiniFilter driver in Avast Software Avast Free Antivirus before 25.9 on Windows allows a local attacker with administrative privileges to disable real-time protection and self-defense mechanisms.
🎖@cveNotify
🚨 CVE-2025-10918
Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk
🎖@cveNotify
Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk
🎖@cveNotify
Ivanti
Security Advisory EPM November 2025 for EPM 2024
<div class="OutlineElement Ltr SCXW122583410 BCX0" style="margin: 0px;padding: 0px;user-select: text;clear: both;cursor: text;overflow: visible;direction: ltr;color: #000000;font-family: 'Segoe UI', 'Segoe UI Web', Arial, Verdana, sans-serif;font-size: 12px;white…