CVE-2025-5141 – Fortra Core Privileged Access Manager BoKS Server Agent Information Disclosure Vulnerability

June 17, 2025

CVE ID : CVE-2025-5141

Published : June 17, 2025, 8:15 p.m. | 15 minutes ago

Description : A binary in the BoKS Server Agent component of Fortra’s Core Privileged Access Manager (BoKS) on versions 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1) and also legacy tar installs of BoKS 7.2 without hotfix #0474 on Linux, AIX, and Solaris allows low privilege local users to dump data from the cache.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleMicrosoft’s New CLI Text Editor Works Great on Ubuntu

Next Article CVE-2025-49847 – LLama Buffer Overflow Vulnerability

Highlights

CVE-2025-49142 – Nautobot Jinja2 Templating Feature Privilege Escalation Vulnerability

June 10, 2025

CVE ID : CVE-2025-49142

Published : June 10, 2025, 4:15 p.m. | 34 minutes ago

Description : Nautobot is a Network Source of Truth and Network Automation Platform. All users of Nautobot versions prior to 2.4.10 or prior to 1.6.32 are potentially affected. Due to insufficient security configuration of the Jinja2 templating feature used in computed fields, custom links, etc. in Nautobot, a malicious user could configure this feature set in ways that could expose the value of Secrets defined in Nautobot when the templated content is rendered or that could call Python APIs to modify data within Nautobot when the templated content is rendered, bypassing the object permissions assigned to the viewing user. Nautobot versions 1.6.32 and 2.4.10 will include fixes for the vulnerability. The vulnerability can be partially mitigated by configuring object permissions appropriately to limit certain actions to only trusted users.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: An Echo In Here in here

How To Minimize The Environmental Impact Of Your Website

Progress adds AI coding assistance to Telerik and Kendo UI libraries

Wasm 3.0 standard is now officially complete

Development Release: Ubuntu 25.10 Beta

Development Release: Linux Mint 7 Beta “LMDE”

Distribution Release: Tails 7.0

Distribution Release: Security Onion 2.4.180

GenStudio for Performance Marketing: What’s New and What We’ve Learned

GenStudio for Performance Marketing: What’s New and What We’ve Learned

Agentic and Generative Commerce Can Elevate CX in B2B

AI Momentum and Perficient’s Inclusion in Analyst Reports – Highlights From 2025 So Far

Denmark’s Strategic Leap Replacing Microsoft Office 365 with LibreOffice for Digital Independence

Denmark’s Strategic Leap Replacing Microsoft Office 365 with LibreOffice for Digital Independence

Development Release: Ubuntu 25.10 Beta

Development Release: Linux Mint 7 Beta “LMDE”

CVE-2025-5141 – Fortra Core Privileged Access Manager BoKS Server Agent Information Disclosure Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments

I tried Google’s XR glasses and they already beat my Meta Ray-Bans in 3 ways

Classic WTF: NoeTimeToken

Minecraft’s “Chase the Skies” Update brings rideable Happy Ghasts and Other Changes – Know More Here

CVE-2025-49142 – Nautobot Jinja2 Templating Feature Privilege Escalation Vulnerability

Low-Code and No-Code Platforms: Revolutionizing Application Development

CVE-2025-20201 – Cisco IOS XE Software CLI Privilege Escalation Vulnerability

Stop One Drive Syncing Like This

CVE-2025-5141 – Fortra Core Privileged Access Manager BoKS Server Agent Information Disclosure Vulnerability

Related Posts