ddotlp is a simple service that automatically saves energy by switching your Linux laptop between high-performance and power-saving modes The…
Traditional AI coding assistants typically operate in isolation, limited to the code in your current workspace. Now with the introduction…
fnt is a tool to download and install fonts. It helps you to download vector fonts from Debian side, and…
Cl0p cybercrime gang’s data exfiltration tool found vulnerable to RCE attacks
Security experts have uncovered a hole in Cl0p’s data exfiltration tool that could potentially leave the cybercrime group vulnerable to attack.
The vulnerability in the Python-based software, which wa …
Read more
Published Date:
Jul 02, 2025 (5 hours, 11 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2023-36934
CVE-2023-34362
YONO SBI Banking App Vulnerability Let Attackers Execute a Man-in-the-Middle Attack
A significant security flaw has been identified in the popular YONO SBI banking application that could potentially expose millions of users to cybersecurity threats.
The vulnerability, designated as C …
Read more
Published Date:
Jul 02, 2025 (3 hours, 18 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-45080
Chinese Houken Hackers Exploiting Ivanti CSA Zero-Days to Deploy Linux Rootkits
A sophisticated Chinese threat group identified as Houken has been exploiting multiple zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) devices to deploy advanced Linux rootkits and es …
Read more
Published Date:
Jul 02, 2025 (2 hours, 18 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2024-9380
CVE-2024-8963
CVE-2024-8190
Franse overheid beschrijft aanvallen op organisaties via Ivanti-lekken
Franse organisaties, waaronder overheidsinstanties, defensiebedrijven en telecombedrijven, zijn eind vorig jaar aangevallen via kwetsbaarheden in Ivanti Cloud Service Appliance (CSA). Op het moment va …
Read more
Published Date:
Jul 02, 2025 (1 hour, 30 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2024-9380
CVE-2024-8963
CVE-2024-8190
CISA Warns of TeleMessage TM SGNL Vulnerabilities Exploited in Attacks
CISA has issued an urgent warning regarding two critical vulnerabilities in TeleMessage TM SGNL that threat actors are currently exploiting in active attack campaigns.
The vulnerabilities, tracked as …
Read more
Published Date:
Jul 02, 2025 (1 hour, 13 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-48928
CVE-2025-48927
CVE ID : CVE-2025-45006
Published : July 1, 2025, 8:15 p.m. | 18 hours, 46 minutes ago
Description : Improper mstatus.SUM bit retention (non-zero) in Open-Source RISC-V Processor commit f517abb violates privileged spec constraints, enabling potential physical memory access attacks.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2024-35164
Published : July 2, 2025, 12:15 p.m. | 3 hours, 1 minute ago
Description : The terminal emulator of Apache Guacamole 1.5.5 and older does not properly validate console codes received from servers via text-based protocols like SSH. If a malicious user has access to a text-based connection, a specially-crafted sequence of console codes could allow arbitrary code to be executed
with the privileges of the running guacd process.
Users are recommended to upgrade to version 1.6.0, which fixes this issue.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-46647
Published : July 2, 2025, 12:15 p.m. | 3 hours ago
Description : A vulnerability of plugin openid-connect in Apache APISIX.
This vulnerability will only have an impact if all of the following conditions are met:
1. Use the openid-connect plugin with introspection mode
2. The auth service connected to openid-connect provides services to multiple issuers
3. Multiple issuers share the same private key and relies only on the issuer being different
If affected by this vulnerability, it would allow an attacker with a valid account on one of the issuers to log into the other issuer.
This issue affects Apache APISIX: until 3.12.0.
Users are recommended to upgrade to version 3.12.0 or higher.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-27026
Published : July 2, 2025, 2:15 p.m. | 1 hour, 1 minute ago
Description : A missing double-check feature in the WebGUI for CLI deactivation in Infinera G42
version R6.1.3 allows an authenticated administrator to make other
management interfaces unavailable via local and network interfaces. The CLI deactivation via the WebGUI does not only stop CLI interface but deactivates also Linux Shell, WebGUI and Physical Serial Console access. No
confirmation is asked at deactivation time. Loosing access to these services device administrators are at risk of completely loosing device control.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-34057
Published : July 2, 2025, 2:15 p.m. | 1 hour, 1 minute ago
Description : An information disclosure vulnerability exists in Ruijie NBR series routers (known to affect NBR2000G, NBR1300G, and NBR1000 models) via the /WEB_VMS/LEVEL15/ endpoint. By crafting a specific POST request with modified Cookie headers and specially formatted parameters, an unauthenticated attacker can retrieve administrative account credentials in plaintext. This flaw allows direct disclosure of sensitive user data due to improper authentication checks and insecure backend logic.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-34067
Published : July 2, 2025, 2:15 p.m. | 1 hour, 1 minute ago
Description : An unauthenticated remote command execution vulnerability exists in the applyCT component of the Hikvision Integrated Security Management Platform due to the use of a vulnerable version of the Fastjson library. The endpoint /bic/ssoService/v1/applyCT deserializes untrusted user input, allowing an attacker to trigger Fastjson’s auto-type feature to load arbitrary Java classes. By referencing a malicious class via an LDAP URL, an attacker can achieve remote code execution on the underlying system.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-34069
Published : July 2, 2025, 2:15 p.m. | 1 hour, 1 minute ago
Description : An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default proxy configuration and weak access control in the GFIAgent service. The non-transparent proxy on TCP port 3128 can be used to forward unauthenticated requests to internal services such as GFIAgent, bypassing firewall restrictions and exposing internal management endpoints. This enables unauthenticated attackers to access the GFIAgent service on ports 7995 and 7996, retrieve the appliance UUID, and issue administrative requests via the proxy. Exploitation results in full administrative access to the Kerio Control appliance.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-34070
Published : July 2, 2025, 2:15 p.m. | 1 hour, 1 minute ago
Description : A missing authentication vulnerability in the GFIAgent component of GFI Kerio Control 9.4.5 allows unauthenticated remote attackers to perform privileged operations. The GFIAgent service, responsible for integration with GFI AppManager, exposes HTTP services on ports 7995 and 7996 without proper authentication. The /proxy handler on port 7996 allows arbitrary forwarding to administrative endpoints when provided with an Appliance UUID, which itself can be retrieved from port 7995. This results in a complete authentication bypass, permitting access to sensitive administrative APIs.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-34071
Published : July 2, 2025, 2:15 p.m. | 1 hour, 1 minute ago
Description : A remote code execution vulnerability in GFI Kerio Control 9.4.5 allows attackers with administrative access to upload and execute arbitrary code through the firmware upgrade feature. The system upgrade mechanism accepts unsigned .img files, which can be modified to include malicious scripts within the upgrade.sh or disk image components. These modified upgrade images are not validated for authenticity or integrity, and are executed by the system post-upload, enabling root access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-34072
Published : July 2, 2025, 2:15 p.m. | 1 hour, 1 minute ago
Description : A data exfiltration vulnerability exists in Anthropic’s deprecated Slack Model Context Protocol (MCP) Server via automatic link unfurling. When an AI agent using the Slack MCP Server processes untrusted data, it can be manipulated to generate messages containing attacker-crafted hyperlinks embedding sensitive data. Slack’s link preview bots (e.g., Slack-LinkExpanding, Slackbot, Slack-ImgProxy) will then issue outbound requests to the attacker-controlled URL, resulting in zero-click exfiltration of private data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-34073
Published : July 2, 2025, 2:15 p.m. | 1 hour, 1 minute ago
Description : An unauthenticated command injection vulnerability exists in stamparm/maltrail (Maltrail) versions
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-45029
Published : July 2, 2025, 2:15 p.m. | 1 hour, 1 minute ago
Description : WINSTAR WN572HP3 v230525 was discovered to contain a heap overflow via the CONTENT_LENGTH variable at /cgi-bin/upload.cgi.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…