HelloTDS Unmasked: Covert Traffic System Funnels Millions to FakeCaptcha Malware!
A complex and evasive infrastructure dubbed HelloTDS is silently steering millions of internet users into the clutches of malware—particularly FakeCaptcha, a social engineering attack masquerading as …
Read more
Published Date:
Jun 13, 2025 (2 hours, 7 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2024-40766
High-Severity Flaw in HashiCorp Nomad (CVE-2025-4922) Allows Privilege Escalation
HashiCorp has disclosed a high-severity vulnerability in its workload orchestration tool, Nomad, which could allow attackers to escalate privileges by exploiting a flaw in the system’s Access Control …
Read more
Published Date:
Jun 13, 2025 (1 hour, 56 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-49146
CVE-2025-4922
Flaw in PostgreSQL JDBC Driver (CVE-2025-49146) Exposes Database Connections to MITM Attacks!
A recently disclosed vulnerability in the PostgreSQL JDBC Driver (PgJDBC) could allow attackers to intercept database connections even when security settings are configured to prevent such attacks. Tr …
Read more
Published Date:
Jun 13, 2025 (1 hour, 51 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-49146
CVE-2025-4922
CVE-2024-32888
CVE-2024-1597
CVE ID : CVE-2025-41233
Published : June 12, 2025, 10:15 p.m. | 3 hours, 47 minutes ago
Description : Description:
VMware AVI Load Balancer contains an authenticated blind SQL Injection vulnerability. VMware has evaluated the severity of the issue to be in the Moderate severity range https://www.broadcom.com/support/vmware-services/security-response with a maximum CVSSv3 base score of 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N .
Known Attack Vectors:
An authenticated malicious user with network access may be able to use specially crafted SQL queries to gain database access.
Resolution:
To remediate CVE-2025-41233 apply the patches to the Avi Controller listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.
Workarounds:
None.
Additional Documentation:
None.
Acknowledgements:
VMware would like to thank Alexandru Copaceanu https://www.linkedin.com/in/alexandru-copaceanu-b39aaa1a8/ for reporting this issue to us.
Notes:
None.
Response Matrix:
ProductVersionRunning OnCVECVSSv4SeverityFixed VersionWorkaroundsAdditional DocumentsVMware Avi Load Balancer30.1.1AnyCVE-2025-41233 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Moderate 30.1.2-2p3 https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/30-1/vmware-avi-load-balancer-release-notes/release-notes-30-1-2.html NoneNoneVMware Avi Load Balancer30.1.2AnyCVE-2025-41233 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Moderate 30.1.2-2p3 https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/30-1/vmware-avi-load-balancer-release-notes/release-notes-30-1-2.html NoneNoneVMware Avi Load Balancer30.2.1AnyCVE-2025-41233 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Moderate 30.2.1-2p6 https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/30-2/vmware-avi-load-balancer-release-notes/release-notes-for-avi-load-balancer-version-30-2-1.html NoneNoneVMware Avi Load Balancer30.2.2AnyCVE-2025-41233 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Moderate 30.2.2-2p5 https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/30-2/vmware-avi-load-balancer-release-notes/release-notes-for-avi-load-balancer-version-30-2-2.html NoneNoneVMware Avi Load Balancer30.2.3AnyCVE-2025-41233N/AN/AUnaffectedNoneNoneVMware Avi Load Balancer31.1.1AnyCVE-2025-41233 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Moderate 31.1.1-2p2 https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/31-1/vmware-avi-load-balancer-release-notes/Release-Note-Section-20627.html NoneNone
CWE-89 in the Avi Load Balancer component of VMware allows an authenticated attacker to execute blind SQL injections in versions 30.1.1, 30.1.2, 30.2.1, and 30.2.2 due to improper input validation, enabling unauthorized database access.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-41234
Published : June 12, 2025, 10:15 p.m. | 3 hours, 47 minutes ago
Description : Description
In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a reflected file download (RFD) attack when it sets a “Content-Disposition” header with a non-ASCII charset, where the filename attribute is derived from user-supplied input.
Specifically, an application is vulnerable when all the following are true:
* The header is prepared with org.springframework.http.ContentDisposition.
* The filename is set via ContentDisposition.Builder#filename(String, Charset).
* The value for the filename is derived from user-supplied input.
* The application does not sanitize the user-supplied input.
* The downloaded content of the response is injected with malicious commands by the attacker (see RFD paper reference for details).
An application is not vulnerable if any of the following is true:
* The application does not set a “Content-Disposition” response header.
* The header is not prepared with org.springframework.http.ContentDisposition.
* The filename is set via one of: * ContentDisposition.Builder#filename(String), or
* ContentDisposition.Builder#filename(String, ASCII)
* The filename is not derived from user-supplied input.
* The filename is derived from user-supplied input but sanitized by the application.
* The attacker cannot inject malicious content in the downloaded content of the response.
Affected Spring Products and VersionsSpring Framework:
* 6.2.0 – 6.2.7
* 6.1.0 – 6.1.20
* 6.0.5 – 6.0.28
* Older, unsupported versions are not affected
MitigationUsers of affected versions should upgrade to the corresponding fixed version.
Affected version(s)Fix versionAvailability6.2.x6.2.8OSS6.1.x6.1.21OSS6.0.x6.0.29 Commercial https://enterprise.spring.io/ No further mitigation steps are necessary.
CWE-113 in `Content-Disposition` handling in VMware Spring Framework versions 6.0.5 to 6.2.7 allows remote attackers to launch Reflected File Download (RFD) attacks via unsanitized user input in `ContentDisposition.Builder#filename(String, Charset)` with non-ASCII charsets.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4233
Published : June 12, 2025, 11:15 p.m. | 2 hours, 47 minutes ago
Description : An insufficient implementation of cache vulnerability in Palo Alto Networks Prisma® Access Browser enables users to bypass certain data control policies.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4228
Published : June 13, 2025, 12:15 a.m. | 1 hour, 47 minutes ago
Description : An incorrect privilege assignment vulnerability in Palo Alto Networks Cortex® XDR Broker VM allows an authenticated administrative user to execute certain files available within the Broker VM and escalate their privileges to root.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4230
Published : June 13, 2025, 12:15 a.m. | 1 hour, 47 minutes ago
Description : A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI.
The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.
Cloud NGFW and Prisma® Access are not affected by this vulnerability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4231
Published : June 13, 2025, 12:15 a.m. | 1 hour, 47 minutes ago
Description : A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user.
The attacker must have network access to the management web interface and successfully authenticate to exploit this issue.
Cloud NGFW and Prisma Access are not impacted by this vulnerability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4232
Published : June 13, 2025, 12:15 a.m. | 1 hour, 47 minutes ago
Description : An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to root.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Cybersecurity researchers have discovered a novel attack technique called TokenBreak that can be used to bypass a large language model’s…
The threat actors behind the VexTrio Viper Traffic Distribution Service (TDS) have been linked to other TDS services like Help…
Graphite spyware used in Apple iOS zero-click attacks on journalists
Forensic investigation has confirmed the use of Paragon’s Graphite spyware platform in zero-click attacks that targeted Apple iOS devices of at least two journalists in Europe.
Researchers at Citizen …
Read more
Published Date:
Jun 12, 2025 (4 hours, 26 minutes ago)
Vulnerabilities has been mentioned in this article.
Trend Micro fixes critical vulnerabilities in multiple products
Trend Micro has released security updates to address multiple critical-severity remote code execution and authentication bypass vulnerabilities that impact its Apex Central and Endpoint Encryption (TM …
Read more
Published Date:
Jun 12, 2025 (2 hours, 37 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE ID : CVE-2025-43863
Published : June 12, 2025, 6:15 p.m. | 3 hours, 46 minutes ago
Description : vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. If attacker gets access to an authenticated session, they can try to brute-force the user password by using the change password functionality: they can call that route infinitely which will return the message that password is wrong until it is correct. This vulnerability is fixed in 4.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-43866
Published : June 12, 2025, 6:15 p.m. | 3 hours, 46 minutes ago
Description : vantage6 is an open-source infrastructure for privacy preserving analysis. The JWT secret key in the vantage6 server is auto-generated unless defined by the user. The auto-generated key is a UUID1, which is not cryptographically secure as it is predictable to some extent. This vulnerability is fixed in 4.11.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-49081
Published : June 12, 2025, 6:15 p.m. | 3 hours, 46 minutes ago
Description : There is an insufficient input validation vulnerability in the warehouse
component of Absolute Secure Access prior to server version 13.55. Attackers
with system administrator permissions can impair the availability of the Secure
Access administrative UI by writing invalid data to the warehouse over the
network. The attack complexity is low, there are no attack requirements,
privileges required are high, and there is no user interaction required. There
is no impact on confidentiality or integrity; the impact on availability is
high.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-49576
Published : June 12, 2025, 7:15 p.m. | 2 hours, 46 minutes ago
Description : Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The citizen-search-noresults-title and citizen-search-noresults-desc system messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-49577
Published : June 12, 2025, 7:15 p.m. | 2 hours, 46 minutes ago
Description : Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various preferences messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-49578
Published : June 12, 2025, 7:15 p.m. | 2 hours, 46 minutes ago
Description : Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various date messages returned by `Language::userDate` are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…