Aggregator

A vulnerability has been found in h2oai h2o-3 up to 3.46.1 and classified as problematic. This vulnerability affects unknown code of the file /3/ImportFiles. The manipulation of the argument path leads to resource consumption. This vulnerability was named CVE-2024-7768. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in mintplex-labs anything-llm up to 1.6.4 on Windows. Affected is an unknown function. The manipulation leads to missing authentication. This vulnerability is traded as CVE-2024-8196. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in mintplex-labs anything-llm up to 1.2.1 and classified as problematic. Affected by this vulnerability is the function normalizePath. The manipulation leads to path traversal: '\..\filename'. This vulnerability is known as CVE-2024-8248. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in mintplex-labs anything-llm up to 1.3.0. Affected by this vulnerability is an unknown functionality of the component Audio File Handler. The manipulation leads to resource consumption. This vulnerability is known as CVE-2024-7771. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in langgenius dify. This issue affects some unknown processing of the component SVG Markdown Support. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-11850. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Twitter Follow Button Plugin up to 0.2 on WordPress. Affected is an unknown function. The manipulation of the argument Username leads to cross site scripting. This vulnerability is traded as CVE-2024-10116. It is possible to launch the attack remotely. There is no exploit available.

The cybersecurity landscape has experienced a dramatic shift as ransomware operators increasingly target Linux and VMware environments, abandoning their traditional focus on Windows systems. Recent threat intelligence indicates that criminal groups are developing sophisticated, Linux-native ransomware specifically engineered to exploit the unique vulnerabilities of enterprise virtualization platforms and cloud infrastructures. This strategic pivot represents a […]

The post Ransomware Gangs Actively Expanding to Attack VMware and Linux Systems appeared first on Cyber Security News.

Fake Telegram apps are being spread through 607 malicious domains to deliver Android malware, using blog-style pages and phishing tactics to trick users.

Oracle addresses 165 CVEs in its third quarterly update of 2025 with 309 patches, including nine critical updates.

Background

On July 15, Oracle released its Critical Patch Update (CPU) for July 2025, the third quarterly update of the year. This CPU contains fixes for 165 unique CVEs in 309 security updates across 28 Oracle product families. Out of the 309 security updates published this quarter, 2.9% of patches were assigned a critical severity. High severity patches accounted for the bulk of security patches at 46.6%, followed by medium severity patches at 43.7%.

This quarter’s update includes nine critical patches across five CVEs.

SeverityIssues PatchedCVEsCritical95High14459Medium13591Low2110Total309165Analysis

This quarter, the Oracle REST Data Services product family contained the highest number of patches at 84, accounting for 27.2% of the total patches, followed by Oracle Hospitality Applications at 40 patches, which accounted for 12.9% of the total patches.

A full breakdown of the patches for this quarter can be seen in the following table, which also includes a count of vulnerabilities that can be exploited over a network without authentication.

Oracle Product FamilyNumber of PatchesRemote Exploit without AuthOracle REST Data Services8450Oracle Hospitality Applications403Oracle Communications3622Oracle NoSQL Database291Oracle Communications Applications1813Oracle Analytics1110Oracle Insurance Applications118Oracle TimesTen In-Memory Database93Oracle JD Edwards88Oracle Hyperion73Oracle PeopleSoft70Oracle Database Server60Oracle Java SE65Oracle MySQL65Oracle Blockchain Platform52Oracle Construction and Engineering52Oracle Financial Services Applications41Oracle E-Business Suite32Oracle Fusion Middleware32Oracle Spatial Studio20Oracle HealthCare Applications20Oracle Application Express10Oracle Autonomous Health Framework11Oracle Essbase11Oracle GoldenGate11Oracle Graph Server and Client11Oracle Commerce10Oracle Enterprise Manager11Solution

Customers are advised to apply all relevant patches in this quarter’s CPU. Please refer to the July 2025 advisory for full details.

Identifying affected systems

A list of Tenable plugins to identify these vulnerabilities will appear here as they’re released. This link uses a search filter to ensure that all matching plugin coverage will appear as it is released.

Get more information

• Oracle Critical Patch Update Advisory - July 2025
• Oracle July 2025 Critical Patch Update Risk Matrices
• Oracle Advisory to CVE Map

Join Tenable's Research Special Operations (RSO) Team on the Tenable Community.
Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

A vulnerability classified as critical was found in vim up to 9.1.1551. This vulnerability affects unknown code of the component Tar Handler. The manipulation leads to path traversal. This vulnerability was named CVE-2025-53905. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in GitHub Enterprise Server up to 3.14.14/3.15.9/3.16.5/3.17.2. This affects an unknown part of the component Contractors API Feature. The manipulation leads to incorrect authorization. This vulnerability is uniquely identified as CVE-2025-6981. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in RVC-Boss GPT-SoVITS up to 20250228v3. It has been rated as critical. Affected by this issue is the function load_sovits_new of the file process_ckpt.py. The manipulation of the argument SoVITS_dropdown leads to deserialization. This vulnerability is handled as CVE-2025-49841. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in RVC-Boss GPT-SoVITS up to 20250228v3. It has been declared as critical. Affected by this vulnerability is the function change_gpt_weights of the file inference_webui.py. The manipulation of the argument GPT_dropdown leads to deserialization. This vulnerability is known as CVE-2025-49840. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Oracle Java SE and GraalVM Enterprise Edition. It has been classified as critical. Affected is an unknown function of the component Scripting. The manipulation leads to Remote Code Execution. This vulnerability is traded as CVE-2025-30761. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in RVC-Boss GPT-SoVITS up to 20250228v3 and classified as critical. This issue affects the function uvr of the file vr.py. The manipulation of the argument model_choose leads to deserialization. The identification of this vulnerability is CVE-2025-49838. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in RVC-Boss GPT-SoVITS up to 20250228v3 and classified as critical. This vulnerability affects the function uvr of the file vr.py. The manipulation of the argument model_choose leads to deserialization. This vulnerability was named CVE-2025-49837. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in RVC-Boss GPT-SoVITS up to 20250228v3. Affected by this issue is the function uvr of the file bsroformer.py. The manipulation of the argument model_choose leads to deserialization. This vulnerability is handled as CVE-2025-49839. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in RVC-Boss GPT-SoVITS up to 20250228v3. This affects the function change_label of the file webui.py. The manipulation leads to command injection. This vulnerability is uniquely identified as CVE-2025-49836. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in RVC-Boss GPT-SoVITS up to 20250228v3. Affected by this vulnerability is the function open_asr of the file webui.py. The manipulation leads to command injection. This vulnerability is known as CVE-2025-49835. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in RVC-Boss GPT-SoVITS up to 20250228v3. Affected is the function open_denoise of the file webui.py. The manipulation leads to command injection. This vulnerability is traded as CVE-2025-49834. It is possible to launch the attack remotely. There is no exploit available.