Aggregator

CVE-2025-43563 | Adobe ColdFusion up to 2021.19/2023.13/2025.1 access control (apsb25-52)

VulDB Recent Entries
2 months 2 weeks ago
A vulnerability has been found in Adobe ColdFusion up to 2021.19/2023.13/2025.1 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper access controls. This vulnerability is known as CVE-2025-43563. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-23233 | Intel Edge Orchestrator Software incorrect execution-assigned permissions (intel-sa-01239)

VulDB Recent Entries
2 months 2 weeks ago
A vulnerability, which was classified as problematic, was found in Intel Edge Orchestrator Software. Affected is an unknown function. The manipulation leads to incorrect execution-assigned permissions. This vulnerability is traded as CVE-2025-23233. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-22848 | Intel Edge Orchestrator Software unusual condition (intel-sa-01239)

VulDB Recent Entries
2 months 2 weeks ago
A vulnerability, which was classified as problematic, has been found in Intel Edge Orchestrator Software. This issue affects some unknown processing. The manipulation leads to improper check for unusual conditions. The identification of this vulnerability is CVE-2025-22848. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-22446 | Intel Edge Orchestrator Software inadequate encryption (intel-sa-01239)

VulDB Recent Entries
2 months 2 weeks ago
A vulnerability classified as problematic was found in Intel Edge Orchestrator Software. This vulnerability affects unknown code. The manipulation leads to inadequate encryption strength. This vulnerability was named CVE-2025-22446. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-20612 | Intel Edge Orchestrator Software incorrect execution-assigned permissions (intel-sa-01239)

VulDB Recent Entries
2 months 2 weeks ago
A vulnerability classified as problematic has been found in Intel Edge Orchestrator Software. This affects an unknown part. The manipulation leads to incorrect execution-assigned permissions. This vulnerability is uniquely identified as CVE-2025-20612. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-20062 | Intel PROSet Wireless WiFi Software 21.10/21.40 on Windows use after free (intel-sa-01270)

VulDB Recent Entries
2 months 2 weeks ago
A vulnerability was found in Intel PROSet Wireless WiFi Software 21.10/21.40 on Windows. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to use after free. This vulnerability is handled as CVE-2025-20062. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-20076 | Intel Edge Orchestrator access control (intel-sa-01239)

VulDB Recent Entries
2 months 2 weeks ago
A vulnerability was found in Intel Edge Orchestrator. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper access controls. This vulnerability is known as CVE-2025-20076. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-3623 | Uncanny Owl Uncanny Automator Plugin up to 6.4.0.1 on WordPress automator_api_decode_message deserialization

VulDB Recent Entries
2 months 2 weeks ago
A vulnerability was found in Uncanny Owl Uncanny Automator Plugin up to 6.4.0.1 on WordPress. It has been classified as problematic. Affected is the function automator_api_decode_message. The manipulation leads to deserialization. This vulnerability is traded as CVE-2025-3623. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-20046 | Intel PROSet Wireless WiFi Software 21.10/21.40 on Windows use after free (intel-sa-01270)

VulDB Recent Entries
2 months 2 weeks ago
A vulnerability was found in Intel PROSet Wireless WiFi Software 21.10/21.40 on Windows and classified as critical. This issue affects some unknown processing. The manipulation leads to use after free. The identification of this vulnerability is CVE-2025-20046. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

European Vulnerability Database goes live, but who benefits?

Help Net Security
2 months 2 weeks ago

The European Union Agency for Cybersecurity (ENISA) has unveiled the European Vulnerability Database (EUVD), an initiative under the NIS2 Directive aimed at enhancing digital security across the EU. The database serves as a centralized repository offering aggregated and actionable information on cybersecurity vulnerabilities affecting ICT products and services. European Vulnerability Database: Features and accessibility The EUVD is designed to ensure a high level of interconnection of publicly available information from multiple sources, including Computer Security … More →

The post European Vulnerability Database goes live, but who benefits? appeared first on Help Net Security.

Mirko Zorz

CVE-2001-0688 | Transsoft Broker FTP Server up to 5.9.5.0 Command CD/CWD denial of service (EDB-20910 / XFDB-6673)

Vuldb Updates
2 months 2 weeks ago
A vulnerability was found in Transsoft Broker FTP Server up to 5.9.5.0. It has been classified as problematic. This affects an unknown part of the component Command Handler. The manipulation of the argument CD/CWD leads to denial of service. This vulnerability is uniquely identified as CVE-2001-0688. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.
vuldb.com

CVE-2025-33072 | Microsoft msagsfeedback.azurewebsites.net access control (EUVD-2025-14051)

Vuldb Updates
2 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in Microsoft msagsfeedback.azurewebsites.net. This issue affects some unknown processing. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2025-33072. The attack may be initiated remotely. There is no exploit available. This product is a managed service. It is not possible for users to maintain vulnerability countermeasures themselves.
vuldb.com

CVE-2025-26677 | Microsoft Windows Remote Desktop Gateway resource consumption (EUVD-2025-14438)

Vuldb Updates
2 months 2 weeks ago
A vulnerability was found in Microsoft Windows Server 2016/Server 2019/Server 2022/Server 2022 23H2/Server 2025 and classified as critical. This issue affects some unknown processing of the component Remote Desktop Gateway. The manipulation leads to resource consumption. The identification of this vulnerability is CVE-2025-26677. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2025-27488 | Microsoft Windows up to HLK Version 1809 Hardware Lab Kit hard-coded credentials (EUVD-2025-14437)

Vuldb Updates
2 months 2 weeks ago
A vulnerability classified as critical has been found in Microsoft Windows. This affects an unknown part of the component Hardware Lab Kit. The manipulation leads to hard-coded credentials. This vulnerability is uniquely identified as CVE-2025-27488. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2025-29837 | Microsoft Windows up to Server 2025 Installer link following (EUVD-2025-14428)

Vuldb Updates
2 months 2 weeks ago
A vulnerability classified as problematic has been found in Microsoft Windows. Affected is an unknown function of the component Installer. The manipulation leads to link following. This vulnerability is traded as CVE-2025-29837. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

Ransomware spreads faster, not smarter

Help Net Security
2 months 2 weeks ago

The fall of two of the most dominant ransomware syndicates, LockBit and AlphV, triggered a power vacuum across the cybercriminal landscape, acccording to a Black Kite survey. In their place, dozens of new actors emerged, many of them lacking the infrastructure, discipline, or credibility of their predecessors. The result was a surge in attack volume, a decline in coordination, and growing unpredictability in how, where, and why attacks occur. Ransomware landscape shift The number of … More →

The post Ransomware spreads faster, not smarter appeared first on Help Net Security.

Help Net Security

Cloudflare2024年缓解DDoS攻击数量创纪录

嘶吼
2 months 2 weeks ago

互联网服务巨头Cloudflare表示,其在2024年缓解了创纪录数量的DDoS攻击,同比大幅增长358%,环比增长198%。

这些数据来自Cloudflare的2025年第一季度DDoS报告,该公司表示,它在2024年共缓解了2130万次DDoS攻击。

然而,对于在线实体和公司来说,2025年似乎是一个更大的问题,Cloudflare仅在2025年第一季度就应对了2050万次DDoS攻击。

这些攻击包括Cloudflare本身,其基础设施在18天的多向量攻击中直接成为660万次攻击的目标。

针对Cloudflare网络的攻击

Cloudflare解释说:“在2050万次DDoS攻击中,1680万次是网络层DDoS攻击,其中660万次是直接针对Cloudflare的网络基础设施。”这些攻击是为期18天的多向量DDoS攻击的一部分,包括SYN洪水攻击,mirai生成的DDoS攻击,SSDP放大攻击等等。

这一增长的最大推动力是网络层攻击,近几个月来增长最为迅猛,同比增长509%。

DDoS攻击总次数

与此同时,超容量攻击的趋势有增无减,Cloudflare记录了超过700次攻击,这些攻击的带宽超过1tbps(太比特每秒)或数据包速率超过每秒10亿个数据包。在今年第一季度,属于这些类别的超容量攻击平均每天发生8次,总数比上一季度翻了一番。

Cloudflare表示,他们在2025年第一季度确定了两种新兴威胁,即无连接轻量级目录访问协议(CLDAP)和封装安全有效载荷(ESP)反射/放大攻击。

CLDAP攻击环比增长了3488%,表现为使用UDP而不是TCP的LDAP变体,后者更快,但可靠性较差。CLDAP中的UDP不需要握手,允许IP欺骗,攻击者通过伪造源IP地址来将大量流量反映到他们的目标。

ESP攻击的季度增长率为2301%,可能是由于配置错误或暴露系统存在漏洞。

观察到的2025年第一季度攻击趋势

游戏服务器遭攻击

Cloudflare报告中强调的一次攻击发生在2025年第一季度,涉及一家美国托管提供商,该提供商为《反恐精英GO》、《军团要塞2》和《半条命2:死亡竞赛》的多人游戏服务器提供服务。

这次攻击分多波进行,目标是27015端口,该端口以在游戏中使用而闻名,并规定它对UDP和TCP都是开放的,所以目标显然是破坏游戏服务。

这次攻击是“超大容量”的,达到每秒15亿个数据包,不过Cloudflare说攻击仍在缓解。

游戏服务器是DDoS攻击的热门目标,因为这种中断可能对发行商和整个玩家社区造成极大的破坏和影响。

即将破纪录的DDoS披露

该公司首席执行官Matthew Prince上周晚些时候宣布,他们已经缓解了创纪录的分布式拒绝服务(DDoS)攻击,峰值为5.8 Tbps,持续了大约45秒。

此前的记录也是由Cloudflare报告的,是由1.3万台设备组成的基于mirai的僵尸网络发起的5.6 Tbps的DDoS攻击。

胡金鱼

Managed ad