Aggregator
CVE-2023-50192 | Trimble SketchUp Viewer SKP File Parser use after free (ZDI-23-1842)
CVE-2023-50191 | Trimble SketchUp Viewer SKP File Parser use after free (ZDI-23-1841)
CVE-2024-11283 | WP JobHunt Plugin up to 7.1 on WordPress authentication bypass by alternate name
CVE-2024-11285 | WP JobHunt Plugin up to 7.1 on WordPress Setting account_settings_callback authorization
CVE-2024-11286 | WP JobHunt Plugin up to 7.1 on WordPress cs_parse_request authentication bypass
CVE-2024-11284 | WP JobHunt Plugin up to 7.1 on WordPress Setting account_settings_save_callback authorization
CVE-2025-3221 | IBM InfoSphere Information Server up to 11.7.1.6 allocation of resources (EUVD-2025-18811 / Nessus ID 240743)
CVE-2025-33070 | Microsoft Windows up to Server 2025 Netlogon uninitialized resource (EUVD-2025-17738)
CVE-2025-33071 | Microsoft Windows Server 2012 up to Server 2022 23H2 KDC Proxy Service use after free (EUVD-2025-17772)
CVE-2025-1785 | codename065 Download Manager Plugin up to 3.3.08 on WordPress wpdm_newfile path traversal
Oligo Security strives to fill application-layer gaps in MITRE ATT&CK framework
Application Attack Matrix is a community effort designed to help defenders and organizations better understand and define how attackers use and exploit weaknesses in applications.
The post Oligo Security strives to fill application-layer gaps in MITRE ATT&CK framework appeared first on CyberScoop.
Eichelsheim: “Stabiliteit in het Midden-Oosten belangrijk voor Europa”
New Bert Ransomware Evolves With Multiple Variants
An emerging ransomware group that calls itself Bert is quickly evolving after hitting the cybercrime scene in April, targeting both Windows and Linux systems used by organizations in the health care, tech, and other industries in the United States, Europe, and Asia. It may be a Russian group whose malware evolved from REvil code.
The post New Bert Ransomware Evolves With Multiple Variants appeared first on Security Boulevard.
【资料】全球每日动态已增加至35个国家和地区,新增墨西哥等
Ivanti Products Connect Secure and Policy Secure Hit by Denial-of-Service Vulnerabilities
Ivanti has released critical security updates for its Connect Secure and Policy Secure products, addressing six medium-severity vulnerabilities that could potentially lead to denial-of-service attacks and unauthorized access. The cybersecurity firm announced today that while no customers have been exploited by these vulnerabilities at the time of disclosure, immediate patching is recommended to prevent potential […]
The post Ivanti Products Connect Secure and Policy Secure Hit by Denial-of-Service Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777)
With PoC exploits for CVE-2025-5777 (aka CitrixBleed 2) now public and reports of active exploitation of the flaw since mid-June, you should check whether your Citrix NetScaler ADC and/or Gateway instances have been probed and compromised by attackers. Citrix’s current official line is that they have no evidence of in-the-wild exploitation and no indicators of compromise to share. Luckily, several security companies and researchers have provided some. CVE-2025-5777 exposed CVE-2025-5777 is an out-of-bounds memory read … More →
The post Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777) appeared first on Help Net Security.