24h | 7d | 30d

Overview

  • SAP_SE
  • SAP NetWeaver (Visual Composer development server)

24 Apr 2025
Published
26 Apr 2025
Updated

CVSS v3.1
CRITICAL (10.0)
EPSS
0.04%

KEV

Description

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.

Statistics

  • 4 Posts
  • 6 Interactions

Fediverse

Profile picture

SAP zero-day vulnerability under widespread active exploitation cyberscoop.com/sap-netweaver-z

  • 1
  • 4
  • 6 hours ago
Profile picture

@campuscodi I have heard that CVE-2025-31324 is in fact under active exploitation. I haven't heard confirmation that the exploitation observed by ReliaQuest in that article is it, but at this point, it doesn't ( or at least shouldn't ) matter to defenders.

  • 1
  • 0
  • 13 hours ago
Profile picture

Tracked as CVE-2025-31324 (CVSS score of 10/10), the security defect is described as the lack of proper authorization (missing authorization check) in the Visual Composer Metadata Uploader component of SAP NetWeaver. securityweek.com/sap-zero-day-

  • 0
  • 0
  • 16 hours ago
Profile picture

SAP NetWeaver is under attack—an unauthenticated file upload flaw is letting hackers run code remotely. With systems already being breached, is your enterprise ready to patch this ticking time bomb?

thedefendopsdiaries.com/addres





  • 0
  • 0
  • 14 hours ago

Overview

  • moodle

25 Apr 2025
Published
25 Apr 2025
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

A security vulnerability was discovered in Moodle that allows students to enroll themselves in courses without completing all the necessary safety checks. Specifically, users can sign up for courses prematurely, even if they haven't finished two-step verification processes.

Statistics

  • 2 Posts
  • 12 Interactions

Fediverse

Profile picture

Who wants to skip courses in Moodle?

access.redhat.com/security/cve

A security vulnerability was discovered in Moodle that allows students to enroll themselves in courses without completing all the necessary safety checks. Specifically, users can sign up for courses prematurely, even if they haven't finished two-step verification processes.

  • 3
  • 6
  • 12 hours ago
Profile picture

"Zu viel Interesse an Moodle-Kursen" ist eher kein so gängiges Sicherheitsproblem an Unis, oder? access.redhat.com/security/cve #Moodle #CVE

  • 1
  • 2
  • 8 hours ago

Overview

  • erlang
  • otp

16 Apr 2025
Published
25 Apr 2025
Updated

CVSS v3.1
CRITICAL (10.0)
EPSS
3.62%

KEV

Description

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.

Statistics

  • 3 Posts
  • 15 Interactions

Fediverse

Profile picture

For those playing along at home, here are the currently listed Cisco system vulnerable to the Erlang / OTP perfect 10 CVE-2025-32433:

  • ConfD, ConfD Basic
  • Network Services Orchestrator (NSO)
  • Smart PHY
  • ASR 5000 Series Software (StarOS) and Ultra Packet Core
  • iNode Manager ( No fix planned. )
  • Ultra Cloud Core - Access and Mobility Management Function
  • Ultra Cloud Core - Redundancy Configuration Manager
  • Ultra Cloud Core - Session Management Function
  • Ultra Cloud Core - Subscriber Microservices Infrastructure
  • Enterprise NFV Infrastructure Software (NFVIS)
  • Small Business RV Series Routers RV160, RV160W, RV260, RV260P, RV260W, RV340, RV340W, RV345, RV345P ( No fix planned. )

The products still being evaluated, hopefully to be complete by EoD today ( my hope, nothing hinting to that from Cisco ):

  • Wide Area Application Services (WAAS) Software
  • Virtualized Infrastructure Manager
  • Catalyst Center, formerly DNA Center
  • Ultra Cloud Core - Policy Control Function
  • 4
  • 7
  • 14 hours ago
Profile picture

Cisco updated the list again. Here are the currently listed Cisco system vulnerable to the Erlang / OTP perfect 10 CVE-2025-32433 ( additions in bold:

  • ConfD, ConfD Basic
  • Network Services Orchestrator (NSO)
  • Smart PHY
  • Ultra Services Platform
  • ASR 5000 Series Software (StarOS) and Ultra Packet Core
  • Cloud Native Broadband Network Gateway
  • iNode Manager ( No fix planned. )
  • Ultra Cloud Core - Access and Mobility Management Function
  • Ultra Cloud Core - Policy Control Function
  • Ultra Cloud Core - Redundancy Configuration Manager
  • Ultra Cloud Core - Session Management Function
  • Ultra Cloud Core - Subscriber Microservices Infrastructure
  • Enterprise NFV Infrastructure Software (NFVIS)
  • Small Business RV Series Routers RV160, RV160W, RV260, RV260P, RV260W, RV340, RV340W, RV345, RV345P ( No fix planned. )

The products still being evaluated, hopefully to be complete by EoD today ( my hope, nothing hinting to that from Cisco ):

  • Wide Area Application Services (WAAS) Software
  • 1
  • 3
  • 6 hours ago
Profile picture

Cisco is investigating the impact of the Erlang/OTP remote code execution vulnerability CVE-2025-32433 on its products. securityweek.com/cisco-confirm

  • 0
  • 0
  • 16 hours ago

Overview

  • ViaSat
  • RM4100

25 Apr 2025
Published
25 Apr 2025
Updated

CVSS v4.0
HIGH (7.7)
EPSS
Pending

KEV

Description

The device exposes a web interface on ports TCP/3030 and TCP/9882. This web service runs lighttpd, which implements the “SNORE” interface. This interface is affected by a stack buffer overflow vulnerability due to insecure path parsing. An attacker with access to the LAN network interface could use a specially crafted HTTP request to exploit a buffer overflow on the modem.

Statistics

  • 2 Posts
  • 9 Interactions

Fediverse

Profile picture

Embargo lifted. We automatically identified issues affecting Viasat satellite modems that could be exploited for RCE.

onekey.com/resource/security-a

  • 1
  • 3
  • 13 hours ago
Profile picture

Who doesn't like RCE in Viastat modems? Well here's two of them. Happy Friday.

onekey.com/resource/security-a

sev:HIGH 7.7 - CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:N/AU:Y/R:U/V:C/RE:M/U:Red

The device exposes a web interface on ports TCP/3030 and TCP/9882. This web service runs lighttpd, which implements the “SNORE” interface. This interface is affected by a stack buffer overflow vulnerability due to insecure path parsing. An attacker with access to the LAN network interface could use a specially crafted HTTP request to exploit a buffer overflow on the modem.

nvd.nist.gov/vuln/detail/CVE-2

onekey.com/resource/security-a

sev:HIGH 7.7 - CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:M/U:Red

An unauthenticated attacker on the WAN interface, with the ability to intercept Dynamic DNS (DDNS) traffic between DDNS services and the modem, could manipulate specific responses to include code that forces a buffer overflow on the modem. Customers that have not enabled Dynamic DNS on their modem are not vulnerable.

nvd.nist.gov/vuln/detail/CVE-2

  • 2
  • 3
  • 13 hours ago

Overview

  • Microsoft
  • Windows Server 2025

08 Apr 2025
Published
23 Apr 2025
Updated

CVSS v3.1
HIGH (7.8)
EPSS
0.08%

KEV

Description

Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.

Statistics

  • 1 Post
  • 10 Interactions

Fediverse

Profile picture

Was ein #Microsoft #Windows Ordner für die #Cybersecurity leistet - oder eben auch nicht: Seit dem letzten Patch gibt es für Windows User auf der OS-Partition den neuen Ordner "#inetpub" - der essenzieller Bestandteil des Securityfixes ist und deshalb keinesfalls gelöscht werden sollte.
Wenn es also ausreichend ist, einen Ordner zu löschen oder zu manipulieren, um Cybersecurity Updates zu torpedieren, dürfte dies ein interessanter neuer Angriffsvektor sein.
msrc.microsoft.com/update-guid #cybersecurity

  • 6
  • 4
  • 11 hours ago

Overview

  • python-hyper
  • h11

24 Apr 2025
Published
24 Apr 2025
Updated

CVSS v3.1
CRITICAL (9.1)
EPSS
0.03%

KEV

Description

h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires the combination of buggy h11 with a buggy (reverse) proxy, fixing either component is sufficient to mitigate this issue.

Statistics

  • 1 Post
  • 5 Interactions

Fediverse

Profile picture

New version of #Endurain v0.10.1 released with dependencies bump to fix CVE-2025-43859 on python library h11. Grab it now github.com/joaovitoriasilva/en

  • 3
  • 2
  • 18 hours ago

Overview

  • Pending

Pending
Published
Pending
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 4 Interactions

Fediverse

Profile picture

Time to upgrade! Spring Boot addresses CVE-2025-22235.

The fix is available in 3.3.11 and 3.4.5 that we've just released.

Tanzu Spring customers can also upgrade to Spring Boot 2.7.25, 3.1.16, or 3.2.14.

spring.io/security/cve-2025-22

#spring

  • 3
  • 1
  • 20 hours ago

Overview

  • ConnectWise
  • ScreenConnect

25 Apr 2025
Published
25 Apr 2025
Updated

CVSS v3.1
HIGH (8.1)
EPSS
Pending

KEV

Description

ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys.  It is important to note that to obtain these machine keys, privileged system level access must be obtained. If these machine keys are compromised, attackers could create and send a malicious ViewState to the website, potentially leading to remote code execution on the server.  The risk does not originate from a vulnerability introduced by ScreenConnect, but from platform level behavior.  This had no direct impact to ScreenConnect Client. ScreenConnect 2025.4 patch disables ViewState and removes any dependency on it.

Statistics

  • 1 Post
  • 2 Interactions

Fediverse

Profile picture

Looks like there's a CVE for yesterday's ScreenConnect vuln now.

nvd.nist.gov/vuln/detail/CVE-2

  • 1
  • 1
  • 8 hours ago

Overview

  • Ivanti
  • Connect Secure

08 Jan 2025
Published
20 Feb 2025
Updated

CVSS v3.1
CRITICAL (9.0)
EPSS
92.34%

Description

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.

Statistics

  • 1 Post
  • 1 Interaction

Fediverse

Profile picture

Hacker News: DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks thehackernews.com/2025/04/dslo #news #IT

  • 1
  • 0
  • 10 hours ago

Overview

  • Quantum
  • StorNext

25 Apr 2025
Published
25 Apr 2025
Updated

CVSS v3.1
CRITICAL (9.9)
EPSS
0.18%

KEV

Description

Quantum StorNext Web GUI API before 7.2.4 allows potential Arbitrary Remote Code Execution (RCE) via upload of a file. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and ActiveScale Cold Storage.

Statistics

  • 1 Post
  • 2 Interactions

Fediverse

Profile picture

I thought quantum was supposed to save security or something?

quantum.com/en/service-support

sev:CRIT 9.9 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Quantum StorNext Web GUI API before 7.2.4 allows potential Arbitrary Remote Code Execution (RCE) via upload of a file. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and ActiveScale Cold Storage.

nvd.nist.gov/vuln/detail/CVE-2

  • 0
  • 2
  • 14 hours ago
Showing 1 to 10 of 21 CVEs