CVE-2025-23006

SonicWall SMA1000

23 Jan 2025
Published
23 Jan 2025
Updated

CVSS
Pending
EPSS
Pending

  • 8 Posts
  • 156 Interactions

CVE Info

Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.

Fediverse

Profile picture

...and here we go: Next entry in our bingo card is CVE-2025-23006 in SonicWall SMA1000.

Thanks, everyone, and remember: Current version lives at cku.gt/appbingo25

  • 45
  • 60
  • 12 hours ago
Profile picture

SonicWall exploited zero-day: SMA1000 Pre-Authentication Remote Command Execution Vulnerability
CVE-2025-23006 (9.8 critical) Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.

IMPORTANT: SonicWall PSIRT has been notified of possible active exploitation of the referenced vulnerability by threat actors

cc: @goatyell @cR0w @GossiTheDog @briankrebs

  • 29
  • 20
  • 14 hours ago
Profile picture

Hacker News: SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation thehackernews.com/2025/01/soni #news #IT

  • 2
  • 0
  • 4 hours ago
Profile picture

Rules to mimic SonicWALL SMA-1000 (CVE-2025-23006) written and pushed to the honeypots. Will be improving the rules when more details are released.

github.com/mrheinen/lophiid/pu

  • 0
  • 0
  • 11 hours ago
Profile picture

SonicWall's SMA 1000 Series has a critical vulnerability (CVE-2025-23006) rated 9.8/10—basically the cybersecurity equivalent of "RUN, DON'T WALK!". This flaw lets remote attackers play IT admin with your system. It's patched so update NOW!

psirt.global.sonicwall.com/vul

  • 0
  • 0
  • 11 hours ago
Profile picture

SonicWall Urges Immediate Patch For Critical CVE-2025-23006 Flaw Amid Likely Exploitation - mwyr.es/jHarjgB6 #thn #infosec

  • 0
  • 0
  • 3 hours ago
Profile picture

The vulnerability, tracked as CVE-2025-23006, is rated 9.8 out of a maximum of 10.0 on the CVSS scoring system. thehackernews.com/2025/01/soni

  • 0
  • 0
  • 13 hours ago
Profile picture

SonicWall SMA 1000 sotto attacco: scoperta vulnerabilità Zero-Day critica (CVE-2025-23006)

Una nuova minaccia mette in allarme aziende e organizzazioni di tutto il mondo: una vulnerabilità zero-day critica, identificata come CVE-2025-23006, sta venendo sfruttata attivamente contro le appliance SonicWall Secure Mobile Access (SMA) 1000 Series. Questo exploit rappresenta un rischio significativo per tutte le realtà che utilizzano questa soluzione per garantire l’accesso remoto sicuro ai propri dipendenti.

La vulnerabilità CVE-2025-23006


La falla, individuata nel Management Console (AMC) e nella Central Management Console (CMC) delle appliance SMA 1000, sfrutta una vulnerabilità di deserializzazione di dati non affidabili. Questo consente a un attaccante remoto non autenticato di eseguire comandi arbitrari sul sistema operativo, qualora vengano soddisfatte determinate condizioni (attualmente non specificate).

Ma perché la deserializzazione è così pericolosa? Questo processo, se non adeguatamente gestito, consente di trasformare dati potenzialmente malevoli in oggetti o istruzioni eseguibili, aprendo la strada a compromissioni profonde dei sistemi.

Il colosso della tecnologia Microsoft Threat Intelligence Center (MSTIC) ha segnalato questa criticità al team di sicurezza di SonicWall (PSIRT), confermando che la vulnerabilità è attivamente sfruttata in attacchi reali. Questo dato è preoccupante e suggerisce l’interesse di gruppi criminali avanzati, forse sponsorizzati da stati, verso questa falla.

Chi è a rischio?


Sono coinvolti tutti i dispositivi con versioni del firmware 12.4.3-02804 (platform-hotfix) e precedenti. SonicWall ha rilasciato un aggiornamento di sicurezza risolutivo nella versione 12.4.3-02854 (platform-hotfix) e raccomanda caldamente di effettuare l’upgrade immediato per mitigare i rischi.

La vulnerabilità non interessa i dispositivi SMA 100 series né i Firewall SonicWall, ma per chi utilizza gli appliance SMA 1000, i rischi sono tutt’altro che trascurabili.

Attacchi in corso


La conferma di attacchi attivi rende questa situazione estremamente critica. Sebbene i dettagli sugli attacchi non siano stati divulgati, è plausibile che gli attori coinvolti mirino a rubare dati sensibili o installare backdoor per future operazioni malevole.

L’assenza di informazioni specifiche sulle condizioni necessarie per sfruttare la falla aumenta l’incertezza e il pericolo per le organizzazioni, che rischiano di diventare bersagli di campagne mirate.

Cosa fare per proteggersi


SonicWall ha fornito indicazioni chiare per mitigare il rischio legato a CVE-2025-23006:

  1. Aggiornamento immediato: Installare l’aggiornamento alla versione 12.4.3-02854 (platform-hotfix) o successive.
  2. Restrizioni agli accessi: Limitare l’accesso alla Appliance Management Console (AMC) e alla Central Management Console (CMC) a fonti affidabili.
  3. Monitoraggio continuo: Implementare un monitoraggio attivo del traffico di rete e dei log per rilevare eventuali attività sospette.
  4. Zero Trust: Adottare un approccio che limiti al massimo i privilegi di accesso, minimizzando l’esposizione delle infrastrutture critiche.


Conclusione


Questa vulnerabilità mette in evidenza l’importanza di una gestione proattiva della sicurezza informatica. Le appliance come le SMA 1000, fondamentali per le aziende moderne, sono bersagli sempre più ambiti. L’approccio zero trust non è più una semplice raccomandazione, ma una necessità per prevenire compromissioni catastrofiche. Le aziende che utilizzano SonicWall SMA 1000 devono agire immediatamente. Ogni ritardo nell’aggiornamento o nel rafforzamento delle difese potrebbe aprire la porta a scenari di compromissione irreparabili. Ignorare una vulnerabilità zero-day non è solo una negligenza: è un invito agli attaccanti.

L'articolo SonicWall SMA 1000 sotto attacco: scoperta vulnerabilità Zero-Day critica (CVE-2025-23006) proviene da il blog della sicurezza informatica.

  • 0
  • 0
  • 13 hours ago

CVE-2022-40684

KEV
Fortinet FortiOS, FortiProxy, FortiSwitchManager

18 Oct 2022
Published
23 Oct 2024
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
97.26%

  • 1 Post
  • 6 Interactions

CVE Info

An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

Fediverse

Profile picture

Javno objavljen spisek ranljivih Fortigate naprav na CVE-2022-40684 je vseboval tudi 13 takšnih v Sloveniji. V glavnem je šlo za pozabljene namestitve, teden dni nazaj smo iz poslali obvestila vsem skrbnikom. Kje najdemo kontaktne naslove? Iz Whois zbirk slovenskih domen na Register.si in na RIPE NCC. Poskrbite, da kontaktne elektronske naslove vsaj enkrat na leto preverite, da ne bodo šla naša obvestila v pozabljen poštni predal. 🗓️

cert.si/koordinirano-razkrivan

  • 3
  • 3
  • 8 hours ago

CVE-2024-52325

ECOVACS GOAT G1

23 Jan 2025
Published
23 Jan 2025
Updated

CVSS v4.0
MEDIUM (5.8)
EPSS
Pending

  • 1 Post
  • 7 Interactions

CVE Info

ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.

Fediverse

Profile picture

The Happening is happening. I missed this advisory back in November but the CVE was published today.

ecovacs.com/global/userhelp/ds

ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.

nvd.nist.gov/vuln/detail/CVE-2

  • 2
  • 5
  • 10 hours ago

CVE-2020-11023

KEV
jquery jQuery

29 Apr 2020
Published
23 Jan 2025
Updated

CVSS v3.1
MEDIUM (6.9)
EPSS
4.35%

  • 1 Post
  • 5 Interactions

CVE Info

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Fediverse

CVE-2025-21298

Microsoft Windows 10 Version 1809

14 Jan 2025
Published
23 Jan 2025
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
0.09%

  • 1 Post
  • 1 Interaction

CVE Info

Windows OLE Remote Code Execution Vulnerability

Fediverse

Profile picture

🚨 Zero-Click Vulnerability Alert: Microsoft patched a critical zero-click RCE vulnerability in Windows OLE (CVE-2025-21298).

9.8 on CVSS and allows attackers to exploit systems with no user interaction. - Just previewing an email.

When I read things like this I can only tell you… we were All played time ago.

  • 0
  • 1
  • 6 hours ago

CVE-2024-44243

Apple macOS

11 Dec 2024
Published
20 Dec 2024
Updated

CVSS
Pending
EPSS
0.04%

  • 1 Post

CVE Info

A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.2. An app may be able to modify protected parts of the file system.

Fediverse

Profile picture

Microsoft Discovers macOS Flaw CVE-2024-44243, Bypassing SIP hackread.com/microsoft-macos-f

  • 0
  • 0
  • 11 hours ago

CVE-2025-20156

Cisco Meeting Management

22 Jan 2025
Published
22 Jan 2025
Updated

CVSS v3.1
CRITICAL (9.9)
EPSS
0.06%

  • 2 Posts

CVE Info

A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device. This vulnerability exists because proper authorization is not enforced upon&nbsp;REST API users. An attacker could exploit this vulnerability by sending API requests to a specific endpoint. A successful exploit could allow the attacker to gain administrator-level control over edge nodes that are managed by Cisco Meeting Management.

Fediverse

Profile picture

Cisco Rilascia Patch Critiche: Rischio Elevazione Privilegi su Meeting Management

È stata individuata una vulnerabilità critica della sicurezza in Cisco Meeting Management, che potrebbe consentire ad aggressori con accesso di basso livello di elevare i propri privilegi ad amministratori.

Cisco ha emesso un avviso di sicurezza e rilasciato aggiornamenti software per risolvere il problema, invitando gli utenti ad effettuare immediatamente l’aggiornamento.

Il difetto tracciato come CVE-2025-20156 risiede nella REST API di Cisco Meeting Management. Per sfruttare questa vulnerabilità, un aggressore deve inviare richieste API appositamente predisposte a un endpoint specifico.

La vulnerabilità riguarda tutte le versioni di Cisco Meeting Management precedenti alla versione 3.9.1. Si consiglia agli utenti che eseguono versioni precedenti alla 3.9 di migrare a una versione corretta. Le prime versioni sicure sono le seguenti:

  • 3.9.1: Vulnerabilità risolta.
  • 3.10: Non interessato.

Questa vulnerabilità è particolarmente preoccupante in quanto potrebbe consentire agli aggressori di compromettere sistemi critici aumentando i loro privilegi. Tuttavia, solo gli utenti autenticati con accesso di basso livello possono sfruttare la falla, limitandone la portata rispetto alle vulnerabilità non autenticate.

Cisco ha rilasciato aggiornamenti software gratuiti per risolvere questa vulnerabilità. I ​​clienti con contratti di servizio validi possono accedere agli aggiornamenti tramite i loro soliti canali di supporto o tramite la pagina Cisco Support and Downloads.

Per coloro che non dispongono di contratti di assistenza, il Cisco Technical Assistance Center (TAC) può fornire assistenza per ottenere le patch necessarie. Non esistono soluzioni alternative per questo problema, pertanto gli aggiornamenti software rappresentano l’unica soluzione praticabile per mitigare il rischio.

Cisco consiglia vivamente a tutti i clienti:

  • Esegui subito l’aggiornamento alla versione 3.9.1 o successiva.
  • Prima di effettuare l’aggiornamento, verificare che i dispositivi dispongano di memoria sufficiente e configurazioni hardware compatibili.
  • Rivedere regolarmente gli avvisi di sicurezza per tutti i prodotti Cisco per garantire una protezione completa.

Finora, il Product Security Incident Response Team (PSIRT) di Cisco non ha osservato alcuno sfruttamento attivo di questa vulnerabilità in circolazione. Il problema è stato scoperto durante i test di sicurezza interni, evidenziando le misure proattive adottate da Cisco per identificare e affrontare potenziali minacce prima che vengano sfruttate.

L'articolo Cisco Rilascia Patch Critiche: Rischio Elevazione Privilegi su Meeting Management proviene da il blog della sicurezza informatica.

  • 0
  • 0
  • 17 hours ago
Profile picture

The vulnerability, tracked as CVE-2025-20156, carries a CVSS score of 9.9 out 10.0. It has been described as a privilege escalation flaw in the REST API of Cisco Meeting Management. thehackernews.com/2025/01/cisc

  • 0
  • 0
  • 13 hours ago

CVE-2024-23924

Alpine Halo9

28 Sept 2024
Published
03 Oct 2024
Updated

CVSS v3.1
MEDIUM (6.8)
EPSS
0.06%

  • 2 Posts

CVE Info

Alpine Halo9 UPDM_wemCmdCreatSHA256Hash Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPDM_wemCmdCreatSHA256Hash function. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-23105

Fediverse

Profile picture

Sweet! On their second attempt, newcomers CIS Team of South Korea were able to exploit the iLX-507. They head to the disclosure room to see if they reused CVE-2024-23924 or something new.

  • 0
  • 0
  • 19 hours ago
Profile picture

It's a collision. The ghost of CVE-2024-23924 rears its head as the specter of "shared risk" lingers. The CIS Team still earns $5,000 and 1 Master of Pwn points.

  • 0
  • 0
  • 17 hours ago

CVE-2025-21556

Oracle Corporation Agile PLM Framework

21 Jan 2025
Published
21 Jan 2025
Updated

CVSS v3.1
CRITICAL (9.9)
EPSS
0.05%

  • 1 Post

CVE Info

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile Integration Services). The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile PLM Framework. While the vulnerability is in Oracle Agile PLM Framework, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle Agile PLM Framework. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

Fediverse

Profile picture

Big Red’s VP of security assurance Eric Maurice singled out one patch as worthy of particular attention: The fix addresses CVE-2025-21556, a CVSS 9.9-out-of-10-rated vulnerability in Oracle’s Agile Product Lifecycle Management (PLM) Framework. theregister.com/2025/01/23/ora

  • 0
  • 0
  • 13 hours ago

CVE-2025-0611

Google Chrome

22 Jan 2025
Published
22 Jan 2025
Updated

CVSS
Pending
EPSS
0.04%

  • 1 Post

CVE Info

Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Fediverse

Profile picture

wacoca.com/news/2385918/ 【セキュリティ ニュース】「Chrome」スクリプトエンジンに脆弱性 – アップデートで修正(1ページ目 / 全1ページ):Security NEXT #Chromeセキュリティアップデート #CVE20250611 #CVE20250612 #Science&Technology #ScienceNews #Security #TechnologyNews #V8エンジン脆弱性 #WindowsMacOSLinuxChrome #オブジェクト破壊対策 #セキュリティ #テクノロジー #ニュース #メモリアクセス保護 #対策 #科学 #科学&テクノロジー

  • 0
  • 0
  • 11 hours ago

CVE-2025-0612

Google Chrome

22 Jan 2025
Published
22 Jan 2025
Updated

CVSS
Pending
EPSS
0.04%

  • 1 Post

CVE Info

Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Fediverse

Profile picture

wacoca.com/news/2385918/ 【セキュリティ ニュース】「Chrome」スクリプトエンジンに脆弱性 – アップデートで修正(1ページ目 / 全1ページ):Security NEXT #Chromeセキュリティアップデート #CVE20250611 #CVE20250612 #Science&Technology #ScienceNews #Security #TechnologyNews #V8エンジン脆弱性 #WindowsMacOSLinuxChrome #オブジェクト破壊対策 #セキュリティ #テクノロジー #ニュース #メモリアクセス保護 #対策 #科学 #科学&テクノロジー

  • 0
  • 0
  • 11 hours ago

CVE-2024-12084

Pending

15 Jan 2025
Published
16 Jan 2025
Updated

CVSS
Pending
EPSS
0.06%

  • 1 Post
  • 8 Interactions

CVE Info

A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.

Fediverse

Profile picture

We just released Routinator 0.14.1, fixing CVE-2025-0638, where non-ASCII characters in the file names listed in an #RPKI manifest lead to a crash of Routinator:
nlnetlabs.nl/downloads/routina

You should also be aware of CVE-2024-12084, fixing a heap-based buffer overflow flaw was found in the rsync daemon:
nvd.nist.gov/vuln/detail/cve-2

Please make sure you update both Routinator and rsync. Lastly, because gzip is re-enabled, you’ll save up to 50% bandwidth.

nlnetlabs.nl/news/2025/Jan/22/

  • 3
  • 5
  • 16 hours ago

CVE-2025-0638

NLnet Labs Routinator

22 Jan 2025
Published
22 Jan 2025
Updated

CVSS v3.1
HIGH (7.5)
EPSS
0.04%

  • 1 Post
  • 8 Interactions

CVE Info

The initial code parsing the manifest did not check the content of the file names yet later code assumed that it was checked and panicked when encountering illegal characters, resulting in a crash of Routinator.

Fediverse

Profile picture

We just released Routinator 0.14.1, fixing CVE-2025-0638, where non-ASCII characters in the file names listed in an #RPKI manifest lead to a crash of Routinator:
nlnetlabs.nl/downloads/routina

You should also be aware of CVE-2024-12084, fixing a heap-based buffer overflow flaw was found in the rsync daemon:
nvd.nist.gov/vuln/detail/cve-2

Please make sure you update both Routinator and rsync. Lastly, because gzip is re-enabled, you’ll save up to 50% bandwidth.

nlnetlabs.nl/news/2025/Jan/22/

  • 3
  • 5
  • 16 hours ago

CVE-2024-38821

Spring

28 Oct 2024
Published
01 Nov 2024
Updated

CVSS v3.1
CRITICAL (9.1)
EPSS
0.04%

  • 1 Post
  • 6 Interactions

CVE Info

Spring WebFlux applications that have Spring Security authorization rules on static resources can be bypassed under certain circumstances. For this to impact an application, all of the following must be true: * It must be a WebFlux application * It must be using Spring's static resources support * It must have a non-permitAll authorization rule applied to the static resources support

Fediverse

Profile picture

Remember this perfect 10 in Apache MINA?

lists.apache.org/thread/4wxktg

nvd.nist.gov/vuln/detail/CVE-2

Apparently Gateway was impacted by it.

Also, it sounds like MOVEit Automation was impacted by October's sev:CRIT in Spring WebFlux.

nvd.nist.gov/vuln/detail/CVE-2

  • 3
  • 3
  • 13 hours ago

CVE-2024-52046

Apache Software Foundation MINA

25 Dec 2024
Published
03 Jan 2025
Updated

CVSS v4.0
CRITICAL (10.0)
EPSS
0.04%

  • 1 Post
  • 6 Interactions

CVE Info

The ObjectSerializationDecoder in Apache MINA uses Java’s native deserialization protocol to process incoming serialized data but lacks the necessary security checks and defenses. This vulnerability allows attackers to exploit the deserialization process by sending specially crafted malicious serialized data, potentially leading to remote code execution (RCE) attacks. This issue affects MINA core versions 2.0.X, 2.1.X and 2.2.X, and will be fixed by the releases 2.0.27, 2.1.10 and 2.2.4. It's also important to note that an application using MINA core library will only be affected if the IoBuffer#getObject() method is called, and this specific method is potentially called when adding a ProtocolCodecFilter instance using the ObjectSerializationCodecFactory class in the filter chain. If your application is specifically using those classes, you have to upgrade to the latest version of MINA core library. Upgrading will  not be enough: you also need to explicitly allow the classes the decoder will accept in the ObjectSerializationDecoder instance, using one of the three new methods: /**      * Accept class names where the supplied ClassNameMatcher matches for * deserialization, unless they are otherwise rejected. * * @param classNameMatcher the matcher to use */ public void accept(ClassNameMatcher classNameMatcher) /** * Accept class names that match the supplied pattern for * deserialization, unless they are otherwise rejected. * * @param pattern standard Java regexp */ public void accept(Pattern pattern) /** * Accept the wildcard specified classes for deserialization, * unless they are otherwise rejected. * * @param patterns Wildcard file name patterns as defined by * {@link org.apache.commons.io.FilenameUtils#wildcardMatch(String, String) FilenameUtils.wildcardMatch} */ public void accept(String... patterns) By default, the decoder will reject *all* classes that will be present in the incoming data. Note: The FtpServer, SSHd and Vysper sub-project are not affected by this issue.

Fediverse

Profile picture

Remember this perfect 10 in Apache MINA?

lists.apache.org/thread/4wxktg

nvd.nist.gov/vuln/detail/CVE-2

Apparently Gateway was impacted by it.

Also, it sounds like MOVEit Automation was impacted by October's sev:CRIT in Spring WebFlux.

nvd.nist.gov/vuln/detail/CVE-2

  • 3
  • 3
  • 13 hours ago

CVE-2024-43708

Elastic Kibana

23 Jan 2025
Published
23 Jan 2025
Updated

CVSS v3.1
MEDIUM (6.5)
EPSS
Pending

  • 1 Post
  • 2 Interactions

CVE Info

An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted payload to a number of inputs in Kibana UI. This can be carried out by users with read access to any feature in Kibana.

Fediverse

Profile picture

continues for @NosirrahSec as Elastic releases yet another security update: Kibana 7.17.23/8.15.0 Security Updates (ESA-2024-32, ESA-2024-33)
CVE-2024-52972 (6.5 medium) and CVE-2024-43708 (6.5 medium) Kibana allocation of resources without limits or throttling leads to crash

No mention of exploitation.

  • 1
  • 1
  • 13 hours ago

CVE-2024-52972

Elastic Kibana

23 Jan 2025
Published
23 Jan 2025
Updated

CVSS v3.1
MEDIUM (6.5)
EPSS
Pending

  • 1 Post
  • 2 Interactions

CVE Info

An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted request to /api/metrics/snapshot. This can be carried out by users with read access to the Observability Metrics or Logs features in Kibana.

Fediverse

Profile picture

continues for @NosirrahSec as Elastic releases yet another security update: Kibana 7.17.23/8.15.0 Security Updates (ESA-2024-32, ESA-2024-33)
CVE-2024-52972 (6.5 medium) and CVE-2024-43708 (6.5 medium) Kibana allocation of resources without limits or throttling leads to crash

No mention of exploitation.

  • 1
  • 1
  • 13 hours ago

CVE-2017-0144

KEV
Microsoft Corporation Windows SMB

17 Mar 2017
Published
05 Aug 2024
Updated

CVSS
Pending
EPSS
96.95%

  • 1 Post
  • 8 Interactions

CVE Info

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.

Fediverse

Profile picture

Eternal Blue CVE-2017-0144
Dirty Cow CVE-2016-5195
Heartbleed CVE-2014-0160
Eternal Blue CVE-2017-0144
Dirty Cow CVE-2016-5195
Heartbleed CVE-2014-0160
Eternal Blue CVE-2017-0144
Dirty Cow CVE-2016-5195
Heartbleed CVE-2014-0160
Eternal Blue CVE-2017-0144
Dirty Cow CVE-2016-5195
Heartbleed CVE-2014-0160
Eternal Blue CVE-2017-0144
Dirty Cow CVE-2016-5195
Heartbleed CVE-2014-0160
...
déso, parait qu'à force de répéter on retient ...

  • 0
  • 8
  • 18 hours ago

CVE-2016-5195

KEV
Pending

10 Nov 2016
Published
06 Aug 2024
Updated

CVSS
Pending
EPSS
70.20%

  • 1 Post
  • 8 Interactions

CVE Info

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Fediverse

Profile picture

Eternal Blue CVE-2017-0144
Dirty Cow CVE-2016-5195
Heartbleed CVE-2014-0160
Eternal Blue CVE-2017-0144
Dirty Cow CVE-2016-5195
Heartbleed CVE-2014-0160
Eternal Blue CVE-2017-0144
Dirty Cow CVE-2016-5195
Heartbleed CVE-2014-0160
Eternal Blue CVE-2017-0144
Dirty Cow CVE-2016-5195
Heartbleed CVE-2014-0160
Eternal Blue CVE-2017-0144
Dirty Cow CVE-2016-5195
Heartbleed CVE-2014-0160
...
déso, parait qu'à force de répéter on retient ...

  • 0
  • 8
  • 18 hours ago

CVE-2014-0160

KEV
Pending

07 Apr 2014
Published
06 Aug 2024
Updated

CVSS
Pending
EPSS
97.45%

  • 1 Post
  • 8 Interactions

CVE Info

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.

Fediverse

Profile picture

Eternal Blue CVE-2017-0144
Dirty Cow CVE-2016-5195
Heartbleed CVE-2014-0160
Eternal Blue CVE-2017-0144
Dirty Cow CVE-2016-5195
Heartbleed CVE-2014-0160
Eternal Blue CVE-2017-0144
Dirty Cow CVE-2016-5195
Heartbleed CVE-2014-0160
Eternal Blue CVE-2017-0144
Dirty Cow CVE-2016-5195
Heartbleed CVE-2014-0160
Eternal Blue CVE-2017-0144
Dirty Cow CVE-2016-5195
Heartbleed CVE-2014-0160
...
déso, parait qu'à force de répéter on retient ...

  • 0
  • 8
  • 18 hours ago