24h | 7d | 30d

CVE-2023-52163

Overview

  • Pending
03 Feb 2025
Published
24 Dec 2025
Updated
CVSS
Pending
EPSS
13.60%
KEV

Description

Digiever DS-2105 Pro 3.1.0.71-11 devices allow time_tzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Statistics

  • 4 Posts
  • 1 Interaction
Last activity: 1 hour ago

Fediverse

Profile picture
Offensive Sequence @offseq

🚨 Critical RCE in Digiever DS-2105 Pro NVRs (CVE-2023-52163) is actively exploited for Mirai/ShadowV2 botnets. No patch—remove from internet, update creds, segment networks. End-of-life device. Details: radar.offseq.com/threat/cisa-f

  • 1
  • 0
  • 0
  • 5h ago
Profile picture
ekiledjian @edwardk

CISA has added a command injection vulnerability (CVE-2023-52163) in Digiever DS-2105 Pro NVRs to its Known Exploited Vulnerabilities (KEV) catalog, noting active exploitation for remote code execution. Due to the device being end-of-life, patches are unavailable, and users are advised to avoid internet exposure and change default credentials.
thehackernews.com/2025/12/cisa

  • 0
  • 0
  • 0
  • 1h ago

Bluesky

Profile picture
CyberHub @cyberhub.blog
📌 CISA Adds Actively Exploited Digiever DS-2105 Pro Vulnerability (CVE-2023-52163) to KEV Catalog https://www.cyberhub.blog/article/17162-cisa-adds-actively-exploited-digiever-ds-2105-pro-vulnerability-cve-2023-52163-to-kev-catalog
  • 0
  • 0
  • 0
  • 15h ago
Profile picture
Information Security Briefly @infosecbriefly.bsky.social
Unpatched command-injection vulnerability CVE-2023-52163 in Digiever DS-2105 Pro NVRs is being actively exploited to deploy botnets; mitigate or discontinue use.
  • 0
  • 0
  • 0
  • 7h ago

CVE-2025-14847

Overview

  • MongoDB Inc.
  • MongoDB Server
19 Dec 2025
Published
19 Dec 2025
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.04%
KEV

Description

Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3, MongoDB Server v6.0 versions prior to 6.0.27, MongoDB Server v5.0 versions prior to 5.0.32, MongoDB Server v4.4 versions prior to 4.4.30, MongoDB Server v4.2 versions greater than or equal to 4.2.0, MongoDB Server v4.0 versions greater than or equal to 4.0.0, and MongoDB Server v3.6 versions greater than or equal to 3.6.0.

Statistics

  • 4 Posts
  • 1 Interaction
Last activity: 8 hours ago

Fediverse

Profile picture
yopp @alex

RE: infosec.exchange/@BleepingComp

So slopmachines are writing articles BleepingComputer now?

1) CVE-2025-14847 is not an RCE, it’s memory disclosure at best

2) CVE-2019-10758 is not mongodb vuln, it’s fucking 3rd party “MongoDB Admin GUI” application

Like everything in this article is a lie and no amount of substances would explain this. Only plausible explanation is llm?

Fuck, what sources you can somewhat trust now, without non-stop fact checking?

  • 0
  • 0
  • 0
  • 23h ago

Bluesky

Profile picture
OMO @omo.bsky.social
SIOSセキュリティブログを更新しました。 MongoDBの脆弱性(High: CVE-2025-14847) #sios_tech #security #vulnerability #セキュリティ #脆弱性 #linux #mongodb security.sios.jp/vulnerabilit...
  • 0
  • 1
  • 0
  • 17h ago
Profile picture
セキュリティ対策Lab @securitylab-jp.bsky.social
MongoDBで重大な脆弱性(CVE-2025-14847)、早急な更新を推奨 rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security
  • 0
  • 0
  • 0
  • 12h ago
Profile picture
ohhara @shiojiri.com
MongoDB、RCEにつながる脆弱性を修正するよう警告(CVE-2025-14847) | Codebook|Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/43222/
  • 0
  • 0
  • 0
  • 8h ago

CVE-2020-12812

Overview

  • Fortinet FortiOS
24 Jul 2020
Published
21 Oct 2025
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
45.02%
KEV

Description

An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.

Statistics

  • 3 Posts
Last activity: 7 hours ago

Fediverse

Profile picture
Cybersecurity & cyberwarfare @cybersecurity

Accessi amministrativi a rischio: Fortinet avverte su una falla nota

Fortinet ha segnalato un recente utilizzo improprio della vulnerabilità FG-IR-19-283, identificata anche come CVE-2020-12812, una falla resa pubblica nel luglio 2020. Il problema emerge esclusivamente in presenza di configurazioni specifiche e riguarda il processo di autenticazione LDAP sui dispositivi FortiGate.

Secondo l’analisi tecnica diffusa dall’azienda, la vulnerabilità è legata a una differenza di comportamento nella gestione dei nomi utente. FortiGate, per impostazione predefinita, distingue tra lettere maiuscole e minuscole, mentre i sistemi LDAP trattano gli username come non sensibili al case.

Questa discrepanza può consentire, in determinati scenari, a utenti LDAP con autenticazione a due fattori attiva di aggirare il secondo fattore e autenticarsi direttamente tramite LDAP, bypassando così le restrizioni previste sugli account locali.

Affinché il problema si manifesti, è necessario che gli utenti siano configurati localmente su FortiGate con 2FA attiva e che gli stessi account appartengano anche a gruppi definiti sul server LDAP. Inoltre, almeno uno di questi gruppi deve essere utilizzato all’interno di una policy di autenticazione, ad esempio per accessi VPN o amministrativi.

Nel caso in cui un utente acceda utilizzando uno username che corrisponde esattamente a quello locale, il sistema richiede correttamente il token di autenticazione a due fattori. Tuttavia, utilizzando una variante del nome con differenze nelle maiuscole o minuscole, FortiGate non associa l’accesso all’account locale.

In questa situazione, il firewall procede a valutare altre policy configurate e può individuare un gruppo LDAP secondario valido. Se le credenziali risultano corrette, l’accesso viene consentito anche in assenza del secondo fattore, ignorando le impostazioni di sicurezza dell’utente locale.

Fortinet avverte che questo comportamento può portare all’accesso non protetto di utenti VPN o amministratori e raccomanda, in tali casi, di considerare l’ambiente compromesso e procedere alla reimpostazione completa delle credenziali, incluse quelle utilizzate per il binding LDAP o Active Directory.

Per mitigare il rischio, l’azienda ha introdotto correzioni a partire dalle versioni FortiOS 6.0.10, 6.2.4 e 6.4.1. Nelle versioni più recenti è inoltre possibile disabilitare la sensibilità al case dei nomi utente, impedendo il passaggio automatico ad altre configurazioni LDAP e riducendo il rischio di bypass dell’autenticazione.

L'articolo Accessi amministrativi a rischio: Fortinet avverte su una falla nota proviene da Red Hot Cyber.

  • 0
  • 0
  • 0
  • 7h ago

Bluesky

Profile picture
Bitnewsbot @bitnewsbot.bsky.social
Fortinet reported renewed abuse of CVE-2020-12812 allowing SSL VPN users to bypass two-factor authentication under specific configurations. The bypass stems […]
  • 0
  • 0
  • 0
  • 7h ago
Profile picture
Information Security Briefly @infosecbriefly.bsky.social
CVE-2020-12812 allows LDAP users with 2FA on FortiGate SSL VPN to bypass second-factor authentication when username case mismatches under specific configurations.
  • 0
  • 0
  • 0
  • 7h ago

CVE-2025-38352

Overview

  • Linux
  • Linux
22 Jul 2025
Published
03 Nov 2025
Updated
CVSS
Pending
EPSS
0.19%
KEV

Description

In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() If an exiting non-autoreaping task has already passed exit_notify() and calls handle_posix_cpu_timers() from IRQ, it can be reaped by its parent or debugger right after unlock_task_sighand(). If a concurrent posix_cpu_timer_del() runs at that moment, it won't be able to detect timer->it.cpu.firing != 0: cpu_timer_task_rcu() and/or lock_task_sighand() will fail. Add the tsk->exit_state check into run_posix_cpu_timers() to fix this. This fix is not needed if CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y, because exit_task_work() is called before exit_notify(). But the check still makes sense, task_work_add(&tsk->posix_cputimers_work.work) will fail anyway in this case.

Statistics

  • 2 Posts
  • 3 Interactions
Last activity: 5 hours ago

Fediverse

Profile picture
buherator @buherator
[RSS] CVE-2025-38352 (Part 2) - Extending The Race Window Without a Kernel Patch

https://faith2dxy.xyz/2025-12-24/cve_2025_38352_analysis_part_2/
  • 0
  • 2
  • 0
  • 5h ago

Bluesky

Profile picture
buherator @buherator.bsky.social
[RSS] CVE-2025-38352 (Part 2) - Extending The Race Window Without a Kernel Patch faith2dxy.xyz -> Original->
  • 1
  • 0
  • 0
  • 5h ago

CVE-2025-10294

Overview

  • victornavarro
  • OwnID Passwordless Login
15 Oct 2025
Published
15 Oct 2025
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.45%
KEV

Description

The OwnID Passwordless Login plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.3.4. This is due to the plugin not properly checking if the ownid_shared_secret value is empty prior to authenticating a user via JWT. This makes it possible for unauthenticated attackers to log in as other users, including administrators, on instances where the plugin has not been fully configured yet.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 16 hours ago

Fediverse

Profile picture
geeknik @geeknik

Script kiddies hunting 0-days on GitHub just became the CVE: download “CVE-2025-10294.exe,” get rooted, webcam on, wallet gone. Exploit the exploiters—ctrl+shift+del your career.
securelist.com/webrat-distribu

  • 1
  • 0
  • 1
  • 16h ago

CVE-2025-68600

Overview

  • Yannick Lefebvre
  • Link Library
  • link-library
24 Dec 2025
Published
24 Dec 2025
Updated
CVSS
Pending
EPSS
0.03%
KEV

Description

Server-Side Request Forgery (SSRF) vulnerability in Yannick Lefebvre Link Library link-library allows Server Side Request Forgery.This issue affects Link Library: from n/a through <= 7.8.4.

Statistics

  • 1 Post
Last activity: 11 hours ago

Fediverse

Profile picture
Offensive Sequence @offseq

🛡️ CVE-2025-68600: CRITICAL SSRF in Yannick Lefebvre Link Library (≤7.8.4). Unauthenticated attackers can target internal networks. Audit outbound traffic, enable egress filtering, and monitor for abuse! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 11h ago

CVE-2025-68613

Overview

  • n8n-io
  • n8n
19 Dec 2025
Published
22 Dec 2025
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
3.55%
KEV

Description

n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations. This issue has been fixed in versions 1.120.4, 1.121.1, and 1.122.0. Users are strongly advised to upgrade to a patched version, which introduces additional safeguards to restrict expression evaluation. If upgrading is not immediately possible, administrators should consider the following temporary mitigations: Limit workflow creation and editing permissions to fully trusted users only; and/or deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of potential exploitation. These workarounds do not fully eliminate the risk and should only be used as short-term measures.

Statistics

  • 2 Posts
Last activity: 11 hours ago

Bluesky

Profile picture
Undercode Testing @undercode.bsky.social
Critical n8n Vulnerability Exposed: How to Hunt for CVE-2025-68613 with Nuclei Before Attackers Do Introduction: A critical security flaw, identified as CVE-2025-68613, has been discovered in the popular workflow automation platform n8n. This vulnerability, which allows for unauthenticated remote…
  • 0
  • 0
  • 0
  • 12h ago
Profile picture
Undercode Testing @undercode.bsky.social
The Christmas Eve Crisis: Over 100,000 n8n Automation Servers Open to Total Takeover via Critical RCE Flaw + Video Introduction: A critical vulnerability in the popular n8n workflow automation platform, tracked as CVE-2025-68613, has put over 103,000 exposed instances at immediate risk of complete…
  • 0
  • 0
  • 0
  • 11h ago

CVE-2025-20393

Overview

  • Cisco
  • Cisco Secure Email
17 Dec 2025
Published
18 Dec 2025
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
6.77%
KEV

Description

Cisco is aware of a potential vulnerability.&nbsp; Cisco is currently investigating and&nbsp;will update these details as appropriate&nbsp;as more information becomes available.

Statistics

  • 1 Post
Last activity: 12 hours ago

Fediverse

Profile picture
jerry @jerry

Defensive Security Podcast Episode 334

https://media.blubrry.com/1463551/content.blubrry.com/1463551/Defensive_Security_Podcast_Episode_334.mp3

Podcast: Play in new window | Download | Embed

Subscribe: RSS

https://www.youtube.com/watch?v=H-1ALODduug

Want to be the first to hear our episodes each week?  Become a Patreon donor here.

Merry Christmas and Happy Holidays!

Links to this week’s stories:

https://krebsonsecurity.com/2025/12/most-parked-domains-now-serving-malicious-content/

https://thehackernews.com/2025/12/russia-linked-hackers-use-microsoft-365.html?m=1

https://cybersecuritynews.com/amazon-catches-north-korean-it-worker/

https://www.darkreading.com/application-security/fake-proof-ai-slop-hobble-defenders

https://www.helpnetsecurity.com/2025/12/17/cisco-secure-email-cve-2025-20393/

  • 0
  • 0
  • 0
  • 12h ago

CVE-2025-8769

Overview

  • MegaSys Computer Technologies
  • Telenium Online Web Application
24 Dec 2025
Published
24 Dec 2025
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
1.05%
KEV

Description

Telenium Online Web Application is vulnerable due to a Perl script that is called to load the login page. Due to improper input validation, an attacker can inject arbitrary Perl code through a crafted HTTP request, leading to remote code execution on the server.

Statistics

  • 1 Post
Last activity: 15 hours ago

Fediverse

Profile picture
Offensive Sequence @offseq

🚨 CVE-2025-8769 (CRITICAL, CVSS 9.8): MegaSys Telenium Online Web App is vulnerable to RCE via Perl input validation flaw on login page. Restrict access, deploy WAF rules, and monitor for patches. Details: radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 15h ago

CVE-2025-68565

Overview

  • JayBee
  • Twitch Player
  • ttv-easy-embed-player
24 Dec 2025
Published
24 Dec 2025
Updated
CVSS
Pending
EPSS
0.04%
KEV

Description

Missing Authorization vulnerability in JayBee Twitch Player ttv-easy-embed-player allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Twitch Player: from n/a through <= 2.1.3.

Statistics

  • 1 Post
Last activity: 6 hours ago

Fediverse

Profile picture
Offensive Sequence @offseq

🔒 CVE-2025-68565: CRITICAL missing authorization in JayBee Twitch Player (<=2.1.3) lets attackers bypass access controls on embedded Twitch streams. Audit usage, restrict access, and monitor for patches. No active exploits yet. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 6h ago
Showing 1 to 10 of 19 CVEs