24h | 7d | 30d

CVE-2025-40194

Overview

  • Linux
  • Linux
12 Nov 2025
Published
01 Dec 2025
Updated
CVSS
Pending
EPSS
0.03%
KEV

Description

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() The cpufreq_cpu_put() call in update_qos_request() takes place too early because the latter subsequently calls freq_qos_update_request() that indirectly accesses the policy object in question through the QoS request object passed to it. Fortunately, update_qos_request() is called under intel_pstate_driver_lock, so this issue does not matter for changing the intel_pstate operation mode, but it theoretically can cause a crash to occur on CPU device hot removal (which currently can only happen in virt, but it is formally supported nevertheless). Address this issue by modifying update_qos_request() to drop the reference to the policy later.

Statistics

  • 1 Post
Last activity: 19 hours ago

Bluesky

Profile picture
SecQube | Harvey | AI Platform for MS Graph @secqube.com
CVE-2025-40194 cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() scq.ms/3YdSiG0 #MicrosoftSecurity #cybersecurity
  • 0
  • 0
  • 0
  • 19h ago

CVE-2025-14344

Overview

  • sh1zen
  • Multi Uploader for Gravity Forms
12 Dec 2025
Published
12 Dec 2025
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.14%
KEV

Description

The Multi Uploader for Gravity Forms plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'plupload_ajax_delete_file' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server.

Statistics

  • 1 Post
Last activity: 16 hours ago

Fediverse

Profile picture
Offensive Sequence @offseq

🚨 CRITICAL (CVSS 9.8): Path traversal in sh1zen Multi Uploader for Gravity Forms (all versions) lets unauthenticated attackers delete files on WordPress servers. Audit, disable, or remove plugin now. CVE-2025-14344 radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 16h ago

CVE-2025-40205

Overview

  • Linux
  • Linux
12 Nov 2025
Published
01 Dec 2025
Updated
CVSS
Pending
EPSS
0.03%
KEV

Description

In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid potential out-of-bounds in btrfs_encode_fh() The function btrfs_encode_fh() does not properly account for the three cases it handles. Before writing to the file handle (fh), the function only returns to the user BTRFS_FID_SIZE_NON_CONNECTABLE (5 dwords, 20 bytes) or BTRFS_FID_SIZE_CONNECTABLE (8 dwords, 32 bytes). However, when a parent exists and the root ID of the parent and the inode are different, the function writes BTRFS_FID_SIZE_CONNECTABLE_ROOT (10 dwords, 40 bytes). If *max_len is not large enough, this write goes out of bounds because BTRFS_FID_SIZE_CONNECTABLE_ROOT is greater than BTRFS_FID_SIZE_CONNECTABLE originally returned. This results in an 8-byte out-of-bounds write at fid->parent_root_objectid = parent_root_id. A previous attempt to fix this issue was made but was lost. https://lore.kernel.org/all/4CADAEEC020000780001B32C@vpn.id2.novell.com/ Although this issue does not seem to be easily triggerable, it is a potential memory corruption bug that should be fixed. This patch resolves the issue by ensuring the function returns the appropriate size for all three cases and validates that *max_len is large enough before writing any data.

Statistics

  • 1 Post
Last activity: 15 hours ago

Bluesky

Profile picture
SecQube | Harvey | AI Platform for MS Graph @secqube.com
CVE-2025-40205 btrfs: avoid potential out-of-bounds in btrfs_encode_fh() scq.ms/3XFaLLu #MicrosoftSecurity #cybersecurity
  • 0
  • 0
  • 0
  • 15h ago

CVE-2025-64721

Overview

  • sandboxie-plus
  • Sandboxie
11 Dec 2025
Published
11 Dec 2025
Updated
CVSS v4.0
CRITICAL (9.9)
EPSS
0.05%
KEV

Description

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. In versions 1.16.6 and below, the SYSTEM-level service SbieSvc.exe exposes SbieIniServer::RC4Crypt to sandboxed processes. The handler adds a fixed header size to a caller-controlled value_len without overflow checking. A large value_len (e.g., 0xFFFFFFF0) wraps the allocation size, causing a heap overflow when attacker data is copied into the undersized buffer. This allows sandboxed processes to execute arbitrary code as SYSTEM, fully compromising the host. This issue is fixed in version 1.16.7.

Statistics

  • 1 Post
Last activity: 22 hours ago

Fediverse

Profile picture
Offensive Sequence @offseq

CRITICAL: CVE-2025-64721 in Sandboxie-Plus (<1.16.7) allows sandbox escapes with SYSTEM privileges via integer overflow in SbieSvc.exe. Patch to 1.16.7+ ASAP! πŸ”₯ radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 22h ago

CVE-2025-14534

Overview

  • UTT
  • 进取 512W
11 Dec 2025
Published
11 Dec 2025
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
0.04%
KEV

Description

A vulnerability was determined in UTT 进取 512W up to 3.1.7.7-171114. This impacts the function strcpy of the file /goform/formNatStaticMap of the component Endpoint. Executing manipulation of the argument NatBind can lead to buffer overflow. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

  • 1 Post
Last activity: 19 hours ago

Fediverse

Profile picture
Offensive Sequence @offseq

🚨 CVE-2025-14534: CRITICAL buffer overflow in UTT 进取 512W (≀3.1.7.7-171114). Remote, unauthenticated exploit β€” public code available. Isolate & restrict /goform/formNatStaticMap now! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 19h ago

CVE-2025-12735

Overview

  • silentmatt
  • expr-eval
05 Nov 2025
Published
22 Nov 2025
Updated
CVSS
Pending
EPSS
0.06%
KEV

Description

The expr-eval library is a JavaScript expression parser and evaluator designed to safely evaluate mathematical expressions with user-defined variables. However, due to insufficient input validation, an attacker can pass a crafted context object or use MEMBER of the context object into the evaluate() function and trigger arbitrary code execution.

Statistics

  • 1 Post
Last activity: 5 hours ago

Fediverse

Profile picture
robrich @robrich

docker.com/blog/security-that- - #Docker hardened #images fix #vulnerabilities FAST! I love they're contributing to upstream too.

  • 0
  • 0
  • 0
  • 5h ago

CVE-2025-66429

Overview

  • Pending
11 Dec 2025
Published
12 Dec 2025
Updated
CVSS
Pending
EPSS
0.07%
KEV

Description

An issue was discovered in cPanel 110 through 132. A directory traversal vulnerability within the Team Manager API allows for overwrite of an arbitrary file. This can allow for privilege escalation to the root user.

Statistics

  • 1 Post
Last activity: 1 hour ago

Bluesky

Profile picture
r/blueteamsec bot @r-blueteamsec.bsky.social
CVE-2025-66429 - cPanel Directory Traversal Privilege Escalation
  • 0
  • 0
  • 0
  • 1h ago

CVE-2025-11266

Overview

  • Grassroots
  • DICOM (GDCM)
12 Dec 2025
Published
12 Dec 2025
Updated
CVSS v4.0
MEDIUM (6.8)
EPSS
Pending
KEV

Description

An out-of-bounds write vulnerability exists in the Grassroots DICOM library (GDCM). The issue is triggered during parsing of a malformed DICOM file containing encapsulated PixelData fragments (compressed image data stored as multiple fragments). This vulnerability leads to a segmentation fault caused by an out-of-bounds memory access due to unsigned integer underflow in buffer indexing. It is exploitable via file input, simply opening a crafted malicious DICOM file is sufficient to trigger the crash, resulting in a denial-of-service condition.

Statistics

  • 1 Post
Last activity: 9 hours ago

Fediverse

Profile picture
morgen @morgenm

I have identified an out-of-bounds write vulnerability affecting the Grassroots DICOM library versions 3.0.24 and prior. Parsing a malformed DICOM image triggers out-of-bound memory access resulting in a segfault. Software utlizing GDCM for DICOM parsing is affected. GDCM, SimpleITK, and medInria have released patches.

CVE-2025-11266

cisa.gov/news-events/ics-medic

  • 0
  • 0
  • 0
  • 9h ago

CVE-2025-46288

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
Last activity: 3 hours ago

Fediverse

Profile picture
Dan (he/him) :twit: @brass75

If you needed a reason to update your Mac to 26.2 sooner rather than later:

App Store
Available for: macOS Tahoe

Impact: An app may be able to access sensitive payment tokens

Description: A permissions issue was addressed with additional restrictions.

CVE-2025-46288: floeki, Zhongcheng Li from IES Red Team of ByteDance

Source: support.apple.com/en-us/125886

(In case you're wondering, yes this CVE does impact iPad and and iPhone as well.)

  • 0
  • 0
  • 0
  • 3h ago

CVE-2025-66039

Overview

  • FreePBX
  • security-reporting
09 Dec 2025
Published
10 Dec 2025
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
0.08%
KEV

Description

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authentication type is set to "webserver." When providing an Authorization header with an arbitrary value, a session is associated with the target user regardless of valid credentials. This issue is fixed in versions 16.0.44 and 17.0.23.

Statistics

  • 2 Posts
Last activity: 8 hours ago

Bluesky

Profile picture
/r/netsec @r-netsec-bot.bsky.social
The FreePBX Rabbit Hole: CVE-2025-66039 & More
  • 0
  • 0
  • 1
  • 8h ago
Showing 21 to 30 of 53 CVEs