Overview
- NLnet Labs
- Unbound
Description
Statistics
- 1 Post
Overview
Description
Statistics
- 1 Post
Fediverse
đź“° Water Gamayun APT Exploits Novel 'MSC EvilTwin' Windows Flaw in Stealthy Attacks
⚠️ Russia-aligned APT Water Gamayun exploits novel 'MSC EvilTwin' Windows flaw (CVE-2025-26633). The attack uses malicious .msc files to proxy PowerShell execution via mmc.exe, bypassing defenses. #APT #Vulnerability #CyberAttack #WaterGamayun
Overview
- ray-project
- ray
Description
Statistics
- 1 Post
Fediverse
🚨 CVE-2025-62593 (CRITICAL): Ray AI <2.52.0 is vulnerable to RCE via DNS rebinding attacks (Firefox/Safari). Exploit enables unauthenticated code execution. Patch to 2.52.0+ ASAP! Details: https://radar.offseq.com/threat/cve-2025-62593-cwe-94-improper-control-of-generati-15eefc0a #OffSeq #RayAI #Vuln #Infosec
Overview
- NVIDIA
- NeMo Agent ToolKit
Description
Statistics
- 1 Post
Fediverse
đź“° NVIDIA AI Toolkit and WordPress Plugins Hit with High-Severity Flaws
Vulnerability alert: NVIDIA's NeMo AI toolkit is exposed to a high-severity SSRF flaw (CVE-2025-33203). Meanwhile, WordPress plugins 'Just Highlight' & 'Locker Content' are hit with XSS & info disclosure bugs. PATCH NOW! #Vulnerability #NVIDIA #Wor...
Overview
- Elated Themes
- FindAll Listing
Description
Statistics
- 1 Post
Fediverse
🚨 CVE-2025-13538 (CRITICAL, CVSS 9.8): Elated Themes FindAll Listing plugin for WordPress lets unauthenticated attackers escalate to admin via registration if FindAll Membership is active. Disable user registration & monitor accounts! https://radar.offseq.com/threat/cve-2025-13538-cwe-269-improper-privilege-manageme-2da30aa5 #OffSeq #WordPress #Infosec
Overview
Description
Statistics
- 1 Post
Bluesky
Overview
- Canonical Ltd.
- Ubuntu EDK II
- edk2
Description
Statistics
- 1 Post
- 3 Interactions
Fediverse
Not the most confidence-inspiring CVE description.
https://www.cve.org/CVERecord?id=CVE-2025-2486
The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based decision to continue running inside the Shell itself, which is believed to be sufficient to enforce Secure Boot restrictions. This is an additional repair on top of the incomplete fix for CVE-2023-48733.
Overview
Description
Statistics
- 1 Post
- 3 Interactions
Fediverse
Not the most confidence-inspiring CVE description.
https://www.cve.org/CVERecord?id=CVE-2025-2486
The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based decision to continue running inside the Shell itself, which is believed to be sufficient to enforce Secure Boot restrictions. This is an additional repair on top of the incomplete fix for CVE-2023-48733.
Overview
Description
Statistics
- 1 Post
Overview
- DB Electronica Telecomunicazioni S.p.A.
- Mozart FM Transmitter
Description
Statistics
- 1 Post
- 8 Interactions
Fediverse
Go hack more radio shit.
https://www.abdulmhsblog.com/posts/webfmvulns/
- CVE-2025-66259: Authenticated Root RCE (main_ok.php)
- CVE-2025-66253: Unauthenticated OS Command Injection (Upgrade)
- CVE-2025-66261: Unauthenticated OS Command Injection (Restore)
- CVE-2025-66262: Arbitrary File Overwrite (Tar Path Traversal)
- CVE-2025-66250: Unrestricted File Upload (Status)
- CVE-2025-66255: Unsigned Firmware Upload
- CVE-2025-66256: Unrestricted Patch Upload
- CVE-2025-66251: Path Traversal File Deletion
- CVE-2025-66254: Arbitrary File Deletion (Upgrade)
- CVE-2025-66263: Arbitrary File Read (Null Byte Injection)
- CVE-2025-66260: SQL Injection
- CVE-2025-66258: Stored XSS via XML Injection
- CVE-2025-66257: Arbitrary Patch Deletion
- CVE-2025-66252: Infinite Loop Denial of Service