Overview
Description
Statistics
- 1 Post
Overview
- sh1zen
- Multi Uploader for Gravity Forms
Description
Statistics
- 1 Post
Fediverse
π¨ CRITICAL (CVSS 9.8): Path traversal in sh1zen Multi Uploader for Gravity Forms (all versions) lets unauthenticated attackers delete files on WordPress servers. Audit, disable, or remove plugin now. CVE-2025-14344 https://radar.offseq.com/threat/cve-2025-14344-cwe-22-improper-limitation-of-a-pat-561e2c4d #OffSeq #WordPress #CVE202514344
Overview
Description
Statistics
- 1 Post
Overview
- sandboxie-plus
- Sandboxie
Description
Statistics
- 1 Post
Fediverse
CRITICAL: CVE-2025-64721 in Sandboxie-Plus (<1.16.7) allows sandbox escapes with SYSTEM privileges via integer overflow in SbieSvc.exe. Patch to 1.16.7+ ASAP! π₯ https://radar.offseq.com/threat/cve-2025-64721-cwe-190-integer-overflow-or-wraparo-1c3827ed #OffSeq #CVE202564721 #Windows #Infosec
Overview
- UTT
- θΏε 512W
Description
Statistics
- 1 Post
Fediverse
π¨ CVE-2025-14534: CRITICAL buffer overflow in UTT θΏε 512W (β€3.1.7.7-171114). Remote, unauthenticated exploit β public code available. Isolate & restrict /goform/formNatStaticMap now! https://radar.offseq.com/threat/cve-2025-14534-buffer-overflow-in-utt-512w-46bf1244 #OffSeq #CVE #BufferOverflow #NetworkSecurity
Overview
Description
Statistics
- 1 Post
Fediverse
https://www.docker.com/blog/security-that-strengthens-the-ecosystem-dockers-upstream-approach-to-cve-2025-12735/ - #Docker hardened #images fix #vulnerabilities FAST! I love they're contributing to upstream too.
Overview
Description
Statistics
- 1 Post
Overview
- Grassroots
- DICOM (GDCM)
Description
Statistics
- 1 Post
Fediverse
I have identified an out-of-bounds write vulnerability affecting the Grassroots DICOM library versions 3.0.24 and prior. Parsing a malformed DICOM image triggers out-of-bound memory access resulting in a segfault. Software utlizing GDCM for DICOM parsing is affected. GDCM, SimpleITK, and medInria have released patches.
CVE-2025-11266
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-345-01
Overview
Description
Statistics
- 1 Post
Fediverse
If you needed a reason to update your Mac to 26.2 sooner rather than later:
App Store
Available for: macOS Tahoe
Impact: An app may be able to access sensitive payment tokens
Description: A permissions issue was addressed with additional restrictions.
CVE-2025-46288: floeki, Zhongcheng Li from IES Red Team of ByteDance
Source: https://support.apple.com/en-us/125886
(In case you're wondering, yes this CVE does impact iPad and and iPhone as well.)
Overview
- FreePBX
- security-reporting
Description
Statistics
- 2 Posts