24h | 7d | 30d

Overview

  • Pending

Pending
Published
Pending
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post

Last activity: 9 hours ago

Bluesky

Profile picture
CRITICAL: #Fedora 43 patches severe OpenUSD RCE flaw (CVE-2025-14439). A malicious USD file can execute code on your system. Read more: 👉 tinyurl.com/4x4sabuz #Security
  • 0
  • 0
  • 0
  • 9h ago

Overview

  • symfony
  • symfony

12 Nov 2025
Published
13 Nov 2025
Updated

CVSS v3.1
HIGH (7.3)
EPSS
0.02%

KEV

Description

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Symfony's HttpFoundation component defines an object-oriented layer for the HTTP specification. Starting in version 2.0.0 and prior to version 5.4.50, 6.4.29, and 7.3.7, the `Request` class improperly interprets some `PATH_INFO` in a way that leads to representing some URLs with a path that doesn't start with a `/`. This can allow bypassing some access control rules that are built with this `/`-prefix assumption. Starting in versions 5.4.50, 6.4.29, and 7.3.7, the `Request` class now ensures that URL paths always start with a `/`.

Statistics

  • 1 Post

Last activity: 18 hours ago

Bluesky

Profile picture
CVE-2025-64500: Incorrect parsing of PATH_INFO can lead to limited authorization bypass - Laravel 11.47.0 https://cstu.io/6fd4f5 #python #oneplus #techie
  • 0
  • 0
  • 0
  • 18h ago

Overview

  • win.rar GmbH
  • WinRAR

08 Aug 2025
Published
21 Oct 2025
Updated

CVSS v4.0
HIGH (8.4)
EPSS
3.40%

Description

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET.

Statistics

  • 1 Post

Last activity: 6 hours ago

Bluesky

Profile picture
100 Days of YARA 2026: Detects RAR archives with CVE-2025-8088
  • 0
  • 0
  • 0
  • 6h ago

Overview

  • Pending

31 Jan 2019
Published
18 Dec 2025
Updated

CVSS
Pending
EPSS
41.22%

KEV

Description

In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 14 hours ago

Fediverse

Profile picture

@hanno this question came up in the SSH world, relating to terminal SCP clients: sintonen.fi/advisories/scp-cli

An SCP client had some missing validation checks in download mode, allowing a malicious server to modify parts of the client's filesystem other than the ones the user authorised it to. As a side effect, the client printed diagnostics which would have given the game away – but the client was also happy to print unsanitised escape sequences sent by the SSH server, which allowed the malicious server to send a well chosen combination of 'move up, clear line of text' escapes to wipe those telltale diagnostics off the screen and allow the attack to go undetected.

In that context, the failure to sanitise escape sequences was assigned a CVE number. (In fact, two: CVE-2019-6109 and CVE-2019-6110.) But that was only because in that particular context it allowed the attacker to hide evidence of a more serious crime.

PuTTY's SCP client was not vulnerable to the 'missing validation check' issue, and didn't allow the server to make unauthorised modifications. It _did_ have the 'failure to sanitise escape sequences' issue, but we didn't regard this as a vulnerability when it _wasn't_ allowing the covering-up of a real attack, and the original researcher agreed.

(We did regard it as a _bug_, and we fixed it. But not, by itself, a vulnerability.)

  • 0
  • 1
  • 0
  • 14h ago

Overview

  • wb2osz
  • Dire Wolf
  • direwolf

22 Dec 2025
Published
23 Dec 2025
Updated

CVSS v4.0
HIGH (8.7)
EPSS
0.13%

KEV

Description

wb2osz/direwolf (Dire Wolf) versions up to and including 1.8, prior to commit 3658a87, contain a reachable assertion vulnerability in the APRS MIC-E decoder function aprs_mic_e() located in src/decode_aprs.c. When processing a specially crafted AX.25 frame containing a MIC-E message with an empty or truncated comment field, the application triggers an unhandled assertion checking for a non-empty comment. This assertion failure causes immediate process termination, allowing a remote, unauthenticated attacker to cause a denial of service by sending malformed APRS traffic.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 3 hours ago

Bluesky

Profile picture
URGENT for #HamRadio ops using #Linux: Critical DoS vulnerabilities (CVE-2025-34458, CVE-2025-34457) patched in direwolf ≤1.8. Read more: 👉 tinyurl.com/h8vmmsa4 #Fedora
  • 0
  • 1
  • 0
  • 3h ago

Overview

  • Pending

31 Jan 2019
Published
04 Aug 2024
Updated

CVSS
Pending
EPSS
16.14%

KEV

Description

An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 14 hours ago

Fediverse

Profile picture

@hanno this question came up in the SSH world, relating to terminal SCP clients: sintonen.fi/advisories/scp-cli

An SCP client had some missing validation checks in download mode, allowing a malicious server to modify parts of the client's filesystem other than the ones the user authorised it to. As a side effect, the client printed diagnostics which would have given the game away – but the client was also happy to print unsanitised escape sequences sent by the SSH server, which allowed the malicious server to send a well chosen combination of 'move up, clear line of text' escapes to wipe those telltale diagnostics off the screen and allow the attack to go undetected.

In that context, the failure to sanitise escape sequences was assigned a CVE number. (In fact, two: CVE-2019-6109 and CVE-2019-6110.) But that was only because in that particular context it allowed the attacker to hide evidence of a more serious crime.

PuTTY's SCP client was not vulnerable to the 'missing validation check' issue, and didn't allow the server to make unauthorised modifications. It _did_ have the 'failure to sanitise escape sequences' issue, but we didn't regard this as a vulnerability when it _wasn't_ allowing the covering-up of a real attack, and the original researcher agreed.

(We did regard it as a _bug_, and we fixed it. But not, by itself, a vulnerability.)

  • 0
  • 1
  • 0
  • 14h ago

Overview

  • wb2osz
  • Dire Wolf
  • direwolf

22 Dec 2025
Published
23 Dec 2025
Updated

CVSS v4.0
HIGH (8.7)
EPSS
0.12%

KEV

Description

wb2osz/direwolf (Dire Wolf) versions up to and including 1.8, prior to commit 694c954, contain a stack-based buffer overflow vulnerability in the function kiss_rec_byte() located in src/kiss_frame.c. When processing crafted KISS frames that reach the maximum allowed frame length (MAX_KISS_LEN), the function appends a terminating FEND byte without reserving sufficient space in the stack buffer. This results in an out-of-bounds write followed by an out-of-bounds read during the subsequent call to kiss_unwrap(), leading to stack memory corruption or application crashes. This vulnerability may allow remote unauthenticated attackers to trigger a denial-of-service condition.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 3 hours ago

Bluesky

Profile picture
URGENT for #HamRadio ops using #Linux: Critical DoS vulnerabilities (CVE-2025-34458, CVE-2025-34457) patched in direwolf ≤1.8. Read more: 👉 tinyurl.com/h8vmmsa4 #Fedora
  • 0
  • 1
  • 0
  • 3h ago

Overview

  • xwiki
  • xwiki-platform

20 Feb 2025
Published
30 Oct 2025
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
94.18%

Description

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any guest can perform arbitrary remote code execution through a request to `SolrSearch`. This impacts the confidentiality, integrity and availability of the whole XWiki installation. To reproduce on an instance, without being logged in, go to `<host>/xwiki/bin/get/Main/SolrSearch?media=rss&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28"Hello%20from"%20%2B%20"%20search%20text%3A"%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20`. If there is an output, and the title of the RSS feed contains `Hello from search text:42`, then the instance is vulnerable. This vulnerability has been patched in XWiki 15.10.11, 16.4.1 and 16.5.0RC1. Users are advised to upgrade. Users unable to upgrade may edit `Main.SolrSearchMacros` in `SolrSearchMacros.xml` on line 955 to match the `rawResponse` macro in `macros.vm#L2824` with a content type of `application/xml`, instead of simply outputting the content of the feed.

Statistics

  • 1 Post

Last activity: 8 hours ago

Fediverse

Profile picture

RondoDox botnet exploits React2Shell flaw to breach Next.js servers
bleepingcomputer.com/news/secu

The RondoDox botnet has been observed exploiting the critical React2Shell flaw
(CVE-2025-55182) to infect vulnerable Next.js servers with malware and
cryptominers.

First documented by Fortinet in July 2025, RondoDox is a large-scale botnet
that targets multiple n-day flaws in global attacks. In November, VulnCheck
spotted new RondoDox variants that featured exploits for CVE-2025-24893, a
critical remote code execution (RCE) vulnerability in the XWiki Platform.

A new report from cybersecurity company CloudSEK notes that RondoDox started
scanning for vulnerable Next.js servers on December 8 and began deploying
botnet clients three days later.

  • 0
  • 0
  • 0
  • 8h ago
Showing 21 to 28 of 28 CVEs