CVE Alert: CVE-2025-1377
Vulnerability Summary: CVE-2025-1377 A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects...
Month: February 2025
CVE Alert: CVE-2025-1380
Vulnerability Summary: CVE-2025-1380 A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. Affected by this...
[INCRANSOM] – Ransomware Victim: lavi[.]co[.]il
Ransomware Group: INCRANSOM VICTIM NAME: lavicoil NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[LYNX] – Ransomware Victim: ranhillbersekutu[.]com[.]my
Ransomware Group: LYNX VICTIM NAME: ranhillbersekutucommy NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-1379
Vulnerability Summary: CVE-2025-1379 A vulnerability has been found in code-projects Real Estate Property Management System 1.0 and classified as critical....
CVE Alert: CVE-2025-1381
Vulnerability Summary: CVE-2025-1381 A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been classified as...
CVE Alert: CVE-2025-0001
Vulnerability Summary: CVE-2025-0001 Abacus ERP is versions older than 2024.210.16036, 2023.205.15833, 2022.105.15542 are affected by an authenticated arbitrary file read...
CVE Alert: CVE-2025-23840
Vulnerability Summary: CVE-2025-23840 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webjema WP-NOTCAPTCHA allows Reflected XSS....
CVE Alert: CVE-2025-0714
Vulnerability Summary: CVE-2025-0714 The vulnerability existed in the password storage of Mobateks MobaXterm below 25.0. MobaXTerm uses an initialization vector...
CVE Alert: CVE-2025-26770
Vulnerability Summary: CVE-2025-26770 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joe Waymark allows Stored XSS....
CVE Alert: CVE-2025-26772
Vulnerability Summary: CVE-2025-26772 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Detheme DethemeKit For Elementor allows...
CVE Alert: CVE-2025-26758
Vulnerability Summary: CVE-2025-26758 Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RebelCode Spotlight Social Media Feeds...
CVE Alert: CVE-2025-26769
Vulnerability Summary: CVE-2025-26769 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webilia Inc. Vertex Addons for...
CVE Alert: CVE-2025-26771
Vulnerability Summary: CVE-2025-26771 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks – Gutenberg...
[RHYSIDA] – Ransomware Victim: Buanderie Centrale de Montreal
Ransomware Group: RHYSIDA VICTIM NAME: Buanderie Centrale de Montreal NOTE: No files or stolen information are by RedPacket Security. Any...
[INCRANSOM] – Ransomware Victim: pyasolutions[.]com
Ransomware Group: INCRANSOM VICTIM NAME: pyasolutionscom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[Palo Alto Networks Security Advisories] CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface
Palo Alto Networks Security Advisories /CVE-2025-0108CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web InterfaceUrgencyHIGHEST047910Severity8.8 ·HIGHExploit MaturityATTACKEDResponse EffortMODERATERecoveryUSERValue DensityCONCENTRATEDAttack VectorNETWORKAttack ComplexityLOWAttack...
CVE Alert: CVE-2025-23845
Vulnerability Summary: CVE-2025-23845 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ERA404 ImageMeta allows Reflected XSS....
CVE Alert: CVE-2025-26773
Vulnerability Summary: CVE-2025-26773 Missing Authorization vulnerability in Adnan Analytify allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects...
CVE Alert: CVE-2025-26775
Vulnerability Summary: CVE-2025-26775 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 BEAR allows Stored XSS....
CVE Alert: CVE-2025-26754
Vulnerability Summary: CVE-2025-26754 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Timeline Block allows Stored...
CVE Alert: CVE-2025-26778
Vulnerability Summary: CVE-2025-26778 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Gallery allows Stored XSS....
CVE Alert: CVE-2025-21103
Vulnerability Summary: CVE-2025-21103 Dell NetWorker Management Console, version(s) 19.11 through 19.11.0.3 & Versions prior to 19.10.0.7 contain(s) an improper neutralization...
CVE Alert: CVE-2024-13879
Vulnerability Summary: CVE-2024-13879 The Stream plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and...
