Month: March 2025

CVE Alert: CVE-2025-2706

March 25, 2025

Vulnerability Summary: CVE-2025-2706 A vulnerability classified as critical was found in Digiwin ERP 5.0.1. Affected by this vulnerability is an...

CVE Alert: CVE-2025-30163

March 25, 2025

Vulnerability Summary: CVE-2025-30163 Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Node based network policies (`fromNodes`...

CVE Alert: CVE-2025-2748

March 25, 2025

Vulnerability Summary: CVE-2025-2748 The Kentico Xperience application does not fully validate or filter files uploaded via the multiple-file upload functionality,...

CVE Alert: CVE-2025-30162

March 25, 2025

Vulnerability Summary: CVE-2025-30162 Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use...

CVE Alert: CVE-2025-2746

March 25, 2025

Vulnerability Summary: CVE-2025-2746 An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server password handling...

CVE Alert: CVE-2025-2749

March 25, 2025

Vulnerability Summary: CVE-2025-2749 An authenticated remote code execution in Kentico Xperience allows authenticated users Staging Sync Server to upload arbitrary...

CVE Alert: CVE-2025-2708

March 25, 2025

Vulnerability Summary: CVE-2025-2708 A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1. This affects an unknown...

CVE Alert: CVE-2025-2710

March 25, 2025

Vulnerability Summary: CVE-2025-2710 A vulnerability was found in Yonyou UFIDA ERP-NC 5.0 and classified as problematic. This issue affects some...

CVE Alert: CVE-2025-2231

March 25, 2025

Vulnerability Summary: CVE-2025-2231 PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to...

CVE Alert: CVE-2025-2709

March 25, 2025

Vulnerability Summary: CVE-2025-2709 A vulnerability has been found in Yonyou UFIDA ERP-NC 5.0 and classified as problematic. This vulnerability affects...

CVE Alert: CVE-2025-2711

March 25, 2025

Vulnerability Summary: CVE-2025-2711 A vulnerability was found in Yonyou UFIDA ERP-NC 5.0. It has been classified as problematic. Affected is...

CVE Alert: CVE-2025-26512

March 25, 2025

Vulnerability Summary: CVE-2025-26512 SnapCenter versions prior to 6.0.1P1 and 6.1P1 are susceptible to a vulnerability which may allow an authenticated...

CVE Alert: CVE-2025-2714

March 25, 2025

Vulnerability Summary: CVE-2025-2714 A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0. It has been rated as problematic. Affected...

CVE Alert: CVE-2025-2715

March 25, 2025

Vulnerability Summary: CVE-2025-2715 A vulnerability classified as problematic has been found in timschofield webERP up to 5.0.0.rc+13. This affects an...

CVE Alert: CVE-2025-2712

March 25, 2025

Vulnerability Summary: CVE-2025-2712 A vulnerability was found in Yonyou UFIDA ERP-NC 5.0. It has been declared as problematic. Affected by...

CVE Alert: CVE-2025-2716

March 25, 2025

Vulnerability Summary: CVE-2025-2716 A vulnerability classified as problematic was found in China Mobile P22g-CIac 1.0.00.488. This vulnerability affects unknown code...

CISA: CISA Releases Two Industrial Control Systems Advisories

March 25, 2025

CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on February 18, 2025. These...

CISA: CISA Releases Twenty Industrial Control Systems Advisories

March 25, 2025

CISA Releases Twenty Industrial Control Systems Advisories CISA released twenty Industrial Control Systems (ICS) advisories on February 13, 2025. These...

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

March 25, 2025

CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on...

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

March 25, 2025

CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

March 25, 2025

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

March 25, 2025

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

March 25, 2025

CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...

CISA: CISA and Partners Release Advisory on Ghost (Cring) Ransomware

March 25, 2025

CISA and Partners Release Advisory on Ghost (Cring) Ransomware Today, CISA—in partnership with the Federal Bureau of Investigation (FBI) and...

Month: March 2025

CVE Alert: CVE-2025-2706

CVE Alert: CVE-2025-30163

CVE Alert: CVE-2025-2748

CVE Alert: CVE-2025-30162

CVE Alert: CVE-2025-2746

CVE Alert: CVE-2025-2749

CVE Alert: CVE-2025-2708

CVE Alert: CVE-2025-2710

CVE Alert: CVE-2025-2231

CVE Alert: CVE-2025-2709

CVE Alert: CVE-2025-2711

CVE Alert: CVE-2025-26512

CVE Alert: CVE-2025-2714

CVE Alert: CVE-2025-2715

CVE Alert: CVE-2025-2712

CVE Alert: CVE-2025-2716

CISA: CISA Releases Two Industrial Control Systems Advisories

CISA: CISA Releases Twenty Industrial Control Systems Advisories

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA: CISA and Partners Release Advisory on Ghost (Cring) Ransomware

HackerOne Bug Bounty Disclosure: -part-non-production-api-endpoints-for-the-datazone-service-fail-to-log-to-cloudtrail-resulting-in-silent-permission-enumeration-nick-frichette-dd

CVE Alert: CVE-2025-28401

CVE Alert: CVE-2025-31138

CVE Alert: CVE-2025-3371

CVE Alert: CVE-2025-3372

You may have missed