Category: Vulnerability
-
VMware ESXi and VMware Workstation security vulnerability (CVE-2025-22224)
CVE-2025-22224 is a critical vulnerability classified as a Time-of-Check Time-of-Use (TOCTOU) flaw affecting VMware ESXi and VMware Workstation. In essence, the issue arises from a race condition where the system checks a resource and then uses it without verifying that it hasn’t changed, which can lead to an out-of-bounds write. This behavior can allow a…
-
OpenH264 security vulnerability (CVE-2025-27091)
CVE-2025-27091 is a vulnerability found in the OpenH264 codec library a widely used tool for H.264 video encoding and decoding developed by Cisco. The issue arises from a race condition in the library’s decoding functions. In essence, there is a timing gap between the allocation of memory for a Sequence Parameter Set (SPS) and the…
-
Palo Alto Networks PAN-OS security vulnerability (CVE‑2025‑0108)
CVE‑2025‑0108 is an authentication bypass vulnerability found in Palo Alto Networks’ PAN‑OS software. This vulnerability allows an unauthenticated attacker with network access to the management web interface to bypass standard authentication and invoke specific PHP scripts. While the flaw doesn’t directly lead to remote code execution, it can compromise the confidentiality and integrity of the…
-
OpenSSL security vulnerability (CVE-2024-12797)
CVE-2024-12797 is a high-severity vulnerability in the OpenSSL cryptographic library, identified by Apple Inc. This flaw affects OpenSSL versions 3.2, 3.3, and 3.4 and pertains to the handling of RFC7250 handshakes. Specifically, when clients use raw public keys (RPKs) for server authentication, the handshake may not abort as expected if the server is unauthenticated. This…
-
Fortinet security vulnerability (CVE-2025-24472)
CVE-2025-24472 is an authentication bypass vulnerability identified in Fortinet’s FortiOS and FortiProxy products. This flaw allows a remote attacker to gain super-admin privileges by sending specially crafted CSF proxy requests. Affected Versions: Severity: The vulnerability has been assigned a CVSS v3.1 base score of 8.1, categorizing it as ‘High’ severity. Mitigation: Fortinet has addressed this…
-
Apple security vulnerability (CVE-2025-24200)
CVE-2025-24200 is a vulnerability in Apple’s iOS and iPadOS systems that stems from an authorization flaw caused by improper state management. In affected devices, this flaw could allow a physical attacker to bypass USB Restricted Mode on a locked device potentially permitting unauthorized data access via a USB connection. This vulnerability has been fixed in…
-
FreeBSD security vulnerability (CVE-2025-0662)
CVE-2025-0662 identifies a vulnerability in FreeBSD’s ktrace facility, which is used for tracing kernel and user programs. In certain scenarios, ktrace logs variable-sized sockaddr structures to userspace. When the actual sockaddr is shorter than its full size, the entire structure is still copied, resulting in up to 14 bytes of uninitialized kernel memory being exposed…
-
FreeBSD security vulnerability (CVE-2025-0374)
CVE-2025-0374 is a security vulnerability identified in FreeBSD’s etcupdate utility. When etcupdate encounters conflicts during file merging, it saves a version containing conflict markers in /var/db/etcupdate/conflicts. This temporary file does not preserve the original file’s permissions and is world-readable, potentially exposing sensitive information. Files that typically have restricted access, such as /etc/master.passwd, could be affected.…
-
FreeBSD security vulnerability (CVE-2025-0373)
CVE-2025-0373 is a security vulnerability identified in certain filesystems of FreeBSD operating systems. Specifically, on 64-bit systems, the function VOP_VPTOFH() in the cd9660, tarfs, and ext2fs filesystems contains a stack buffer overflow that overflows the destination FID buffer by 4 bytes. This vulnerability can be exploited when an NFS server exports one of these affected…
-
Apple zero-day vulnerability (CVE-2025-24085)
CVE-2025-24085 is a zero-day vulnerability that arises from a “use after free” issue in Apple’s CoreMedia framework. This flaw affects multiple Apple operating systems, including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS. This vulnerability occurs when memory that has already been freed is improperly accessed, potentially leading to arbitrary code execution or privilege escalation. Apple…
-
Amazon WorkSpaces security vulnerability (CVE-2025-0501)
CVE-2025-0501 is a security vulnerability affecting native Amazon WorkSpaces clients that use the PCoIP protocol. The flaw is rooted in improper certificate validation (CWE-295), which can allow an attacker to conduct a man‑in‑the‑middle (MITM) attack. If exploited, an adversary may intercept or manipulate remote WorkSpaces sessions, thereby gaining unauthorized access. Affected Versions: The vulnerability has…
-
Amazon WorkSpaces, AppStream 2.0 and DCV security vulnerability (CVE-2025-0500)
CVE-2025-0500 is a security vulnerability identified in specific versions of native clients for Amazon WorkSpaces (using the Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV. This flaw could allow an attacker to perform a man-in-the-middle (MITM) attack, potentially granting unauthorized access to remote sessions. Affected Versions: Amazon has addressed this vulnerability in subsequent releases.…