Technical analysis of CVE-2025-31201: reverse engineering the diff between iOS 18.4 and 18.4.1 to study the changes made to RPAC.:
Recent searches
Search options
Administered by:
#cve
427 posts225 participants12 posts today
Technical analysis of CVE-2025-31201: reverse engineering the diff between iOS 18.4 and 18.4.1 to study the changes made to RPAC.:
#Erlang / #OTP 25.3.2.20 (old old stable) has been released (#Ericsson / #OpenTelecomPlatform / #ErlangOTP / #TLS13 / #CVE / #CVE202532433) https://erlang.org/
Erlang.orgIndex - Erlang/OTPThe official home of the Erlang Programming Language
#Erlang / #OTP 26.2.5.11 (old stable) has been released (#Ericsson / #OpenTelecomPlatform / #ErlangOTP / #TLS13 / #CVE / #CVE202532433) https://erlang.org/
Erlang.orgIndex - Erlang/OTPThe official home of the Erlang Programming Language
Replied in thread
@thecvefoundation “CVE” is a registered mark owned by MITRE and tied to the official CVE Program. Did you get permission to use the name? If not, that’s a serious concern. Who’s behind this initiative? How are you structured and funded? Transparency matters in vuln coordination.
Replied in thread
@thecvefoundation “CVE” is a registered mark owned by MITRE and tied to the official CVE Program. Did you get permission to use the name? If not, that’s a serious concern. Who’s behind this initiative? How are you structured and funded? Transparency matters in vuln coordination.
Lambda Watchdog CVE Report
Latest AWS Lambda image scan detected 10 CVEs across 25 images:
• 
Critical: 0
• 
High: 3
• 
Medium: 6
• 
Low: 1
Check the full report 
https://lambdawatchdog.com/
#AWS #Lambda #CVE #CloudSecurity #Serverless
lambdawatchdog.comLambda WatchdogAWS Lambda CVE dashboard
#CVE program faces swift end after DHS fails to renew contract, leaving security flaw tracking in limbo
CSO OnlineCVE program faces swift end after DHS fails to renew contract, leaving security flaw tracking in limboMITRE’s 25-year-old Common Vulnerabilities and Exposures (CVE) program will end April 16 after DHS did not renew its funding contract for reasons unspecified. Experts say ending the program, which served as the crux for most cybersecurity defense programs, is a tragedy.
CVE Foundation Launched to Secure the Future of the CVE Program https://www.thecvefoundation.org #cve #infosec #news
www.thecvefoundation.orgCVE FoundationFOR IMMEDIATE RELEASE
April 16, 2025
CVE Foundation Launched to Secure the Future of the CVE Program
[Bremerton, Washington] – The CVE Foundation has been formally established to ensure the long-term viability, stability, and independence of the Common Vulnerabilities and Exposures (CVE) Program, a
CVE-2025-3820 - Tenda W12 and i24 Remote Stack-Based Buffer Overflow April 19, 2025 at 09:15PM https://ift.tt/2uAI1bm #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-3820 - Tenda W12 and i24 Remote Stack-Based Buffer OverflowA vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644) and classified as critical. Affected by this issue is the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the argument hostIp1/hostIp2 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the …
CVE-2025-43917 - Pritunl Client Privilege Escalation Vulnerability April 19, 2025 at 07:15PM https://ift.tt/QoKlM9f #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-43917 - Pritunl Client Privilege Escalation VulnerabilityIn Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate privileges after uninstalling the product. Specifically, an administrator can insert a new file at the pathname of the removed pritunl-service file. This file then is executed by a LaunchDaemon as root.
Vulnerabilidad Windows NTLM explotada para robo de hashes https://blog.elhacker.net/2025/04/windows-vulnerabilidad-ntlm-robo-hash.html #vulnerabilidad #Windows #hash #NTLM #cve
Blog elhacker.NETVulnerabilidad Windows NTLM explotada para robo de hashesBlog sobre informática, tecnología y seguridad con manuales, tutoriales y documentación sobre herramientas y programas
Vulnerabilidad en Cisco Webex permite ejecutar código mediante enlaces de reuniones https://blog.elhacker.net/2025/04/vulnerabilidad-en-cisco-webex-rce-link-reuniones.html #vulnerabilidad #cisco #webex #cve #rce
Blog elhacker.NETVulnerabilidad en Cisco Webex permite ejecutar código mediante enlaces de reunionesBlog sobre informática, tecnología y seguridad con manuales, tutoriales y documentación sobre herramientas y programas
CVE-2025-3803 - Tenda W12 and i24 Stack-Based Buffer Overflow Vulnerability April 19, 2025 at 03:15PM https://ift.tt/mVaRn3p #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-3803 - Tenda W12 and i24 Stack-Based Buffer Overflow VulnerabilityA vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been rated as critical. This issue affects the function cgiSysScheduleRebootSet of the file /bin/httpd. The manipulation of the argument rebootDate leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the …
CVE-2025-3802 - Tenda W12 and i24 HTTPd cgiPingSet Stack-Based Buffer Overflow April 19, 2025 at 03:15PM https://ift.tt/JUSsqkN #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-3802 - Tenda W12 and i24 HTTPd cgiPingSet Stack-Based Buffer OverflowA vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been declared as critical. This vulnerability affects the function cgiPingSet of the file /bin/httpd. The manipulation of the argument pingIP leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the …
Für die @AG_KRITIS bin ich jetzt bei Deutschlandfunk in Computer und Kommunikation dabei zum Thema #CVE Schwachstellen Datenbank und der Machtübernahme in den USA.
https://www.deutschlandfunk.de/computer-und-kommunikation-100.html
DeutschlandfunkComputer und KommunikationDas Neueste aus Computertechnik und Informationstechnologie. Beiträge und Interviews zu IT-Sicherheit, Informatik, Datenschutz, Smartphones, Cloud-Computing
Lambda Watchdog CVE Report
Latest AWS Lambda image scan detected 10 CVEs across 25 images:
• Critical: 0
• High: 3
• Medium: 6
• Low: 1
Check the full report https://lambdawatchdog.com/
#AWS #Lambda #CVE #CloudSecurity #Serverless
lambdawatchdog.comLambda WatchdogAWS Lambda CVE dashboard
CVE-2021-4455 - "Wordpress Smart Product Review Plugin File Upload Vulnerability" April 19, 2025 at 08:15AM https://ift.tt/XntmD86 #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2021-4455 - "Wordpress Smart Product Review Plugin File Upload Vulnerability"The Wordpress Plugin Smart Product Review plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.0.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code …