Category: Alert Feeds

  Posted by Matteo Beccati on Oct 25 ======================================================================== Revive Adserver Security Advisory REVIVE-SA-2025-001 ———————————————————————— https://www.revive-adserver.com/security/revive-sa-2025-001 ———————————————————————— CVE-ID: CVE-2025-27208 Date: 2025-10-22 Risk Level:… – Read More  – Full Disclosure 

  Posted by Matteo Beccati on Oct 25 ======================================================================== Revive Adserver Security Advisory REVIVE-SA-2025-002 ———————————————————————— https://www.revive-adserver.com/security/revive-sa-2025-002 ———————————————————————— Date: 2025-10-24 Risk Level: High Applications affected: Revive… – Read More  – Full Disclosure 

  Posted by BSidesSF CFP via Fulldisclosure on Oct 21 BSidesSF is still soliciting submissions for the annual BSidesSF conference on March 21-22, 2026. Call for participation is currently open for both Informational/Collaborative Tracks. Our theme for 2026 is “BSidesSF: The Musical”. Deadline for submissions is OCTOBER 28, 2025. https://bsidessf.org/cfp BSidesSF (bsidessf.org) is a non-profit … Read More “BSidesSF 2026 CFP still open until October 28th  – Full Disclosure” »

  Posted by malvuln on Oct 21 Greetings, I created a MISP-compatible feed for Malvuln that provides malware-vulnerability intelligence; vulnerability types are normalized and mapped to the MITRE ATT&CK framework to improve tagging, correlation and threat analysis. https://intel.malvuln.com Track vulnerable malware, for researchers or anyone building CTI pipelines Existing data live now — new entries … Read More “Malvuln – MISP compatible malware vulnerability intelligence feed now live  – Full Disclosure” »

  Posted by Matthias Deeg via Fulldisclosure on Oct 21 Advisory ID: SYSS-2025-015 Product: Keypad Secure USB 3.2 Gen 1 Drive Manufacturer: Verbatim Affected Version(s): Part Number #49427 (GDMSLK03A-IN3637 VER1.0) Part Number #49428 (GDMSLK03A-IN3637 VER1.0) Tested Version(s): Part Number #49427 (GDMSLK03A-IN3637 VER1.0) Part Number #49428 (GDMSLK03A-IN3637 VER1.0) Vulnerability Type:… – Read More  – Full Disclosure 

  Posted by Matthias Deeg via Fulldisclosure on Oct 21 Advisory ID: SYSS-2025-016 Product: Store ‘n’ Go Secure Portable SSD Manufacturer: Verbatim Affected Version(s): Part Number #53402 (GDMSLK02 C-INIC3637-V1.1) Tested Version(s): Part Number #53402 (GDMSLK02 C-INIC3637-V1.1) Vulnerability Type: Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) Risk Level:… – Read More  – Full Disclosure 

  Posted by Matthias Deeg via Fulldisclosure on Oct 21 Advisory ID: SYSS-2025-017 Product: Store ‘n’ Go Secure Portable HDD Manufacturer: Verbatim Affected Version(s): Part Number #53401 (GD25LK01-3637-C VER4.0) Tested Version(s): Part Number #53401 (GD25LK01-3637-C VER4.0) Vulnerability Type: Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) Risk Level: High… – Read More  – Full … Read More “[SYSS-2025-017]: Verbatim Store ‘n’ Go Secure Portable HDD (security update v1.0.0.6) – Offline brute-force attack  – Full Disclosure” »

  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Oct 21 SEC Consult Vulnerability Lab Security Advisory < 20251021-0 > ======================================================================= title: Multiple Vulnerabilities product: EfficientLab WorkExaminer Professional vulnerable version: <= 4.0.0.52001 fixed version: – CVE number: CVE-2025-10639, CVE-2025-10640, CVE-2025-10641 impact: Critical homepage:… – Read More  – Full Disclosure 

  Posted by Security Explorations on Oct 21 Dear All, We have recently experienced “an outage” / unavailability of our website [1] due to Google suspending our Firebase project (the root for our website hosting). On Oct 16, 2025 (23:20 PM CET) we received a message [2] from Google Cloud Compliance, which indicated our hosting … Read More “Google Firebase hosting suspension / “malware distribution” bypass  – Full Disclosure” »

  Posted by cve on Oct 18 The critical vulnerabilities discovered within Mercku routers, specifically the M6a model, that could pose serious security threats to home networks. These issues allow remote code execution with minimal effort, tested against version 2.1.0 of the official firmware. I have also submitted a CVE request in June 2024 (CVE … Read More “Urgent Security Vulnerabilities Discovered in Mercku Routers Model M6a  – Full Disclosure” »

  Posted by Patrick via Fulldisclosure on Oct 18 —————————————————————————- Summary —————————————————————————- A CWE-601 (Open Redirect) vulnerability has been identified in the additnow functionality of apis.google.com. The vulnerability has been actively exploited in targeted phishing attacks since at least September 15, 2025…. – Read More  – Full Disclosure 

  Posted by Thomas Weber | CyberDanube via Fulldisclosure on Oct 18 CyberDanube Security Research 20251014-0 ——————————————————————————- title| Multiple Vulnerabilities product| QUINT4-UPS vulnerable version| VC:00<VC:07 fixed version| VC:07 (partially) CVE number| CVE-2025-41703, CVE-2025-41704, CVE-2025-41705, | CVE-2025-41706, CVE-2025-41707 impact| High… – Read More  – Full Disclosure 

  Posted by Gynvael Coldwind on Oct 15 Vendor Response Pattern Hi Christopher, Vendor is correct with this one. The problem isn’t the vendor’s site – it’s that the browser is already pwned with the malicious browser extension (this is site-agnostic). You’ve mentioned “No user interaction required beyond normal application usage.”, but having “Malicious browser … Read More “Re: Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)  – Full Disclosure” »

  Posted by SBA Research Security Advisory via Fulldisclosure on Oct 13 # Checkmk Agent Privilege Escalation via Insecure Temporary Files # Link: https://github.com/sbaresearch/advisories/tree/public/2025/SBA-ADV-20250724-01_Checkmk_Agent_Privilege_Escalation_via_Insecure_Temporary_Files ## Vulnerability Overview ## The `win_license` plugin as included in Checkmk agent for Windows versions before 2.4.0p13, 2.3.0p38 and 2.2.0p46, as well as since version 2.1.0b2 and 2.0.0p28 allows low privileged … Read More “[SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files  – Full Disclosure” »

  Posted by SBA Research Security Advisory via Fulldisclosure on Oct 13 # Checkmk Path Traversal # Link: https://github.com/sbaresearch/advisories/tree/public/2025/SBA-ADV-20250730-01_Checkmk_Path_Traversal ## Vulnerability Overview ## Checkmk in versions before 2.4.0p13, 2.3.0p38 and 2.2.0p46, as well as since version 2.1.0b1 is prone to a path traversal vulnerability in the report scheduler. Due to an insufficient validation of a … Read More “[SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal  – Full Disclosure” »

  Posted by Christopher Dickinson via Fulldisclosure on Oct 13 Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com CVE Identifiers * CVE-2025-[PENDING] – Excessive Data Exposure / JWT Token Leakage * CVE-2025-[PENDING] – Broken Object Level Authorization (IDOR) * CVE-2025-[PENDING] – Unrestricted Resource Consumption (DoS) Executive Summary This security advisory details three significant vulnerabilities discovered in … Read More “Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)  – Full Disclosure” »

  Posted by Seralys Research Team via Fulldisclosure on Oct 08 Seralys Security Advisory | https://www.seralys.com/research ====================================================================== Title: SQL Injection Vulnerability Product: Open Web Analytics (OWA) Affected: Confirmed on 1.8.0 (older versions likely affected) Fixed in: 1.8.1 Vendor: Open Web Analytics (open-source) Discovered: August 2025 Severity: HIGH CWE: CWE-89: SQL Injection CVE: CVE-2025-59397… – Read More  … Read More “CVE-2025-59397 – Open Web Analytics SQL Injection  – Full Disclosure” »

  Posted by Stefan Kanthak via Fulldisclosure on Oct 07 On a fresh installation of the just released Windows 11 25H2 the former file %SystemRoot%System32SecurityHealth10.0.27840.1000-0SecurityHealthHost.exe is %SystemRoot%System32SecurityHealthHost.exe now, but the BUG persists: | svchost.exe (PID = 9876) identified \?C:WindowsSystem32SecurityHealthHost.exe | as Disallowed using default rule, Guid = 11015445-d282-4f86-96a2-9e485f593302 stay tuned, and far away from bug-riddled … Read More “Re: Defense in depth — the Microsoft way (part 93): SRP/SAFER whitelisting goes black on Windows 11  – Full Disclosure” »

  Posted by full on Oct 07 Substack is down. If there is a replacement, it is appreciated. -x9p – Read More  – Full Disclosure 

  Posted by josephgoyd via Fulldisclosure on Oct 07 The GitHub link has a write up on the attack-chain. Along with the CNVD certs that were issued for validation. https://github.com/JGoyd/iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201 – Read More  – Full Disclosure 

  Posted by josephgoyd via Fulldisclosure on Oct 02 Updated repo location: https://github.com/JGoyd/iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201 Working exploit: https://www.dropbox.com/scl/fi/oerpnhq1ui3xfswsszfh2/Audio-clip.amr?rlkey=7n54m1o84poezyipxvd2f9slx&st=b1tkonvr&dl=0 – Read More  – Full Disclosure 

  Posted by josephgoyd via Fulldisclosure on Oct 02 Updated repo location: https://github.com/JGoyd/Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201 Working exploit: https://www.dropbox.com/scl/fi/ech6wdnpnyscbfiu2o8zh/IMG_1118.png?rlkey=jna5uo6aihs6tfbwtsk8fw7em&st=8c56raq8&dl=0 – Read More  – Full Disclosure 

  Posted by Ron E on Sep 30 A heap buffer overflow vulnerability exists in the geotifcp utility, distributed as part of libgeotiff. The flaw occurs in the function cpContig2ContigByRow_8_to_4 when processing TIFF images with an odd ImageWidth and using the -d option (downsampling from 8-bit to 4-bit). During conversion, the function iterates over pixels … Read More “libgeotiff 1.7.4 Heap Buffer Overflow in geotifcp (libgeotiff) During 8-to-4 Bit Downsample with Odd Image Width  – Full Disclosure” »

  Posted by Ron E on Sep 30 In the samtools coverage subcommand, the -w / –n-bins option allows the user to specify how many “bins” to produce in the coverage histogram. The code computes: stats[tid].bin_width = (stats[tid].end – stats[tid].beg) / n_bins; When the number of bins (n_bins) is extremely large relative to the region … Read More “Samtools v1.22.1 Improper Handling of Excessive Histogram Bin Counts in Samtools Coverage Leads to Stack Overflow  – Full Disclosure” »

  Posted by Ron E on Sep 30 A denial-of-service vulnerability exists in Samtools and the underlying HTSlib when processing BED files containing extremely large interval values. The bed_index_core() function in bedidx.c uses the interval end coordinate to calculate allocation size without sufficient validation. By supplying a BED record with a crafted end coordinate (e.g., … Read More “Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Sep 30 APPLE-SA-09-29-2025-5 macOS Sonoma 14.8.1 macOS Sonoma 14.8.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/125330. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. FontParser Available for: macOS Sonoma Impact: Processing … Read More “APPLE-SA-09-29-2025-5 macOS Sonoma 14.8.1  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Sep 30 APPLE-SA-09-29-2025-6 visionOS 26.0.1 visionOS 26.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/125338. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. FontParser Available for: Apple Vision Pro Impact: Processing a … Read More “APPLE-SA-09-29-2025-6 visionOS 26.0.1  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Sep 30 APPLE-SA-09-29-2025-1 iOS 26.0.1 and iPadOS 26.0.1 iOS 26.0.1 and iPadOS 26.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/125326. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. FontParser Available for: … Read More “APPLE-SA-09-29-2025-1 iOS 26.0.1 and iPadOS 26.0.1  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Sep 30 APPLE-SA-09-29-2025-2 iOS 18.7.1 and iPadOS 18.7.1 iOS 18.7.1 and iPadOS 18.7.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/125327. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. FontParser Available for: … Read More “APPLE-SA-09-29-2025-2 iOS 18.7.1 and iPadOS 18.7.1  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Sep 30 APPLE-SA-09-29-2025-3 macOS Tahoe 26.0.1 macOS Tahoe 26.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/125328. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. FontParser Available for: macOS Tahoe Impact: Processing … Read More “APPLE-SA-09-29-2025-3 macOS Tahoe 26.0.1  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Sep 30 APPLE-SA-09-29-2025-4 macOS Sequoia 15.7.1 macOS Sequoia 15.7.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/125329. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. FontParser Available for: macOS Sequoia Impact: Processing … Read More “APPLE-SA-09-29-2025-4 macOS Sequoia 15.7.1  – Full Disclosure” »

  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Sep 25 SEC Consult Vulnerability Lab Security Advisory < 20250925-0 > ======================================================================= title: Multiple Vulnerabilities product: iMonitorSoft EAM vulnerable version: iMonitor EAM 9.6394 fixed version: – CVE number: CVE-2025-10540, CVE-2025-10541, CVE-2025-10542 impact: Critical homepage:… – Read More  – Full Disclosure 

  Posted by Antoine Martin via Fulldisclosure on Sep 25 1) About Xpra Xpra is known as “screen for X11”. https://xpra.org/ “Xpra forwards and synchronizes many extra desktop features, which allows remote applications to integrate transparently into the client’s desktop environment: audio input and output, printers, clipboard, system trays, notifications, webcams, etc.” 2) Vulnerability Using … Read More “xpra server information disclosure  – Full Disclosure” »

  Posted by Thomas Weber | CyberDanube via Fulldisclosure on Sep 25 CyberDanube Security Research 20250909-0 ——————————————————————————- title| Reflected XSS product| ATV 630 vulnerable version| “see Vulnerable versions” fixed version| none CVE number| CVE-2025-7746 impact| Medium homepage| https://www.se.com/ found| 2025-03-11 by| T…. – Read More  – Full Disclosure 

  Posted by Thomas Weber | CyberDanube via Fulldisclosure on Sep 25 CyberDanube Security Research 20250919-0 ——————————————————————————- title| Multiple Vulnerabilities in Novakon HMI Series product| Novakon Touch Screen HMI P Series vulnerable version| P – V2001.A.c518o2 fixed version| – CVE number| CVE-2025-9962, CVE-2025-9963, CVE-2025-9964, | CVE-2025-9965, CVE-2025-9966… – Read More  – Full Disclosure 

  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Sep 25 SEC Consult Vulnerability Lab Security Advisory < 20250923-0 > ======================================================================= title: Missing Certificate Validation leading to RCE product: CleverControl employee monitoring software vulnerable version: 11.5.1041.6 fixed version: – CVE number: CVE-2025-10548 impact: high homepage: https://clevercontrol.com… – Read More  – Full Disclosure 

  Posted by Burning River Cyber Con via Fulldisclosure on Sep 22 Burning River CyberCon is seeking submissions for our 2025 conference. We’re looking for presentations on all things infosec, from vulnerability research and exploit development to red teaming and security automation. Key Details: – CFP Link: https://burningrivercybercon.com/call-for-papers – CFP Closes: October 1, 2025 – … Read More “[CFP] Burning River Cyber Con ’25 – Cleveland, OH  – Full Disclosure” »

  Posted by Andrey Stoykov on Sep 22 # Exploit Title: Current Password not Required When Changing Password – flatpressv1.4.1 # Date: 09/2025 # Exploit Author: Andrey Stoykov # Version: 1.4.1 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/2025/09/friday-fun-pentest-series-42-current.html Current Password not Required When Changing Password: Steps to Reproduce: – Login with admin user and … Read More “Current Password not Required When Changing Password – flatpressv1.4.1  – Full Disclosure” »

  Posted by Andrey Stoykov on Sep 22 # Exploit Title: Stored HTML Injection – flatpressv1.4.1 # Date: 09/2025 # Exploit Author: Andrey Stoykov # Version: 1.4.1 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/2025/09/friday-fun-pentest-series-41-stored.html Stored HTML Injection: Steps to Reproduce: – Login with admin user and visit “Main” > “New Entry” > “Write Entry” … Read More “Stored HTML Injection – flatpressv1.4.1  – Full Disclosure” »

  Posted by Ron E on Sep 22 gmo2msg in libelf contains a stack-based buffer overflow in po/gmo2msg.c when constructing filenames from the first program argument (lang). The program uses a fixed-size local buffer (char buf[1024]) and writes into it using sprintf(buf, “%s.gmo”, lang) and sprintf(buf, “%s.msg”, lang) without validating the length of lang. Supplying … Read More “libelf 0.8.12 Stack-based buffer overflow in gmo2msg (libelf) via unbounded sprintf of lang argument  – Full Disclosure” »

  Posted by Stefan Kanthak via Fulldisclosure on Sep 22 Hi @ll, more than 2.5 years ago I posted “Defense in depth — the Microsoft way (part 82): INVALID/BOGUS AppLocker rules disable SAFER on Windows 11 22H2″ <https://seclists.org/fulldisclosure/2023/Feb/13> In “SRP on Windows 11” <https://seclists.org/fulldisclosure/2023/Mar/1> Andy Ful presented a persistent correction some days later. Since several … Read More “Defense in depth — the Microsoft way (part 93): SRP/SAFER whitelisting goes black on Windows 11  – Full Disclosure” »

  Posted by Stefan Kanthak via Fulldisclosure on Sep 22 Hi @ll, since several years Microsoft installs the DLLs domain_actions.dll and well_known_domains.dll as part of their Edge browser as well as Windows’ WebView component into each and every user profile, UNPROTECTED against tampering. On Windows 11 24H2 their paths are currently “%LOCALAPPDATA%MicrosoftEdgeUser DataDomain Actions3.0.0.16domain_actions.dll” “%LOCALAPPDATA%MicrosoftEdgeUser … Read More “Defense in depth — the Microsoft way (part 94): BACKDOOR planted in AppLocker  – Full Disclosure” »

  Posted by Stefan Kanthak via Fulldisclosure on Sep 22 Hi @ll, since several years Microsoft installs the DLLs domain_actions.dll and well_known_domains.dll as part of their Edge browser as well as Windows’ WebView component into each and every user profile, UNPROTECTED against tampering. On Windows 11 24H2 their paths are currently “%LOCALAPPDATA%MicrosoftEdgeUser DataDomain Actions3.0.0.16domain_actions.dll” “%LOCALAPPDATA%MicrosoftEdgeUser … Read More “Defense in depth — the Microsoft way (part 94): BACKDOOR planted in AppLocker  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Sep 15 APPLE-SA-09-15-2025-10 visionOS 26 visionOS 26 addresses the following issues. Information about the security content is also available at https://support.apple.com/125115. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleMobileFileIntegrity Available for: Apple Vision Pro Impact: An app … Read More “APPLE-SA-09-15-2025-10 visionOS 26  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Sep 15 APPLE-SA-09-15-2025-11 Safari 26 Safari 26 addresses the following issues. Information about the security content is also available at https://support.apple.com/125113. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Safari Available for: macOS Sonoma and macOS Sequoia Impact: … Read More “APPLE-SA-09-15-2025-11 Safari 26  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Sep 15 APPLE-SA-09-15-2025-7 macOS Sonoma 14.8 macOS Sonoma 14.8 addresses the following issues. Information about the security content is also available at https://support.apple.com/125112. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AMD Available for: macOS Sonoma Impact: An … Read More “APPLE-SA-09-15-2025-7 macOS Sonoma 14.8  – Full Disclosure” »

  Posted by Ron E on Sep 15 Multiple functions in libvips invoke callbacks through incorrectly cast function pointers, resulting in Undefined Behavior (UB). During runtime, callbacks such as search_package, vips_class_map_all, vips_foreign_find_load_sub, vips_object_real_postbuild, and vips_area_free_cb are called through function pointer types that do not match their actual signatures. This is benign on x86-64, where calling … Read More “libvips v8.18.0 Function Pointer Type Confusion in libvips Callback Dispatch  – Full Disclosure” »