Latest CVEs & CyberSecurity News

CVE ID : CVE-2025-25286 Published : Feb. 13, 2025, 1:15 a.m. | 3 hours, 13 minutes ago Description : Crayfish is a collection of Islandora 8 microservices, one of which, Homarus, provides FFmpeg as a microservice. Prior to Crayfish version 4.1.0, remote code execution may be possible in web-accessible installations of Homarus in certain configurations. The issue […]

CVE ID : CVE-2024-13644 Published : Feb. 13, 2025, 2:15 a.m. | 2 hours, 13 minutes ago Description : The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s De Gallery widget in all versions up to, and including, 2.1.8 due to insufficient input sanitization and output escaping on user supplied

CVE ID : CVE-2025-0896 Published : Feb. 13, 2025, 2:15 a.m. | 2 hours, 13 minutes ago Description : Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled. This could result in unauthorized access by an attacker. Severity: 9.8 | CRITICAL Visit the link for more details, such

CVE ID : CVE-2025-1198 Published : Feb. 13, 2025, 2:15 a.m. | 2 hours, 13 minutes ago Description : An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming

CVE ID : CVE-2024-57949 Published : Feb. 9, 2025, 12:15 p.m. | 15 hours, 17 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Don’t enable interrupts in its_irq_set_vcpu_affinity() The following call-chain leads to enabling interrupts in a nested interrupt disabled section: irq_set_vcpu_affinity() irq_get_desc_lock() raw_spin_lock_irqsave() Severity: 0.0 | NA Visit the

Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) CVE-2025-0411, a Mark-of-t … Read more Published Date: Feb 09, 2025 (20 hours, 21 minutes ago) Vulnerabilities has been mentioned

CVE ID : CVE-2025-21685 Published : Feb. 9, 2025, 12:15 p.m. | 15 hours, 17 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: platform/x86: lenovo-yoga-tab2-pro-1380-fastcharger: fix serdev race The yt2_1380_fc_serdev_probe() function calls devm_serdev_device_open() before setting the client ops via serdev_device_set_client_ops(). This ordering can trigger a NULL pointer dereference in the serdev

CVE ID : CVE-2025-21684 Published : Feb. 9, 2025, 12:15 p.m. | 15 hours, 17 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: gpio: xilinx: Convert gpio_lock to raw spinlock irq_chip functions may be called in raw spinlock context. Therefore, we must also use a raw spinlock for our own internal

TheCyberThrone Security Weekly Review – February 08, 2025 Welcome to TheCyberThrone  cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, February 08, 2025.CVE-2025-21293 PoC Exp … Read more Published Date: Feb 09, 2025 (16 hours, 29 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2025-23419 CVE-2025-24503 CVE-2025-21293 CVE-2024-51741