Cyber alerts

2,901 results

March 2025

Published Wednesday 12 March 2025 (03:00) (updated 17 April 2025)

Microsoft Releases March 2025 Security Updates

Scheduled updates for Microsoft products, including security updates for 57 vulnerabilities, of which six are reported as exploited

CC-4628 Medium

Published Thursday 6 March 2025 (02:11) (updated 6 March 2025)

Cisco Releases Security Advisory for Secure Client

CVE-2025-20206 could allow an attacker to execute arbitrary code with system privileges

CC-4627 High

Published Tuesday 4 March 2025 (04:11) (updated 6 March 2025)

Critical Zero-day Vulnerabilities in VMware ESXi, Workstation, and Fusion

Broadcom has addressed three exploited vulnerabilities that, when chained, can allow an attacker to access the hypervisor through a running virtual machine

February 2025

CC-4626 Medium

Published Wednesday 26 February 2025 (05:35) (updated 26 February 2025)

Proof-of-Concept Exploits Released for RSync Vulnerabilities

Vulnerabilities in RSync could allow an attacker to execute arbitrary code or perform path traversal

CC-4625 Medium

Published Monday 24 February 2025 (03:20) (updated 24 February 2025)

Medixant Releases Security Update for RadiAnt DICOM Viewer

Successful exploitation of CVE-2025-1001 could allow an attacker to perform a machine-in-the-middle attack (MITM)

CC-4617 Medium

Published Monday 24 February 2025 (01:31) (updated 24 February 2025)

F5 Releases Quarterly Security Notification (February 2025) Affecting BIG-IP Products

One of the 13 high impact advisories addresses the command injection vulnerability CVE-2025-20029, which could lead to arbitrary system command execution

CC-4624 Medium

Published Wednesday 19 February 2025 (12:59) (updated 19 February 2025)

Juniper Networks Releases Out-of-Cycle Security Bulletin for Critical Vulnerability

API authentication bypass vulnerability CVE-2025-21589 affects Session Smart Router, Conductor, and WAN Assurance Managed Routers

CC-4622 Medium

Published Friday 14 February 2025 (03:17) (updated 21 February 2025)

Security updates released for PostgreSQL

Proof-of-concept exploit code released for SQL injection vulnerability CVE-2025-1094

CC-4623 Medium

Published Friday 14 February 2025 (02:03) (updated 14 February 2025)

Active Exploitation of Critical Vulnerability Chain in SimpleHelp

CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728 can be exploited in a chain to allow full compromise of a SimpleHelp server

CC-4621 Medium

Published Thursday 13 February 2025 (03:14) (updated 20 February 2025)

Palo Alto Networks Releases Security Updates for PAN-OS

Attack chain using CVE-2025-0108 and CVE-2025-0111 has been observed in the wild