Friday , February 28 2025
Vulnarability

CISA Adds Three Known Exploited Vulnerabilities to Catalog

infosecbulletin Thursday , January 18 2024 Vulnerabilities

CISA found evidence of active exploitation for three new vulnerabilities, which have been added to their list of known exploited vulnerabilities.

CVE-2023-6549: Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability. It describes Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service

By 2025, India’s First Semiconductor Chip to be ready

By infosecbulletin / Friday , February 28 2025
At the Global Investors Summit 2025, Union Minister Ashwini Vaishnaw announced that India’s first indigenous semiconductor chip will be ready...
Read More
By 2025, India’s First Semiconductor Chip to be ready

CVE-2025-20111
Cisco Warns Vulns in Nexus 3000 and 9000 Series Switches

By infosecbulletin / Thursday , February 27 2025
Cisco has warned of a critical vulnerability, CVE-2025-20111, in several Nexus switch models. This flaw could let attackers remotely crash...
Read More
CVE-2025-20111 Cisco Warns Vulns in Nexus 3000 and 9000 Series Switches

CVE-2025-0475 & CVE-2025-0555
GitLab’s High-Risk Flaw, Patch Now Urgently!

By infosecbulletin / Thursday , February 27 2025
GitLab has released a security advisory, urging all self-managed installations to upgrade to versions 17.9.1, 17.8.4, or 17.7.6 due to...
Read More
CVE-2025-0475 & CVE-2025-0555 GitLab’s High-Risk Flaw, Patch Now Urgently!

Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts

By infosecbulletin / Thursday , February 27 2025
A China-linked botnet is targeting Microsoft 365 accounts with widespread password spraying attacks, according to a report by SecurityScorecard. A...
Read More
Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts

HaveIBeenPwned Added 244 Million Passwords Stolen By Infostealers

By infosecbulletin / Wednesday , February 26 2025
A breach notification site has added millions of new passwords and email addresses obtained from infostealer malware. Troy Hunt, founder of...
Read More
HaveIBeenPwned Added 244 Million Passwords Stolen By Infostealers

Hackers Exploits RCE flaw in Cisco Small Business Router

By infosecbulletin / Wednesday , February 26 2025
Cybersecurity researchers have discovered a campaign exploiting a remote command execution vulnerability, CVE-2023-20118, in Cisco Small Business Routers. This vulnerability...
Read More
Hackers Exploits RCE flaw in Cisco Small Business Router

CISA Alerts For Active Exploited Zimbra and Microsoft flaw

By infosecbulletin / Wednesday , February 26 2025
CISA has added two critical vulnerabilities to its Known Exploited Vulnerabilities catalog, urging organizations to quickly patch their systems to...
Read More
CISA Alerts For Active Exploited Zimbra and Microsoft flaw

200 Fake GitHub Repos Attacking Developers to Deliver Malware

By infosecbulletin / Tuesday , February 25 2025
A new cyber campaign called GitVenom poses a serious risk to developers. Security researchers found over 200 fake GitHub repositories...
Read More
200 Fake GitHub Repos Attacking Developers to Deliver Malware

Renew Dubai visa within minutes with AI-powered Salama

By infosecbulletin / Tuesday , February 25 2025
Residents of Dubai can now easily renew their visas with the new AI-powered digital platform launched by the General Directorate...
Read More
Renew Dubai visa within minutes with AI-powered Salama

CVE-2024-20953
CISA Flags Oracle Agile PLM Actively Exploited Security Flaw

By infosecbulletin / Tuesday , February 25 2025
CVE-2024-20953 is a vulnerability in Oracle Agile PLM, a product lifecycle management tool. With a CVSS score of 8.8, it...
Read More
CVE-2024-20953 CISA Flags Oracle Agile PLM Actively Exploited Security Flaw

CVE-2023-6548: Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability. It describes Improper Control of Generation of Code (‘Code Injection’) in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface.

CVE-2024-0519: Google Chromium V8 Out-of-Bounds Memory Access Vulnerability. It describes Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

These vulnerabilities are commonly used by cyber attackers to target the federal enterprise and pose high risks.

Check Also

(CMS)

CISA Flags Craft CMS Code Injection Flaw Amid Active Attacks

CISA has added a serious security flaw in the Craft content management system (CMS) to …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin