CVE Alert: CVE-2025-1047
Vulnerability Summary: CVE-2025-1047 Luxion KeyShot PVS File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote...
Year: 2025
CVE Alert: CVE-2025-45429
Vulnerability Summary: CVE-2025-45429 In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there is a stack overflow vulnerability in /goform/WifiWpsStart,...
CVE Alert: CVE-2025-1045
Vulnerability Summary: CVE-2025-1045 Luxion KeyShot Viewer KSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote...
CVE Alert: CVE-2025-1046
Vulnerability Summary: CVE-2025-1046 Luxion KeyShot SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute...
CVE Alert: CVE-2025-1522
Vulnerability Summary: CVE-2025-1522 PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information...
CVE Alert: CVE-2025-1520
Vulnerability Summary: CVE-2025-1520 PostHog ClickHouse Table Functions SQL Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute...
CVE Alert: CVE-2025-1521
Vulnerability Summary: CVE-2025-1521 PostHog slack_incoming_webhook Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information...
[AKIRA] – Ransomware Victim: Dress To
Ransomware Group: AKIRA VICTIM NAME: Dress To NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
HackerOne Bug Bounty Disclosure: non-production-api-endpoints-for-the-ssm-service-fail-to-log-to-cloudtrail-resulting-in-silent-permission-enumeration-nick-frichette-dd
Company Name: AWS VDP Company HackerOne URL: https://hackerone.com/aws_vdp Submitted By:nick_frichette_ddLink to Submitters Profile:https://hackerone.com/nick_frichette_dd Report Title:Non-Production API Endpoints for the ssm...
HackerOne Bug Bounty Disclosure: privilege-escalation-in-edit-and-create-secret-endpoints-leads-to-unauthorized-secret-modification–xsom-a
Company Name: Dust Company HackerOne URL: https://hackerone.com/dust Submitted By:0xsom3aLink to Submitters Profile:https://hackerone.com/0xsom3a Report Title:Privilege Escalation in Edit and Create Secret...
[AKIRA] – Ransomware Victim: Fogelman Management Group
Ransomware Group: AKIRA VICTIM NAME: Fogelman Management Group NOTE: No files or stolen information are by RedPacket Security. Any legal...
[LYNX] – Ransomware Victim: end2endtechnologies
Ransomware Group: LYNX VICTIM NAME: end2endtechnologies NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[AKIRA] – Ransomware Victim: Oversea Casing
Ransomware Group: AKIRA VICTIM NAME: Oversea Casing NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[LYNX] – Ransomware Victim: Vicarage Court Solicitors
Ransomware Group: LYNX VICTIM NAME: Vicarage Court Solicitors NOTE: No files or stolen information are by RedPacket Security. Any legal...
CVE Alert: CVE-2025-1050
Vulnerability Summary: CVE-2025-1050 Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary...
CVE Alert: CVE-2025-2769
Vulnerability Summary: CVE-2025-2769 Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate...
CVE Alert: CVE-2025-2760
Vulnerability Summary: CVE-2025-2760 GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute...
CVE Alert: CVE-2025-29526
Vulnerability Summary: CVE-2025-29526 A Cross-Site Scripting (XSS) vulnerability in the search function of Q4 Inc Investor Relations Platform v5.147.1.2 allows...
CVE Alert: CVE-2025-2768
Vulnerability Summary: CVE-2025-2768 Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate...
CVE Alert: CVE-2025-2765
Vulnerability Summary: CVE-2025-2765 CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication...
CVE Alert: CVE-2025-2767
Vulnerability Summary: CVE-2025-2767 Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute...
CVE Alert: CVE-2025-2764
Vulnerability Summary: CVE-2025-2764 CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to...
CVE Alert: CVE-2025-2763
Vulnerability Summary: CVE-2025-2763 CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows physically present attackers to...
CVE Alert: CVE-2025-2762
Vulnerability Summary: CVE-2025-2762 CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate...
