CVE Alert: CVE-2025-20221
Vulnerability Summary: CVE-2025-20221 A vulnerability in the packet filtering features of Cisco IOS XE SD-WAN Software could allow an unauthenticated,...
CVE Alert: CVE-2025-20199
Vulnerability Summary: CVE-2025-20199 A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with...
CVE Alert: CVE-2025-20200
Vulnerability Summary: CVE-2025-20200 A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with...
CVE Alert: CVE-2025-20197
Vulnerability Summary: CVE-2025-20197 A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with...
CVE Alert: CVE-2025-20214
Vulnerability Summary: CVE-2025-20214 A vulnerability in the Network Configuration Access Control Module (NACM) of Cisco IOS XE Software could allow...
CVE Alert: CVE-2025-20213
Vulnerability Summary: CVE-2025-20213 A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an...
CVE Alert: CVE-2025-20216
Vulnerability Summary: CVE-2025-20216 A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow...
CVE Alert: CVE-2025-20210
Vulnerability Summary: CVE-2025-20210 A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an...
CVE Alert: CVE-2025-20202
Vulnerability Summary: CVE-2025-20202 A vulnerability in Cisco IOS XE Wireless Controller Software could allow an unauthenticated, adjacent attacker to cause...
HackerOne Bug Bounty Disclosure: crlf-injection-in-proxy-header-allows-extra-http-headers-cwe-oblivionsage
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:oblivionsageLink to Submitters Profile:https://hackerone.com/oblivionsage Report Title:CRLF Injection in `--proxy-header` allows extra HTTP...
HackerOne Bug Bounty Disclosure: ability-to-access-policy-and-updates-for-unauthorized-program-light-r
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:light3rLink to Submitters Profile:https://hackerone.com/light3r Report Title:Ability to access policy and updates for...
[AKIRA] – Ransomware Victim: Selenis (Evertis)
Ransomware Group: AKIRA VICTIM NAME: Selenis (Evertis) NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[NOVA] – Ransomware Victim: novaevo+ / T[.]consulT
Ransomware Group: NOVA VICTIM NAME: novaevo+ / TconsulT NOTE: No files or stolen information are by RedPacket Security. Any legal...
[AKIRA] – Ransomware Victim: Selenis (Evertis is also involved)
Ransomware Group: AKIRA VICTIM NAME: Selenis (Evertis is also involved) NOTE: No files or stolen information are by RedPacket Security....
CVE Alert: CVE-2025-32820
Vulnerability Summary: CVE-2025-32820 A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path...
CVE Alert: CVE-2025-32821
Vulnerability Summary: CVE-2025-32821 A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges...
CVE Alert: CVE-2025-20223
Vulnerability Summary: CVE-2025-20223 A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to...
CVE Alert: CVE-2025-46824
Vulnerability Summary: CVE-2025-46824 The Discourse Code Review Plugin allows users to review GitHub commits on Discourse. Prior to commit eed3a80,...
CVE Alert: CVE-2025-32819
Vulnerability Summary: CVE-2025-32819 A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path...
CVE Alert: CVE-2025-47203
Vulnerability Summary: CVE-2025-47203 dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell...
CVE Alert: CVE-2025-3925
Vulnerability Summary: CVE-2025-3925 BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or series 5 prior to v9.0.166 contain...
CVE Alert: CVE-2025-47423
Vulnerability Summary: CVE-2025-47423 Personal Weather Station Dashboard 12_lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal...
CVE Alert: CVE-2025-26169
Vulnerability Summary: CVE-2025-26169 IXON VPN Client before 1.4.4 on Windows allows Local Privilege Escalation to SYSTEM because there is code...
CVE Alert: CVE-2025-26168
Vulnerability Summary: CVE-2025-26168 IXON VPN Client before 1.4.4 on Linux and macOS allows Local Privilege Escalation to root because there...
