CVE Alert: CVE-2025-43967
Vulnerability Summary: CVE-2025-43967 libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can...
CVE Alert: CVE-2025-43966
Vulnerability Summary: CVE-2025-43966 libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc. Affected Endpoints: No affected endpoints...
CVE Alert: CVE-2025-43961
Vulnerability Summary: CVE-2025-43961 In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser. Affected Endpoints:...
[AKIRA] – Ransomware Victim: Diedrich Coffee
Ransomware Group: AKIRA VICTIM NAME: Diedrich Coffee NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[INCRANSOM] – Ransomware Victim: franklin nursing home
Ransomware Group: INCRANSOM VICTIM NAME: franklin nursing home NOTE: No files or stolen information are by RedPacket Security. Any legal...
[LYNX] – Ransomware Victim: amethystgroup[.]co[.]uk
Ransomware Group: LYNX VICTIM NAME: amethystgroupcouk NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[LYNX] – Ransomware Victim: R&N Manufacturing
Ransomware Group: LYNX VICTIM NAME: R&N Manufacturing NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[QILIN] – Ransomware Victim: parrishleasing[.]com
Ransomware Group: QILIN VICTIM NAME: parrishleasingcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-43963
Vulnerability Summary: CVE-2025-43963 In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not...
CVE Alert: CVE-2025-43973
Vulnerability Summary: CVE-2025-43973 An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds...
CVE Alert: CVE-2025-43964
Vulnerability Summary: CVE-2025-43964 In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and...
CVE Alert: CVE-2025-43962
Vulnerability Summary: CVE-2025-43962 In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large...
CVE Alert: CVE-2025-43972
Vulnerability Summary: CVE-2025-43972 An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go...
CVE Alert: CVE-2025-43971
Vulnerability Summary: CVE-2025-43971 An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a...
CVE Alert: CVE-2025-32408
Vulnerability Summary: CVE-2025-32408 In Soffid Console 3.6.31 before 3.6.32, authorization to use the pam service is mishandled. Affected Endpoints: No...
CVE Alert: CVE-2024-41446
Vulnerability Summary: CVE-2024-41446 A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts...
CVE Alert: CVE-2025-43970
Vulnerability Summary: CVE-2025-43970 An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g.,...
CVE Alert: CVE-2025-43916
Vulnerability Summary: CVE-2025-43916 Sonos api.sonos.com through 2025-04-21, when the /login/v3/oauth endpoint is used, accepts a redirect_uri containing userinfo in the...
Ghost-Route – Ghost Route Detects If A Next JS Site Is Vulnerable To The Corrupt Middleware Bypass Bug (CVE-2025-29927)
A Python script to check Next.js sites for corrupt middleware vulnerability (CVE-2025-29927). The corrupt middleware vulnerability allows an attacker to...
Cobalt Strike Beacon Detected – 115[.]120[.]232[.]177:4444
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 39[.]105[.]197[.]12:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2025-29287
Vulnerability Summary: CVE-2025-29287 An arbitrary file upload vulnerability in the ueditor component of MCMS v5.4.3 allows attackers to execute arbitrary...
CVE Alert: CVE-2025-29659
Vulnerability Summary: CVE-2025-29659 Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the "cmd_listen" function located in the...
CVE Alert: CVE-2025-28121
Vulnerability Summary: CVE-2025-28121 code-projects Online Exam Mastering System 1.0 is vulnerable to Cross Site Scripting (XSS) in feedback.php via the...
