CVE Alert: CVE-2025-10171 – UTT – 1250GW
CVE-2025-10171 HIGHNo exploitation known A vulnerability was detected in UTT 1250GW up to 3.2.2-200710. This vulnerability affects the function sub_453DC...
HackerOne Bug Bounty Disclosure: cve-out-of-bounds-read-for-cookie-path-bigsleep
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:bigsleepLink to Submitters Profile:https://hackerone.com/bigsleep Report Title:CVE-2025-9086: Out of bounds read for cookie...
HackerOne Bug Bounty Disclosure: -k-users-and-employee-leaked-credentials-meowsint
Company Name: Khan Academy Company HackerOne URL: https://hackerone.com/khanacademy Submitted By:meowsintLink to Submitters Profile:https://hackerone.com/meowsint Report Title:337k users and 1 employee leaked...
HackerOne Bug Bounty Disclosure: cve-predictable-websocket-mask-cruocco
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:cruoccoLink to Submitters Profile:https://hackerone.com/cruocco Report Title:CVE-2025-10148: predictable WebSocket maskReport Link:https://hackerone.com/reports/3330839Date Submitted:10 September...
[Palo Alto Networks Security Advisories] CVE-2025-4234 Cortex XDR Microsoft 365 Defender Pack: Cleartext Exposure ofCredentials
Palo Alto Networks Security Advisories /CVE-2025-4234CVE-2025-4234 Cortex XDR Microsoft 365 Defender Pack: Cleartext Exposure of CredentialsUrgencyMODERATE047910Severity0.5 ·LOWExploit MaturityUNREPORTEDResponse EffortMODERATERecoveryUSERValue DensityDIFFUSEAttack...
[Palo Alto Networks Security Advisories] CVE-2025-4235 User-ID Credential Agent: Cleartext Exposure of Service Accountpassword
Palo Alto Networks Security Advisories /CVE-2025-4235CVE-2025-4235 User-ID Credential Agent: Cleartext Exposure of Service Account passwordUrgencyMODERATE047910Severity4.2 ·MEDIUMExploit MaturityUNREPORTEDResponse EffortMODERATERecoveryUSERValue DensityDIFFUSEAttack VectorLOCALAttack...
[Palo Alto Networks Security Advisories] PAN-SA-2025-0015 Chromium: Monthly Vulnerability Update (September 2025)
Palo Alto Networks Security Advisories /PAN-SA-2025-0015PAN-SA-2025-0015 Chromium: Monthly Vulnerability Update (September 2025)UrgencyMODERATE047910Severity6.1 ·MEDIUMExploit MaturityUNREPORTEDResponse EffortMODERATERecoveryUSERValue DensityDIFFUSEAttack VectorNETWORKAttack ComplexityLOWAttack RequirementsNONEAutomatableNOUser InteractionACTIVEProduct...
[TRYHACKME] – Void Execution Challenge
A friendly walkthrough of a slick binary-exploitation challenge: custom shellcode without syscall, ASLR bypass via GOT, and why stack alignment...
[TRYHACKME] – LondonBridge Full Walkthrough.
Introduction In this room we compromise a small Flask app behind Gunicorn, pivot from a clever SSRF to local file...
CVE Alert: CVE-2025-54111 – Microsoft – Windows 10 Version 1809
CVE-2025-54111 HIGHNo exploitation known Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate privileges...
CVE Alert: CVE-2025-54106 – Microsoft – Windows Server 2019
CVE-2025-54106 HIGHNo exploitation known Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker...
CVE Alert: CVE-2025-54110 – Microsoft – Windows 10 Version 1809
CVE-2025-54110 HIGHNo exploitation known Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally. CVSS...
CVE Alert: CVE-2025-54112 – Microsoft – Windows 10 Version 1809
CVE-2025-54112 HIGHNo exploitation known Use after free in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally....
CVE Alert: CVE-2025-54108 – Microsoft – Windows Server 2025 (Server Core installation)
CVE-2025-54108 HIGHNo exploitation known Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc)...
CVE Alert: CVE-2025-54103 – Microsoft – Windows 10 Version 21H2
CVE-2025-54103 HIGHNo exploitation known Use after free in Windows Management Services allows an unauthorized attacker to elevate privileges locally. CVSS...
CVE Alert: CVE-2025-54105 – Microsoft – Windows Server 2025 (Server Core installation)
CVE-2025-54105 HIGHNo exploitation known Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows...
CVE Alert: CVE-2025-54102 – Microsoft – Windows 10 Version 1809
CVE-2025-54102 HIGHNo exploitation known Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges...
CVE Alert: CVE-2025-54093 – Microsoft – Windows 10 Version 1809
CVE-2025-54093 HIGHNo exploitation known Time-of-check time-of-use (toctou) race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally....
CVE Alert: CVE-2025-54098 – Microsoft – Windows 10 Version 1809
CVE-2025-54098 HIGHNo exploitation known Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges locally. CVSS v3.1...
CVE Alert: CVE-2025-54092 – Microsoft – Windows 10 Version 1809
CVE-2025-54092 HIGHNo exploitation known Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized...
CVE Alert: CVE-2025-54091 – Microsoft – Windows 10 Version 1809
CVE-2025-54091 HIGHNo exploitation known Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally. CVSS...
CVE Alert: CVE-2025-54099 – Microsoft – Windows 10 Version 1809
CVE-2025-54099 HIGHNo exploitation known Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate...
Ubuntu Users Left Waiting After Canonical’s Servers Take Weekend Off
When is an outage not an outage? According to Canonical's forum, it's when a 36-minute server disruption creates a multi-day...
Playing Ball Games In The Datacenter Was Obviously Stupid, But We Had To Win Theleague
Who, Me? Monday mornings see the resumption of endless coopetition between IT folks and those they strive to serve but...
