BaseFortify.eu's Avatar

BaseFortify.eu

@basefortify.bsky.social

πŸ” BaseFortify.eu Stay ahead of cybersecurity threats with BaseFortify.eu – your trusted platform for vulnerability management and CVE reports. Tailored solutions for SMBs and enterprises. #CyberSecurity #VulnerabilityManagement #Exploit #CVE #InfoSec

38 Followers  |  110 Following  |  333 Posts  |  Joined: 22.10.2024  |  2.1603

Latest posts by basefortify.bsky.social on Bluesky

Getting Started 01 β€” Add Assets & Review Threats (BaseFortify.eu)
YouTube video by BaseFortify Getting Started 01 β€” Add Assets & Review Threats (BaseFortify.eu)

πŸš€ New video: Getting Started 01 β€” Add Assets & Review Threats

BaseFortify is an agentless vulnerability & risk platform that turns CVEs into a prioritized queue. Add assets, see KEV/EPSS matches and track. Includes A.I. Assistance + status workflow

Watch: youtu.be/VDai8Ts5Jz8

#CyberSecurity #CVE

06.10.2025 10:17 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Preview
Register for Free | BaseFortify Sign up at BaseFortify to start monitoring vulnerabilities instantly. Get free access to AI-powered CVE analysis, real-time alerts, and powerful dashboards.

Stay ahead of exploits like CVE-2025-61882 with BaseFortify’s asset watch lists and AI Assistant.
Register your assets today and get automatic alerts for new CVEs affecting your environment.
πŸ‘‰ basefortify.eu/register

#BaseFortify #VulnerabilityManagement #CVE

06.10.2025 14:37 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Oracle EBS flaw exploited for extortion (CVE-2025-61882) Overview Β  Oracle has released an emergency patch forΒ  CVE-2025-61882 , a critical remote code execution vulnerability in Oracle E-Business Suite (Con...

The flaw allows remote, unauthenticated RCE in Oracle E-Business Suite (12.2.3–12.2.14).
Threat actors, including Cl0p, are exploiting it to steal sensitive business data.

πŸ”— Read: basefortify.eu/posts/2025/1...
#InfoSec #Vulnerability #ThreatIntel

06.10.2025 14:37 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
The Oracle logo over a dark red background with digital warning icons, network symbols, and cybersecurity imagery representing data breach and system alerts

The Oracle logo over a dark red background with digital warning icons, network symbols, and cybersecurity imagery representing data breach and system alerts

🚨 Critical Oracle EBS flaw exploited for extortion (CVE-2025-61882)
Attackers are actively abusing this zero-day in Oracle E-Business Suite for data theft and ransom campaigns.

Read the full article on BaseFortify:
πŸ”— basefortify.eu/posts/2025/1...

#Oracle #CyberSecurity #CVE202561882 #BaseFortify

06.10.2025 14:37 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Getting Started 01 β€” Add Assets & Review Threats (BaseFortify.eu)
YouTube video by BaseFortify Getting Started 01 β€” Add Assets & Review Threats (BaseFortify.eu)

πŸš€ New video: Getting Started 01 β€” Add Assets & Review Threats

BaseFortify is an agentless vulnerability & risk platform that turns CVEs into a prioritized queue. Add assets, see KEV/EPSS matches and track. Includes A.I. Assistance + status workflow

Watch: youtu.be/VDai8Ts5Jz8

#CyberSecurity #CVE

06.10.2025 10:17 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0

I am well into reading Issue #7 and I thoroughly enjoy it. Well done @pagedout.bsky.social!

04.10.2025 14:41 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
MinIO storage wallpaper with cloud and data graphics

MinIO storage wallpaper with cloud and data graphics

πŸ” MinIO Java SDK flaw leaks secrets via unsafe XML.
Credentials & configs exposed β€” fixed in v8.6.0.

basefortify.eu/cve_reports/...

#MinIO #CloudStorage #Java #DataSecurity #CyberSecurity #CVE

01.10.2025 09:09 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Abstract Linux security wallpaper with sudo text

Abstract Linux security wallpaper with sudo text

🚨 Critical Sudo flaw: local users can gain ROOT.
Impacts Ubuntu, Debian, SUSE, Red Hat & more.
Patch now to prevent takeover.

basefortify.eu/cve_reports/...

#Linux #Sudo #PrivilegeEscalation #CyberSecurity #CVE

01.10.2025 09:08 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Red Hat themed wallpaper with abstract server design

Red Hat themed wallpaper with abstract server design

⚠️ Red Hat OpenShift AI bug: low-privileged users can escalate to cluster admin.
Risk of data theft & full infra compromise.

basefortify.eu/cve_reports/...

#RedHat #OpenShift #CloudSecurity #AI #CyberSecurity #CVE

01.10.2025 09:09 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
MinIO storage wallpaper with cloud and data graphics

MinIO storage wallpaper with cloud and data graphics

πŸ” MinIO Java SDK flaw leaks secrets via unsafe XML.
Credentials & configs exposed β€” fixed in v8.6.0.

basefortify.eu/cve_reports/...

#MinIO #CloudStorage #Java #DataSecurity #CyberSecurity #CVE

01.10.2025 09:09 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Abstract Linux security wallpaper with sudo text

Abstract Linux security wallpaper with sudo text

🚨 Critical Sudo flaw: local users can gain ROOT.
Impacts Ubuntu, Debian, SUSE, Red Hat & more.
Patch now to prevent takeover.

basefortify.eu/cve_reports/...

#Linux #Sudo #PrivilegeEscalation #CyberSecurity #CVE

01.10.2025 09:08 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
EU flag with the word AI superimposed

EU flag with the word AI superimposed

LLM security, minus the hype: what actually breaks (Triton, vLLM, Transformers, LangChain) and how to fix it. πŸ“… Patch cadence, 🧰 safer tool-calling, πŸ” retrieval hygieneβ€”practical steps, not legalese.

basefortify.eu/posts/2025/0...

#AI #LLM #Security #AIAct #Cybersecurity

29.09.2025 14:23 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Canon red logo on a dark background

Canon red logo on a dark background

πŸ”΅ Canon (CVE-2025-9903)

🚨 Canon Generic Plus printer drivers vulnerable to out-of-bounds write in print processing. Could lead to crashes or code execution.

πŸ”— Read more: basefortify.eu/cve_reports/...

29.09.2025 08:42 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Apeman logo with orange helmet icon and text

Apeman logo with orange helmet icon and text

🟠 Apeman (CVE-2025-11126)

🚨 Apeman ID71 devices have hard-coded credentials in /system.ini. Exploitable remotely, with public exploits already available. Vendor has not responded.

πŸ”— Read more: basefortify.eu/cve_reports/...

29.09.2025 08:41 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Red ABB logo glowing near water at night

Red ABB logo glowing near water at night

πŸ”΄ ABB (CVE-2025-10504)

🚨 ABB Terra AC wallbox (≀ v1.8.33) contains a heap-based buffer overflow flaw. Attackers could exploit this to crash or run malicious code.

πŸ”— Read more: basefortify.eu/cve_reports/...

29.09.2025 08:41 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Cisco storefront sign with fiber-light streaks

Cisco storefront sign with fiber-light streaks

⚠️ Cisco IOS XE: insufficient input validation in the HTTP API enables command injection that executes with root privileges (authenticated admin or via crafted link to a logged-in admin).

πŸ”— basefortify.eu/cve_reports/...

#Cisco #IOSXE #NetSec

25.09.2025 09:00 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
NVIDIA green eye logo on black backdrop

NVIDIA green eye logo on black backdrop

πŸ–ΌοΈ GPU risk: nvJPEG in NVIDIA CUDA Toolkit can be crashed by malformed image dimensions, causing an out-of-bounds write β†’ DoS and possible data leakage for local users handling images.

πŸ”— basefortify.eu/cve_reports/...

#NVIDIA #CUDA #Security

25.09.2025 08:59 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Chrome logo on grey abstract background

Chrome logo on grey abstract background

🚨 Chrome users: high-severity V8 type confusion lets a crafted page trigger heap corruption and potential code execution. Patch to 140.0.7339.185 or later ASAP.

πŸ”— basefortify.eu/cve_reports/...

#Chrome #V8 #PatchNow

25.09.2025 08:59 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Officer 0466 needs to up their game a bit!

24.09.2025 14:24 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I was thinking of picking up Practical Purple Teaming. In the past I have played around with Caldera and our dev team moves at such a speed we cannot wait for pentesters. We need to do that ourselves. Your review settles it, I will get this book!

23.09.2025 12:31 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I will be interested to know where his OPSEC failed, we shall see

23.09.2025 12:28 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Sounds very exciting, I have no idea what it means or how it works. Maybe I got on the wrong foot but I was thinking of the Observer-effect...

23.09.2025 12:25 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

πŸ“‘ Streaming gear exposure: Blackmagic Web Presenter HD 3.3 leaks model, IDs, network settings and stream credentials over unauthenticated Telnet on 9977. Could enable stream hijack and recon. Disable Telnet and update.

πŸ”— basefortify.eu/cve_reports/...

#Blackmagic #InfoLeak #Broadcast

23.09.2025 08:45 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
FlowiseAI logo with flowing gradient wave

FlowiseAI logo with flowing gradient wave

πŸ§ͺ GenAI tooling risk in Flowise. CustomMCP node evaluates user input with Function() inside convertToValidJSONString, enabling remote code execution with full Node.js privileges. Upgrade to 3.0.6 and audit templates.

πŸ”— basefortify.eu/cve_reports/...

#Flowise #RCE #GenAI

23.09.2025 08:44 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
SolarWinds logo over world map silhouette

SolarWinds logo over world map silhouette

🚨 Patch bypass alert for SolarWinds Web Help Desk. Unauth attackers can run commands via AjaxProxy deserialization β€” a new bypass of CVE-2024-28988 (itself a bypass of 28986). Patch fast and lock down access.

πŸ”— basefortify.eu/cve_reports/...

#SolarWinds #RCE #Deserialization

23.09.2025 08:44 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Register for Free | BaseFortify Sign up at BaseFortify to start monitoring vulnerabilities instantly. Get free access to AI-powered CVE analysis, real-time alerts, and powerful dashboards.

Why BaseFortify? 🎯
β€’ Match components β†’ CVEs β†’ threats with mitigation steps
β€’ Annotated CVEs + Q&A + AI chat πŸ€–
β€’ Attack graph to prioritize fixes πŸ•ΈοΈ
Try it FREE: basefortify.eu/register

#CyberSecurity #SMB #VulnerabilityManagement πŸ’Ό

18.09.2025 12:36 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

7 CVEs at a glance: path traversal, LDAP injection, TLS not verified to Elasticsearch, stale reset tokens, no email rate limit, divide-by-zero, and an .unwrap() panic. Upgrade β‰₯1.1.2, enforce TLS verification, add rate limits, and monitor LDAP changes. πŸ›‘οΈ

#BlueTeam #SecOps #InfoSec #RiskManagement πŸš€

18.09.2025 12:36 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
CISA wallpaper

CISA wallpaper

CISA Thorium’s CVE burst: what it means & how to respond fast. Not a meltdown, but guardrails were missingβ€”fixes landed quickly. πŸ§―πŸ”§

basefortify.eu/posts/2025/0...

#CISA #Thorium #CVE #AppSec πŸ”

18.09.2025 12:36 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
One Identity by Quest logo on white background

One Identity by Quest logo on white background

πŸ”Ž One Identity OneLogin: CVE-2025-59363 exposed OIDC client secrets via Apps API v2. Rotate secrets, review logs, and upgrade to 2025.3.0+ to block abuse. βœ…

πŸ”— basefortify.eu/cve_reports/...

#IdentitySecurity #SSO #CyberSecurity

15.09.2025 07:51 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Hugging Face logo over neural network nodes background

Hugging Face logo over neural network nodes background

⚠️ Hugging Face Transformers: CVE-2025-6051 ReDoS via EnglishNormalizer.normalize_numbers() β€” long digit strings spike CPU, DoS NLP/TTS. Update 4.53.0; add input limits/timeouts. πŸ›‘οΈ

πŸ”— basefortify.eu/cve_reports/...

#MLSec #AppSec #NLP

15.09.2025 07:50 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

@basefortify is following 19 prominent accounts