's Avatar

@andregironda.bsky.social

129 Followers  |  364 Following  |  4 Posts  |  Joined: 15.11.2024  |  2.3667

Latest posts by andregironda.bsky.social on Bluesky

Post image

Critical vulnerability CVE-2025-54539 in Apache ActiveMQ NMS AMQP Client allows remote code execution. Upgrade to version 2.4.0+ immediately. #CyberSecurity #ApacheActiveMQ #CVE202554539 Link: thedailytechfeed.com/critical-apa...

17.10.2025 09:42 — 👍 0    🔁 1    💬 0    📌 0
Preview
Critical RCE Flaw CVE-2025-54539 in Apache ActiveMQ NMS AMQP Client Allows Server-Side Code Execution Apache issued a critical fix for ActiveMQ NMS AMQP Client (CVE-2025-54539). The deserialization flaw allows untrusted AMQP servers to execute remote code on client systems.

Critical RCE Flaw CVE-2025-54539 in Apache ActiveMQ NMS AMQP Client Allows Server-Side Code Execution

16.10.2025 10:42 — 👍 0    🔁 1    💬 0    📌 0
CVE-2025-54539: Apache ActiveMQ NMS AMQP Client: Deserialization of Untrusted Data Posted by Krzysztof Porębski on Oct 15 Severity: important Affected versions: - Apache ActiveMQ NMS AMQP Client through 2.3.0 Description: A Deserialization of Untrusted Data vulnerability exists in the Apache ActiveMQ NMS AMQP Client. This issue affects all versions of Apache ActiveMQ NMS AMQP up to and including 2.3.0, when establishing connections to untrusted AMQP servers. Malicious servers could exploit unbounded deserialization logic present in the client to craft...

CVE-2025-54539: Apache ActiveMQ NMS AMQP Client: Deserialization of Untrusted Data

15.10.2025 22:57 — 👍 0    🔁 1    💬 0    📌 0
Security threat visualization

Security threat visualization

CRITICAL: Microsoft Entra hit by CVE-2025-59218. Improper access control lets attackers escalate privileges—no patch yet. Restrict user interaction & watch for updates. https://radar.offseq.com/threat/cve-2025-59218-cwe-284-improper-access-control-in--bbedc393 #OffSeq #Microsoft #Entra

10.10.2025 01:34 — 👍 0    🔁 1    💬 0    📌 0
CVE-2025-30727 - Oracle E-Business Suite iSurvey Module Remote Takeover Vulnerability Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: iSurvey Module). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful attacks of this vulnerability can result in takeover of Oracle Scripting. CVSS 3.1 Base …

CVE-2025-30727 - Oracle E-Business Suite iSurvey Module Remote Takeover Vulnerability
CVE ID : CVE-2025-30727

Published : April 15, 2025, 9:16 p.m. | 3 hours, 1 minute ago

Description : Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: ...

16.04.2025 00:23 — 👍 0    🔁 1    💬 0    📌 0
Origin

# Ubuntu 24.04.3 で # update 。 openssl (3.0.13-0ubuntu3.6) CVE-2025-9230へのセキュリティ対応。 libssl-dev libssl3t64 セキュリティ対応なのでお早めに。 # prattohome # 更新

Interest | Match | Feed

01.10.2025 01:05 — 👍 0    🔁 1    💬 0    📌 0
Origin

# Ubuntu 24.04.3 で # update 。 openssl (3.0.13-0ubuntu3.6) CVE-2025-9230へのセキュリティ対応。 libssl-dev libssl3t64 セキュリティ対応なのでお早めに。 # prattohome # 更新

Interest | Match | Feed

01.10.2025 01:04 — 👍 0    🔁 1    💬 0    📌 0
cvelistv5 - CVE-2025-9230 Vulnerability-Lookup - Fast vulnerability lookup correlation from different sources.

You can now share your thoughts on vulnerability CVE-2025-9230 in Vulnerability-Lookup:
https://vulnerability.circl.lu/vuln/CVE-2025-9230

OpenSSL - OpenSSL

#VulnerabilityLookup #Vulnerability #Cybersecurity #bot

30.09.2025 14:16 — 👍 1    🔁 1    💬 0    📌 0
cvelistv5 - CVE-2025-9231 Vulnerability-Lookup - Fast vulnerability lookup correlation from different sources.

You can now share your thoughts on vulnerability CVE-2025-9231 in Vulnerability-Lookup:
https://vulnerability.circl.lu/vuln/CVE-2025-9231

OpenSSL - OpenSSL

#VulnerabilityLookup #Vulnerability #Cybersecurity #bot

30.09.2025 14:16 — 👍 0    🔁 1    💬 0    📌 0

🔒 Three new #OpenSSL CVEs today:
• CVE-2025-9230 OOB read/write (CMS decrypt)
• CVE-2025-9231 SM2 side-channel (ARM64)
• CVE-2025-9232 OOB read (HTTP client)

Fixes in 3.5.4, 3.4.3, 3.3.5, 3.2.6, 3.0.18. Update now.

Details: www.openssl.org/news/secadv/...

#AppSec #SupplyChainSecurity #OpenSource

30.09.2025 23:41 — 👍 1    🔁 1    💬 0    📌 0
Preview
OpenSSLの脆弱性(Moderate: CVE-2025-9230, CVE-2025-9231, Low: CVE-2025-9232)と3.5.4, 3.4.3, 3.3.5, 3.2.6, 3.0.18, 1.0.2zm, 1.1.1zdリリース - SIOS SECURITY BLOG 10/02/2025(JST)にOpenSSLの脆弱性(Moderate: CVE-2025-9230, CV

SIOSセキュリティブログを更新しました。

OpenSSLの脆弱性(Moderate: CVE-2025-9230, CVE-2025-9231, Low: CVE-2025-9232)と3.5.4, 3.4.3, 3.3.5, 3.2.6, 3.0.18, 1.0.2zm, 1.1.1zdリリース

#sios_tech #security #vulnerability #セキュリティ #脆弱性 #ssl #openssl

security.sios.jp/vulnerabilit...

30.09.2025 22:26 — 👍 0    🔁 1    💬 0    📌 0
cvelistv5 - CVE-2025-9232 Vulnerability-Lookup - Fast vulnerability lookup correlation from different sources.

You can now share your thoughts on vulnerability CVE-2025-9232 in Vulnerability-Lookup:
https://vulnerability.circl.lu/vuln/CVE-2025-9232

OpenSSL - OpenSSL

#VulnerabilityLookup #Vulnerability #Cybersecurity #bot

30.09.2025 14:16 — 👍 0    🔁 1    💬 0    📌 0
Preview
Notepad++ DLL 하이재킹 취약점으로 인해 공격자가 악성 코드 할수 있는 취약점-CVE-2025-56383 인기 있는 소스 코드 편집기인 Notepad++에서 새롭게 발견된 DLL 하이재킹 취약점 때문에 공격자가 피해자의 컴퓨터에서 임의의 코드를 실행할 수 있습니다.해당 취약점은 CVE-2025-56383으로 버전 Notepad++ 8.8.3에 존재하며 설치된 모든 소프트웨어 버전에 영향을 미쳐 수백만 명의 사용자를 위험에 빠뜨리는 문제입니다.해당 취약점 공격을...

Notepad++ DLL 하이재킹 취약점으로 인해 공격자가 악성 코드 할수 있는 취약점-CVE-2025-56383
wezard4u.tistory.com/429608

30.09.2025 15:06 — 👍 0    🔁 2    💬 0    📌 0
Preview
Notepad++ DLL Hijacking Vulnerability Let Attackers Execute Malicious Code A newly discovered DLL hijacking vulnerability in Notepad++, the popular source code editor, could allow attackers to execute arbitrary code on a victim's machine.

Everybody Darling ist von CVE-2025-56383 betroffen. Die Schwachstelle ermöglicht DLL-Hijacking durch Plugin-Ersatz (z.B. NppExport.dll) und erlaubt so die heimliche Ausführung von Code.

30.09.2025 12:06 — 👍 7    🔁 4    💬 0    📌 0
Preview
Critical DLL Hijacking Vulnerability in Notepad++ (CVE-2025-56383) Exposes Millions to Arbitrary Code Execution A critical vulnerability (CVE-2025-56383) has been discovered in Notepad++ version 8.8.3, exposing millions of users to potential DLL hijacking attacks. This vulnerability arises from insecure DLL loading mechanisms within the application, allowing attackers to replace legitimate DLLs with malicious ones. Successful exploitation could lead to arbitrary code execution with the privileges of the user running Notepad++. DLL hijacking is a well-documented attack vector where an application loads a DLL from an insecure or uncontrolled directory. In this case, Notepad++'s failure to securely load DLLs could allow an attacker to execute arbitrary code on the affected system. This vulnerability is particularly concerning due to Notepad++'s widespread use among developers, who often have elevated privileges on their systems. The impact of this vulnerability is significant. Attackers could leverage it to gain control over affected systems, leading to data theft, system compromise, or further network infiltration. Given the popularity of Notepad++, this vulnerability could have far-reaching consequences across numerous organizations and individual users. Mitigation strategies typically involve updating to a patched version of the software once available. Developers should also consider implementing secure coding practices, such as specifying full paths for DLLs and validating DLL signatures before loading them. Users are strongly advised to monitor for updates from Notepad++ and apply patches as soon as they become available. From an expert perspective, this vulnerability underscores the importance of secure coding practices and regular software updates. DLL hijacking vulnerabilities are preventable through proper coding practices, and their continued appearance in popular software highlights the need for ongoing security awareness and training for developers. In conclusion, the discovery of CVE-2025-56383 in Notepad++ serves as a reminder of the persistent threat posed by DLL hijacking vulnerabilities. Organizations and users should prioritize updating their software and implementing robust security measures to mitigate the risk of exploitation.

📌 Critical DLL Hijacking Vulnerability in Notepad++ (CVE-2025-56383) Exposes Millions to Arbitrary Code Execution https://www.cyberhub.blog/article/13802-critical-dll-hijacking-vulnerability-in-notepad-cve-2025-56383-exposes-millions-to-arbitrary-code-execution

30.09.2025 05:20 — 👍 0    🔁 1    💬 0    📌 0

Top 3 CVE for last 7 days:
CVE-2025-20352: 37 interactions
CVE-2025-20362: 34 interactions
CVE-2025-20333: 33 interactions


Top 3 CVE for yesterday:
CVE-2026-25719: 5 interactions
CVE-2025-56383: 4 interactions
CVE-2025-11126: 2 interactions

30.09.2025 02:09 — 👍 0    🔁 1    💬 0    📌 0
DLL Hijacking Exposed: How a Notepad++ Flaw Lets Hackers Silently Take Over Your System Introduction: A critical vulnerability, designated CVE-2025-56383, has been discovered in the widely-used Notepad++ text editor, revealing a fundamental weakness in its security posture. This flaw, a Dynamic Link Library (DLL) hijacking issue, allows attackers to execute arbitrary malicious code with the same privileges as the user running the application. The exploit leverages the application's search order for required DLLs, enabling a simple yet devastating attack vector that compromises system integrity.

DLL Hijacking Exposed: How a Notepad++ Flaw Lets Hackers Silently Take Over Your System

Introduction: A critical vulnerability, designated CVE-2025-56383, has been discovered in the widely-used Notepad++ text editor, revealing a fundamental weakness in its security posture. This flaw, a Dynamic…

29.09.2025 17:42 — 👍 0    🔁 1    💬 0    📌 0
Preview
DLL Hijacking Flaw (CVE-2025-56383) Found in Notepad++, Allowing Arbitrary Code Execution, PoC Available A DLL hijacking flaw (CVE-2025-56383) in Notepad++ v8.8.3 allows attackers to replace a trusted DLL with a malicious one to execute arbitrary code.

DLL Hijacking Flaw (CVE-2025-56383) Found in Notepad++, Allowing Arbitrary Code Execution, PoC Available

29.09.2025 05:46 — 👍 3    🔁 2    💬 0    📌 0

Top 3 CVE for last 7 days:
CVE-2025-20352: 37 interactions
CVE-2025-20333: 33 interactions
CVE-2025-20362: 33 interactions


Top 3 CVE for yesterday:
CVE-2025-20333: 3 interactions
CVE-2025-20362: 2 interactions
CVE-2025-56383: 2 interactions

29.09.2025 02:13 — 👍 0    🔁 1    💬 0    📌 0

速報:共通脆弱性識別子CVE-2025-56383は、以下の情報源に基づき、エクスプロイトコードが実在することが確認されました:poc in github。

28.09.2025 21:02 — 👍 1    🔁 1    💬 0    📌 0

CVE-2025-56383 has confirmed exploit code according to the following sources: poc in github.

28.09.2025 21:02 — 👍 1    🔁 1    💬 0    📌 0
Preview
High-Severity Vulnerabilities Patched in VMware Aria Operations, NSX, vCenter Broadcom announced patches for six vulnerabilities affecting VMware Aria Operations, NSX, vCenter, and VMware Tools products.

Both Aria Operations and VMware Tools are impacted by a high-severity local privilege escalation bug tracked as CVE-2025-41244. www.securityweek.com/high-severit...

30.09.2025 11:49 — 👍 0    🔁 1    💬 0    📌 0
VMware Aria Operations、NSX、vCenterで深刻度の高い脆弱性が修正される Broadcomは月曜日、VMware Aria Operations、NSX、vCenter、およびVMware Tools製品に影響を与える6件の脆弱性(うち4件は深刻度が高い)に対するパッチを発表しました。 Aria OperationsとVMware Toolsの両方が、CVE-2025-41244として追跡されている深刻度の高いローカル権限昇格のバグの影響を受けています。 「Aria OperationsでSDMPが有効になっているVMware ToolsがインストールされたVMにアクセスできる非管理者権限の悪意のあるローカルアクターが、この脆弱性を悪用して同じVM上でroot権限に昇格する可能性があります」とベンダーは説明しています。 また、VMware Aria Operationsにおいて攻撃者が他のユーザーの認証情報を開示できる中程度の深刻度の問題(CVE-2025-41245)や、Windows用Toolsにおいて攻撃者が他のゲストVMにアクセスできる深刻度の高い欠陥(CVE-2025-41246)にもパッチが提供されています。 これらの脆弱性に対する修正は、Aria Operationsバージョン8.18.5、Cloud FoundationおよびvSphere Foundationバージョン9.0.1.0および13.0.5.0、VMware Toolsバージョン13.0.5および12.5.4、Telco Cloud Infrastructureバージョン8.18.5および8.18.5に含まれています。 VMwareは、認証済みの非管理者権限の攻撃者が「スケジュールされたタスクの通知メールを操作できる」可能性がある、vCenterの深刻度の高いSMTPヘッダーインジェクションバグ(CVE-2025-41250)も修正しました。 さらに、NSXにおいて攻撃者が有効なユーザー名を列挙できる2件の深刻度の高い脆弱性も修正されました。 1つ目のCVE-2025-41251は、ブルートフォース攻撃につながる可能性のあるパスワードリカバリ機構の脆弱性として説明されており、2つ目のCVE-2025-41252は、不正アクセスの試行につながるユーザー名列挙の欠陥として説明されています。 広告。スクロールして続きを読む。 Cloud FoundationおよびvSphere Foundationバージョン9.0.1.0、vCenterバージョン8.0 U3gおよび7.0 U3w、Cloud Foundationバージョン5.2.2および7.0 U3w(非同期パッチ)、NSXバージョン4.2.2.2、4.2.3.1、4.1.2.7、NSX-Tバージョン3.2.4.3には、これらの脆弱性に対する修正が含まれています。VMwareはまた、Cloud FoundationおよびTelco Cloud Infrastructure向けのパッチ適用手順も公開しています。 VMwareは、これらの脆弱性が実際に悪用されたという言及はしていません。しかし、ユーザーにはできるだけ早く導入環境をアップデートすることが推奨されています。 関連記事: Apple、iOSおよびmacOSを悪意あるフォント攻撃から守るためにアップデート 関連記事: Sudoの脆弱性悪用について組織に警告 関連記事: Cognex産業用カメラのハッキングを可能にする脆弱性にパッチなし 関連記事: サイバーセキュリティ人材不足を受けて講座が拡充 翻訳元:

VMware Aria Operations、NSX、vCenterで深刻度の高い脆弱性が修正される

Broadcomは月曜日、VMware Aria Operations、NSX、vCenter、およびVMware Tools製品に影響を与える6件の脆弱性(うち4件は深刻度が高い)に対するパッチを発表しました。 Aria OperationsとVMware Toolsの両方が、CVE-2025-41244として追跡されている深刻度の高いローカル権限昇格のバグの影響を受けています。 「Aria OperationsでSDMPが有効になっているVMware…

30.09.2025 11:37 — 👍 0    🔁 1    💬 0    📌 0
Origin

# Ubuntu 24.04.3 で # update 。 open-vm-tools (2:12.5.0-1~ubuntu0.24.04.2) CVE-2025-41244へのセキュリティ対応。 セキュリティ対応なのでお早めに。 # prattohome # 更新

Interest | Match | Feed

30.09.2025 01:38 — 👍 0    🔁 1    💬 0    📌 0
Origin

# Ubuntu 24.04.3 で # update 。 open-vm-tools (2:12.5.0-1~ubuntu0.24.04.2) CVE-2025-41244へのセキュリティ対応。 セキュリティ対応なのでお早めに。 # prattohome # 更新

Interest | Match | Feed

30.09.2025 01:38 — 👍 0    🔁 1    💬 0    📌 0
Preview
oss-sec: [Security Advisory] open-vm-tools: Local privilege escalation (CVE-2025-41244) Posted by VMware PSIRT on Sep 29 Description ============================================================== CVE-2025-41244: open-vm-tools contains a local privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.8 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Known Attack Vectors ============================================================== A malicious actor with...

[Security Advisory] open-vm-tools: Local privilege escalation (CVE-2025-41244)

29.09.2025 17:42 — 👍 0    🔁 1    💬 0    📌 0

CDB0F9C6FC4120EFB911F5BB4E801300992BD560
CA0151D9AEE5408F3080CA108FA4EEB2C6785628
4626615651A9CC8CE0FD078DF281CA275D6D28C4
3EA2987D67A16450313E5DCC80C15C956F758486
0FC8B3117692C21A1750473771BCFB5D60CE306A
🌐documents-pdf.serveftp[.]com
document-ua.serveftp[.]com
pdf-download.serveftp[.]com
6/6

26.09.2025 13:13 — 👍 2    🔁 1    💬 0    📌 0

IoCs:
🚨 VBS/Pterodo.CFC trojan
📄 6DF9312CD3EA11D94A01C4663C07907F6DFC59CB
D23B477B0103AFA8691E9AE9CE50912A2EA50D3B
AC6F459A218532F183004798936BB1A239349C20
0CDC5544413E80F78212E418E7936308A285E8DC
67A99D1D57116CD10B7082814B8CF25EB1FB9007
C8138F1CDD65FB4A3C93A7F7514C0133781FB89B 5/6

26.09.2025 13:13 — 👍 1    🔁 1    💬 1    📌 0

CVE-2025-8088 abuses a flaw in WinRAR’s handling of file paths in RAR archives. By crafting a file with ..\..\ sequences in its ADS, attackers can write files outside the extraction directory, which allows dropping files into the Startup folder. 4/6

26.09.2025 13:13 — 👍 1    🔁 1    💬 1    📌 0

Now, Gamaredon is abusing it to drop malicious payloads via spearphishing lures, targeting 🇺🇦 Ukrainian governmental entities. 3/6

26.09.2025 13:13 — 👍 1    🔁 1    💬 1    📌 0

@andregironda is following 20 prominent accounts