Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 4
75 résultats taggé RCE  ✕
Call of Duty: WW2 Players Reporting RCE Exploits on PC https://insider-gaming.com/call-of-duty-ww2-rce-exploits-on-pc/
04/07/2025 12:33:29
QRCode
archive.org

Be careful if you want to play Call of Duty: WW2 through Game Pass on PC – some users have been reporting falling victim to RCE (Remote Command Execution) hacks. The earliest reports of this surfaced just a few hours ago, with players taking to social media to share some concerning stories, while others stressed this has been a problem ‘for years’ in COD WW2.

insider-gaming.com EN 2025 exploit COD RCE game
Hacker selling critical Roundcube webmail exploit as tech info disclosed https://www.bleepingcomputer.com/news/security/hacker-selling-critical-roundcube-webmail-exploit-as-tech-info-disclosed/
05/06/2025 19:17:07
QRCode
archive.org
thumbnail

Hackers are actively exploiting CVE-2025-49113, a critical vulnerability in the widely used Roundcube open-source webmail application that allows remote execution.
The security issue has been present in Roundcube for over a decade and impacts versions of Roundcube webmail 1.1.0 through 1.6.10. It received a patch on June 1st.

It took attackers just a couple of days to reverse engineer the fix, weaponize the vulnerability, and start selling a working exploit on at least one hacker forum.

Roundcube is one of the most popular webmail solutions as the product is included in offers from well-known hosting providers such as GoDaddy, Hostinger, Dreamhost, or OVH.
"Email armageddon"

CVE-2025-49113 is a post-authentication remote code execution (RCE) vulnerability that received a critical severity score of 9.9 out of 10 and is described as “email armageddon.”

It was discovered and reported by Kirill Firsov, the CEO of the cybersecurity company FearsOff, who decided to publish the technical details before the end of the responsible disclosure period because an exploit had become available.

bleepingcomputer EN 2025 Actively-Exploited Exploit PHP RCE Remote-Code-Execution Roundcube CVE-2025-49113
CVE-2025-32756: Fortinet RCE Exploited in the Wild https://horizon3.ai/attack-research/attack-blogs/cve-2025-32756-low-rise-jeans-are-back-and-so-are-buffer-overflows/
02/06/2025 20:30:37
QRCode
archive.org
thumbnail

On May 13, 2025, FortiGuard Labs published an advisory detailing CVE-2025-32756, which affects a variety of Fortinet products:

FortiCamera
FortiMail
FortiNDR
FortiRecorder
FortiVoice
In their advisory, FortiGuard Labs states that Fortinet has observed this issue being exploited in the wild. The next day, May 14, the vulnerability was added to the CISA KEV catalog.

The vulnerability is described in the advisory as a stack-based buffer overflow in the administrative API that can lead to unauthenticated remote code execution. Given that it’s being exploited in the wild, we figured we’d take a closer look. If you’d rather run the test instead of reading this write-up, coverage is already available in NodeZero.

horizon3 EN CVE-2025-32756 Fortinet RCE vulnerability
Unpatched critical bugs in Versa Concerto lead to auth bypass, RCE https://www.bleepingcomputer.com/news/security/unpatched-critical-bugs-in-versa-concerto-lead-to-auth-bypass-rce/
22/05/2025 13:14:22
QRCode
archive.org
thumbnail

Critical vulnerabilities in Versa Concerto that are still unpatched could allow remote attackers to bypass authentication and execute arbitrary code on affected systems.
Three security issues, two of them critical, were publicly disclosed by researchers at the vulnerability management firm ProjectDiscovery after reporting them to the vendor and receiving no confirmation of the bugs being addressed.

Versa Concerto is the centralized management and orchestration platform for Versa Networks' SD-WAN and SASE (Secure Access Service Edge) solutions.
Three security issues, two of them critical, were publicly disclosed by researchers at the vulnerability management firm ProjectDiscovery after reporting them to the vendor and receiving no confirmation of the bugs being addressed.

Versa Concerto is the centralized management and orchestration platform for Versa Networks' SD-WAN and SASE (Secure Access Service Edge) solutions.

bleepingcomputer EN 2025 Authentication-Bypass RCE Remote-Code-Execution Versa-Concerto Vulnerability CVE-2025-34027 CVE-2025-34026 CVE-2025-34025
Expression Payloads Meet Mayhem - Ivanti EPMM Unauth RCE Chain (CVE-2025-4427 and CVE-2025-4428) https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/
16/05/2025 11:56:12
QRCode
archive.org
thumbnail

Keeping your ears to the ground and eyes wide open for the latest vulnerability news at watchTowr is a given. Despite rummaging through enterprise code looking for 0days on a daily basis, our interest was piqued this week when news of fresh vulnerabilities was announced in a close friend -

Keeping your ears to the ground and eyes wide open for the latest vulnerability news at watchTowr is a given. Despite rummaging through enterprise code looking for 0days on a daily basis, our interest was piqued this week when news of fresh vulnerabilities was announced in a close friend - Ivanti, and their Endpoint Manager Mobile (Ivanti EPMM) solution.

For those out of the loop, don’t worry - as always, we’re here to fill you in.

Ivanti Endpoint Manager Mobile (EPMM) is an MDM solution for system administrators to install and manage devices within an organization. It hopes to prevent you from installing malware or enjoying your life by watching YouTube during any permitted and sanctioned downtime.

Why Is This Important?
Well, short of their intended functionality, MDM solutions are, in a sense, C2 frameworks for enterprises… allowing system administrators to manage software on their devices.

Picture this: You’ve compromised the MDM solution at one of the largest banks and are able to deploy malicious software at scale to employee devices.

And it's Friday!

labs.watchtowr.com EN 2025 Ivanti EPMM Unauth RCE CVE-2025-4427 CVE-2025-4428
Breaking Out of Restricted Mode: XSS to RCE in Visual Studio Code https://starlabs.sg/blog/2025/05-breaking-out-of-restricted-mode-xss-to-rce-in-visual-studio-code/
15/05/2025 21:21:56
QRCode
archive.org
thumbnail

In April 2024, I discovered a high-severity vulnerability in Visual Studio Code (VS Code <= 1.89.1) that allows attackers to escalate a Cross-Site Scripting (XSS) bug into full Remote Code Execution (RCE)—even in Restricted Mode.

The desktop version of Visual Studio Code runs on Electron. Renderer processes are sandboxed and communicate with the main process through Electron’s IPC mechanism.

An XSS vulnerability in the newly-introduced minimal error rendering mode for Jupyter notebooks enables arbitrary JavaScript code to be executed within the vscode-app WebView for the notebook renderer. The vulnerability can be triggered by opening a crafted .ipynb file if the user has the setting enabled, or by opening a folder containing a crafted settings.json file in VS Code and opening a malicious ipynb file within the folder. This vulnerability can be triggered even when Restricted Mode is enabled (which is the default for workspaces that have not been explicitly trusted by the user).

In this post, we’ll walk through how the bug works and how it bypasses VS Code’s Restricted Mode.

starlabs.sg EN 2025 XSS Visual VisualStudio RCE Electron
SAP fixes suspected Netweaver zero-day exploited in attacks https://www.bleepingcomputer.com/news/security/sap-fixes-suspected-netweaver-zero-day-exploited-in-attacks/
25/04/2025 20:05:47
QRCode
archive.org
thumbnail

SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers.

bleepingcomputer EN 2025 Actively-Exploited Authentication-Bypass RCE Remote-Code-Execution SAP Vulnerability Zero-Day
Cisco Webex bug lets hackers gain code execution via meeting links https://www.bleepingcomputer.com/news/security/cisco-webex-bug-lets-hackers-gain-code-execution-via-meeting-links/?is=e4f6b16c6de31130985364bb824bcb39ef6b2c4e902e4e553f0ec11bdbefc118
23/04/2025 08:26:43
QRCode
archive.org
thumbnail

Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links.

bleepingcomputer EN 2025 vulnerability Cisco RCE Remote-Code-Execution WebEx CVE-2025-20236
CVE-2025-22457 https://attackerkb.com/topics/0ybGQIkHzR/cve-2025-22457/rapid7-analysis
10/04/2025 21:41:35
QRCode
archive.org
thumbnail

On April 3, 2025, Ivanti published an advisory for CVE-2025-22457, an unauthenticated remote code execution vulnerability due to a stack based buffer overflow.…

attackerkb EN 2025 CVE-2025-22457 RCE Ivanti
Anatomy of an LLM RCE https://www.cyberark.com/resources/all-blog-posts/anatomy-of-an-llm-rce
09/04/2025 06:45:55
QRCode
archive.org
thumbnail

As large language models (LLMs) become more advanced and are granted additional capabilities by developers, security risks increase dramatically. Manipulated LLMs are no longer just a risk of...

cyberark EN 2025 LLM RCE analysis AI
IngressNightmare | Critical Unauthenticated RCE Vulnerabilities in Kubernetes Ingress NGINX https://www.sentinelone.com/blog/ingressnightmare-critical-unauthenticated-rce-vulnerabilities-in-kubernetes-ingress-nginx/?mkt_tok=MzI3LU1OTS0wODcAAAGZoSqCgJKW8GZrBlMYPeWfury7MVslnp5B4LAsxkQ_lfeW4FYUibpoiQPkuEZi9F9G7G8U_gruF2jLoiVTDCdKDqL26IdIvfIP74OJCs1lLOF4Hlg
07/04/2025 09:55:41
QRCode
archive.org
thumbnail

We share actionable mitigation and detection strategies against IngressNightmare so you can protect against possible exploitation in runtime.

sentinelone EN 2025 IngressNightmare ritical Unauthenticated RCE Kubernetes Vulnerabilities
CVE-2024-12356 https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysis
14/02/2025 09:59:45
QRCode
archive.org
thumbnail

On December 16, 2024, BeyondTrust published both an advisory and patches for CVE-2024-12356, a critical unauthenticated remote code execution (RCE) vulnerabili…

attackerkb EN 2025 BeyondTrust RCE CVE-2024-12356
Critical Cisco ISE bug can let attackers run commands as root https://www.bleepingcomputer.com/news/security/critical-cisco-ise-bug-can-let-attackers-run-commands-as-root/
06/02/2025 21:07:01
QRCode
archive.org
thumbnail

Cisco has fixed two critical Identity Services Engine (ISE) vulnerabilities that can let attackers with read-only admin privileges bypass authorization and run commands as root.

bleepingcomputer EN 2025 Bypass Cisco Cisco-ISE Identity-Services-Engine RCE Remote-Command-Execution Root
(Non-US) :: DSL-3788 :: H/W Rev. Ax/Bx :: F/W v1.01R1B036_EU_EN :: Unauthenticated Remote Code Execution (RCE) Vulnerability https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10418
29/01/2025 22:24:38
QRCode
archive.org

On November 25, 2024, a third party, from SECURE NETWORK BVTECH, reported the D-Link DSL-3788 hardware revision B2 with firmware version vDSL-3788_fw_revA1_1.01R1B036_EU_EN or below, of a Unauthenticated Remote Code Execution (RCE) vulnerability.

When D-Link became aware of the reported security issues, we promptly started investigating and developing security patches. Patches were release within the 90-day of the report of the vulnerabilities.

dlink EN 2025 announcement DSL-3788 hardware RCE vulnerability
What We Know About CVE-2024-49112 and CVE-2024-49113 https://www.trendmicro.com/en_us/research/25/a/what-we-know-about-cve-2024-49112-and-cve-2024-49113.html
04/01/2025 12:11:50
QRCode
archive.org
thumbnail

In December 2024, two Windows Lightweight Directory Access Protocol (LDAP) vulnerabilities were identified by independent security researcher Yuki Chen: CVE-2024-49112, a remote code execution (RCE) flaw with a 9.8 CVSS score, and CVE-2024-49113, a denial-of-service (DoS) flaw with a 7.5 CVSS score.

trendmicro EN 2024 CVE-2024-49112 CVE-2024-49113 LDAPNightmare Microsoft LDAP RCE
Veeam warns of critical RCE bug in Service Provider Console https://www.bleepingcomputer.com/news/security/veeam-warns-of-critical-rce-bug-in-service-provider-console/
07/12/2024 09:55:40
QRCode
archive.org
thumbnail

​Veeam released security updates today to address two Service Provider Console (VSPC) vulnerabilities, including a critical remote code execution (RCE) discovered during internal testing.

VSPC, described by the company as a remote-managed BaaS (Backend as a Service) and DRaaS (Disaster Recovery as a Service) platform, is used by service providers to monitor the health and security of customer backups, as well as manage their Veeam-protected virtual, Microsoft 365, and public cloud workloads.

bleepingcomputer EN 2024 RCE bug DRaaS VSPC Veeam
Zero-Click Flaw Exposes Potentially Millions of Popular Storage Devices to Attack https://www.wired.com/story/synology-zero-click-vulnerability/
01/11/2024 16:06:26
QRCode
archive.org
thumbnail

A vulnerability categorized as “critical” in a photo app installed by default on Synology network-attached storage devices could give attackers the ability to steal data and worse.

wired EN 2024 Synology photos vulnerabilities RCE Pwn2Own critical vulnerability
Authenticated Remote Code Execution in multiple Xerox printers https://sec-consult.com/vulnerability-lab/advisory/authenticated-remote-code-execution-in-multiple-xerox-printers/
23/10/2024 11:33:04
QRCode
archive.org

Multiple Xerox printers (EC80xx, AltaLink, VersaLink, WorkCentre) were affected by an authenticated remote code execution vulnerability which allowed an attacker with administrative web credentials to fully compromise the devices with root privileges on the operating system.

sec-consult EN 2024 xerox printers RCE CVE-2024-6333
Attacking UNIX Systems via CUPS, Part I https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/
27/09/2024 09:16:44
QRCode
archive.org
thumbnail

Hello friends, this is the first of two, possibly three (if and when I have time to finish the Windows research) writeups. We will start with targeting GNU/Linux systems with an RCE. As someone who’s

evilsocket CVE-2024-47076 libcupsfilter CVE-2024-47175 libppd CVE-2024-47176 cups-browsed CVE-2024-47177 cups-filters RCE
VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest https://www.securityweek.com/vmware-patches-remote-code-execution-flaw-found-in-chinese-hacking-contest/
17/09/2024 21:52:46
QRCode
archive.org

VMware warned that an attacker with network access could send a specially crafted packet to execute remote code. CVSS severity score 9.8/10.

securityweek EN 2024 CVE-2024-38812 CVE-2024-38813 VMware RCE vulnerability
page 1 / 4
4497 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio