Aggregator

CVE-2022-33889 | Autodesk Design Review/AutoCAD GIF heap-based overflow

Vuldb Updates
18 hours 59 minutes ago
A vulnerability was found in Autodesk Design Review and AutoCAD. It has been rated as critical. This affects an unknown function of the component GIF Handler. The manipulation leads to heap-based buffer overflow. This vulnerability is traded as CVE-2022-33889. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is advised.
vuldb.com

China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

The Hackers News
18 hours 59 minutes ago
Threat actors affiliated with China have been attributed to a fresh set of cyber espionage campaigns targeting government and law enforcement agencies across Southeast Asia throughout 2025. Check Point Research is tracking the previously undocumented activity cluster under the moniker Amaranth-Dragon, which it said shares links to the APT 41 ecosystem. Targeted countries include Cambodia,
The Hacker News

CVE-2012-5639 | LibreOffice/OpenOffice up to 4.1.14 Embedded Content input validation

Vuldb Updates
19 hours ago
A vulnerability was found in LibreOffice and OpenOffice up to 4.1.14. It has been rated as critical. Affected is an unknown function of the component Embedded Content Handler. This manipulation causes improper input validation. This vulnerability appears as CVE-2012-5639. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is advised.
vuldb.com

CVE-2024-28888 | Foxit Reader 2024.1.0.23997 Javascript use after free (TALOS-2024-1967 / Nessus ID 209276)

Vuldb Updates
19 hours 2 minutes ago
A vulnerability, which was classified as critical, has been found in Foxit Reader 2024.1.0.23997. Impacted is an unknown function of the component Javascript Handler. The manipulation leads to use after free. This vulnerability is traded as CVE-2024-28888. It is possible to initiate the attack remotely. There is no exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2023-47804 | Apache OpenOffice up to 4.1.14 Macro URL argument injection

Vuldb Updates
19 hours 3 minutes ago
A vulnerability, which was classified as critical, has been found in Apache OpenOffice up to 4.1.14. Impacted is an unknown function of the component Macro URL Handler. Performing a manipulation results in argument injection. This vulnerability was named CVE-2023-47804. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.
vuldb.com

CVE-2023-1183 | Document Foundation LibreOffice up to 7.4.5/7.5.0 path traversal (Nessus ID 264501)

Vuldb Updates
19 hours 5 minutes ago
A vulnerability was found in Document Foundation LibreOffice up to 7.4.5/7.5.0. It has been classified as critical. This affects an unknown function. This manipulation causes path traversal. This vulnerability appears as CVE-2023-1183. The attack may be initiated remotely. In addition, an exploit is available. Upgrading the affected component is recommended.
vuldb.com

Lynx

Dark Feed IO
19 hours 7 minutes ago

You must login to view this content

cohenido

CVE-2025-54660 | Fortinet FortiClientWindows up to 7.0.14/7.2.10/7.4.3 VPN User Password debug code (FG-IR-25-844)

Vuldb Updates
19 hours 7 minutes ago
A vulnerability was found in Fortinet FortiClientWindows up to 7.0.14/7.2.10/7.4.3 and classified as problematic. This affects an unknown function of the component VPN User Password Handler. The manipulation results in active debug code. This vulnerability was named CVE-2025-54660. The attack needs to be approached locally. There is no available exploit. It is suggested to upgrade the affected component.
vuldb.com

CVE-2025-13086 | OpenVPN up to 2.7_rc1 Source IP Address verification of source (EUVD-2025-201102 / Nessus ID 277384)

Vuldb Updates
19 hours 7 minutes ago
A vulnerability classified as problematic has been found in OpenVPN up to 2.7_rc1. Impacted is an unknown function of the component Source IP Address Handler. This manipulation causes improper verification of source of a communication channel. This vulnerability is tracked as CVE-2025-13086. The attack is possible to be carried out remotely. No exploit exists. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-13751 | OpenVPN up to 2.7_rc2 on Windows Interactive Service Agent allocation of resources (EUVD-2025-200999)

Vuldb Updates
19 hours 8 minutes ago
A vulnerability, which was classified as problematic, was found in OpenVPN up to 2.7_rc2 on Windows. This affects an unknown part of the component Interactive Service Agent. The manipulation results in allocation of resources. This vulnerability is reported as CVE-2025-13751. The attack requires a local approach. No exploit exists. You should upgrade the affected component.
vuldb.com

From Insight to Impact: Observability Fuels AI-Driven Innovation

Netscout
19 hours 8 minutes ago
As Barcelona prepares to serve up both tapas and terabytes, the Mobile World Congress (MWC) is once again turning this sun-drenched city into the global capital of 5G connectivity. This year’s conference focus—“The IQ Era”—is set to hone in on 5G advances, AI integration, and mobile innovation. And NETSCOUT will be an...
Heather Broughton

Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia

Check Point Research
19 hours 11 minutes ago

Key Points Introduction Check Point Research has identified several campaigns targeting multiple countries in the Southeast Asian region. These related activities have been collectively categorized under the codename “Amaranth-Dragon”. The campaigns demonstrate a clear focus on government entities across the region, suggesting a motivated threat actor with a strong interest in geopolitical intelligence. The campaigns […]

The post Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia appeared first on Check Point Research.

[email protected]

Managed ad