Advanced Search

Three advisories cover vulnerabilities and weaknesses in Ivanti Cloud Services Application (CSA), Ivanti Neurons for MDM, Ivanti Connect Secure, Policy Secure, and Secure Access Client.

Year

2025

Severity

Medium

Threat type

Insecure software

Palo Alto Networks Releases Security Updates for PAN-OS

Attack chain using CVE-2025-0108 and CVE-2025-0111 has been observed in the wild

Active Exploitation of Critical Vulnerability Chain in SimpleHelp

CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728 can be exploited in a chain to allow full compromise of a SimpleHelp server

Juniper Networks Releases Out-of-Cycle Security Bulletin for Critical Vulnerability

API authentication bypass vulnerability CVE-2025-21589 affects Session Smart Router, Conductor, and WAN Assurance Managed Routers

F5 Releases Quarterly Security Notification (February 2025) Affecting BIG-IP Products

One of the 13 high impact advisories addresses the command injection vulnerability CVE-2025-20029, which could lead to arbitrary system command execution

Medixant Releases Security Update for RadiAnt DICOM Viewer

Successful exploitation of CVE-2025-1001 could allow an attacker to perform a machine-in-the-middle attack (MITM)

Cisco Releases Security Advisory for Secure Client

CVE-2025-20206 could allow an attacker to execute arbitrary code with system privileges

Microsoft Releases March 2025 Security Updates

Scheduled updates for Microsoft products, including security updates for 57 vulnerabilities, of which six are reported as exploited

Apple Releases Security Updates for Multiple Products

Security updates include remediation for exploited vulnerability CVE-2025-24201, which affects iOS, iPadOS, and macOS

Broadcom Releases Security Updates for VMware ESXi, Workstation, Fusion, and vCenter Server

Advisory addresses three security vulnerabilities that could result in DoS, RCE, or partially reading arbitrary files

Multiple Vulnerabilities in Ivanti Endpoint Manager Mobile

Vulnerabilities could allow an attacker to escalate privileges, modify data, or execute arbitrary commands

Successful exploitation of CVE-2025-1001 could allow an attacker to perform a machine-in-the-middle attack (MITM)

Medixant Releases Security Update for R...

Threat ID:CC-4625 Threat Severity:Medium Published:24 February 2025 3:20 PM Summary Successful exploitation of CVE-2025-1001 could allow an attacker to perform a machine-in-the-middle attack (MITM) Affected platforms The following platforms are known t...

Vulnerabilities in RSync could allow an attacker to execute arbitrary code or perform path traversal

Proof-of-Concept Exploits Released for ...

Threat ID:CC-4626 Threat Severity:Medium Published:26 February 2025 5:35 PM Summary Vulnerabilities in RSync could allow an attacker to execute arbitrary code or perform path traversal Affected platforms The following platforms are known to be affected...

Proof-of-concept exploit code released for SQL injection vulnerability CVE-2025-1094

Security updates released for PostgreSQL

Threat ID:CC-4622 Threat Severity:Medium Published:14 February 2025 3:17 PM Summary Proof-of-concept exploit code released for SQL injection vulnerability CVE-2025-1094 Affected platforms The following platforms are known to be affected: Postg...

10 security advisories address multiple vulnerabilities, including seven high and three medium severity advisories

Cisco Releases Security Advisories for ...

Threat ID:CC-4631 Threat Severity:Medium Published:13 March 2025 3:23 PM Summary 10 security advisories address multiple vulnerabilities, including seven high and three medium severity advisories Affected platforms The following platforms are known t...

More Results