CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Microsoft Threat Intelligence has identified a security risk involving publicly available ASP.NET machine keys, which have been exploited in code injection attacks. Microsoft’s security researchers observed limited malicious activity in December 2024, when a threat actor leveraged a publicly disclosed ASP.NET machine key to perform a ViewState code injection attack. During the investigation, Microsoft found …
The post Microsoft Warns of Code Injection via Exposed ASP.NET Keys appeared first on CyberInsider.
February 7th, 2025 (5 months ago)
|
CVE-2024-50275 |
Description:
Nessus Plugin ID 215071 with High Severity
Synopsis
The remote Oracle Linux host is missing one or more security updates.
Description
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-1068 advisory. - arm64/sve: Discard stale CPU state when handling SVE traps (Mark Salter) [RHEL-71535] {CVE-2024-50275}Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.
Read more at https://www.tenable.com/plugins/nessus/215071
February 7th, 2025 (5 months ago)
|
|
|
Description:
Nessus Plugin ID 215073 with High Severity
Synopsis
The remote Fedora host is missing one or more security updates.
Description
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-603b975ee6 advisory. January CPU 2025Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected 1:java-11-openjdk package.
Read more at https://www.tenable.com/plugins/nessus/215073
February 7th, 2025 (5 months ago)
|
|
|
Description:
Nessus Plugin ID 215074 with High Severity
Synopsis
The remote Fedora host is missing one or more security updates.
Description
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-935f8882e4 advisory. January CPU 2025Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected 1:java-1.8.0-openjdk package.
Read more at https://www.tenable.com/plugins/nessus/215074
February 7th, 2025 (5 months ago)
|
|
|
Description:
Nessus Plugin ID 215075 with High Severity
Synopsis
The remote Fedora host is missing one or more security updates.
Description
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-d2f32b0607 advisory. January CPU 2025Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected 1:java-latest-openjdk package.
Read more at https://www.tenable.com/plugins/nessus/215075
February 7th, 2025 (5 months ago)
|
|
|
Description:
Nessus Plugin ID 215076 with Critical Severity
Synopsis
The remote Fedora host is missing one or more security updates.
Description
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-13bbd34b51 advisory. - Updated to latest upstream (135.0)Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected firefox package.
Read more at https://www.tenable.com/plugins/nessus/215076
February 7th, 2025 (5 months ago)
|
|
CVE-2025-0650 |
Description:
Nessus Plugin ID 215078 with High Severity
Synopsis
The remote Red Hat host is missing a security update for ovn22.03.
Description
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1083 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native support for virtual network abstractions, such as virtual L2 and L3 overlays and security groups. Security Fix(es): * ovn: egress ACLs may be bypassed via specially crafted UDP packet (CVE-2025-0650) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL ovn22.03 package based on the guidance in RHSA-2025:1083.
Read more at https://www.tenable.com/plugins/nessus/215078
EPSS Score: 0.05%
February 7th, 2025 (5 months ago)
|
|
CVE-2025-0650 |
Description:
Nessus Plugin ID 215080 with High Severity
Synopsis
The remote Red Hat host is missing a security update for ovn24.09.
Description
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1097 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native support for virtual network abstractions, such as virtual L2 and L3 overlays and security groups. Security Fix(es): * ovn: egress ACLs may be bypassed via specially crafted UDP packet (CVE-2025-0650) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL ovn24.09 package based on the guidance in RHSA-2025:1097.
Read more at https://www.tenable.com/plugins/nessus/215080
EPSS Score: 0.05%
February 7th, 2025 (5 months ago)
|
|
CVE-2025-0650 |
Description:
Nessus Plugin ID 215082 with High Severity
Synopsis
The remote Red Hat host is missing a security update for ovn22.03.
Description
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1089 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native support for virtual network abstractions, such as virtual L2 and L3 overlays and security groups. Security Fix(es): * ovn: egress ACLs may be bypassed via specially crafted UDP packet (CVE-2025-0650) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL ovn22.03 package based on the guidance in RHSA-2025:1089.
Read more at https://www.tenable.com/plugins/nessus/215082
EPSS Score: 0.05%
February 7th, 2025 (5 months ago)
|
|
CVE-2025-0650 |
Description:
Nessus Plugin ID 215083 with High Severity
Synopsis
The remote Red Hat host is missing a security update for ovn22.12.
Description
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1092 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native support for virtual network abstractions, such as virtual L2 and L3 overlays and security groups. Security Fix(es): * ovn: egress ACLs may be bypassed via specially crafted UDP packet (CVE-2025-0650) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL ovn22.12 package based on the guidance in RHSA-2025:1092.
Read more at https://www.tenable.com/plugins/nessus/215083
EPSS Score: 0.05%
February 7th, 2025 (5 months ago)
|