CyberAlerts

CVE-2025-1107

Description: Multiple vulnerabilities in Janto Fri, 02/07/2025 - 13:37 Aviso Affected Resources Janto, versions prior to r12. Description INCIBE has coordinated the publication of 2 vulnerabilities: one critical and one high severity, affecting Janto de Impronta, a ticketing platform, which have been discovered by Guzmán Fernández Ocaña.These vulnerabilities have been assigned the following codes, CVSS v3.1 base score, CVSS vector and CWE vulnerability type for each vulnerability.CVE-2025-1107: CVSS v3.1: 9.9 | CVSS AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L | CWE-620CVE-2025-1108: CVSS v3.1: 8.6 | CVSS AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N | CWE-345 Identificador INCIBE-2025-0066 5 - Critical Solution With the implemented patches by the Impronta team, the detected vulnerabilities have been fixed.All customers using this product in SaaS mode have been upgraded to version r12 which fixes these issues. Detail CVE-2025-1107: unverified password change vulnerability in Janto from Impronta. This could allow an unauthenticated attacker to change another user's password without knowing their current password. To exploit the vulnerability, the attacker must create a specific POST request and send it to the endpoint ‘/public/cgi/Gateway.php’.CVE-2025-1108: insufficient data authenticity verification vulnerability ...

EPSS Score: 0.04%

Source: Incibe CERT

February 7th, 2025 (5 months ago)

UK industry leaders unleash hurricane-grade scale for cyberattacks

Source: TheRegister

February 7th, 2025 (5 months ago)

Microsoft Identifies 3,000+ Publicly Disclosed ASP.NET Machine Keys Vulnerable to Code Injection

Description: Microsoft is warning of an insecure practice wherein software developers are incorporating publicly disclosed ASP.NET machine keys from publicly accessible resources, thereby putting their applications in attackers' pathway. The tech giant's threat intelligence team said it observed limited activity in December 2024 that involved an unknown threat actor using a publicly available, static ASP.NET

Source: TheHackerNews

February 7th, 2025 (5 months ago)

AI-Powered Social Engineering: Reinvented Threats

Description: The foundations for social engineering attacks – manipulating humans – might not have changed much over the years. It’s the vectors – how these techniques are deployed – that are evolving. And like most industries these days, AI is accelerating its evolution. This article explores how these changes are impacting business, and how cybersecurity leaders can respond. Impersonation attacks:

Source: TheHackerNews

February 7th, 2025 (5 months ago)

Microsoft Edge update adds AI-powered Scareware Blocker

Description: Microsoft Edge 133 is now rolling out globally, and it ships with several improvements, including a new scareware blocker feature. In addition, Microsoft is updating the backend of the Downloads UI with performance improvements. [...]

Source: BleepingComputer

February 7th, 2025 (5 months ago)

India’s RBI Introduces Exclusive "bank.in" Domain to Combat Digital Banking Fraud

Description: India's central bank, the Reserve Bank of India (RBI), said it's introducing an exclusive "bank.in" internet domain for banks in the country to combat digital financial fraud. "This initiative aims to reduce cyber security threats and malicious activities like phishing; and, streamline secure financial services, thereby enhancing trust in digital banking and payment services," the RBI said in a

Source: TheHackerNews

February 7th, 2025 (5 months ago)

Microsoft Warns of Code Injection via Exposed ASP.NET Keys

Description: Microsoft Threat Intelligence has identified a security risk involving publicly available ASP.NET machine keys, which have been exploited in code injection attacks. Microsoft’s security researchers observed limited malicious activity in December 2024, when a threat actor leveraged a publicly disclosed ASP.NET machine key to perform a ViewState code injection attack. During the investigation, Microsoft found … The post Microsoft Warns of Code Injection via Exposed ASP.NET Keys appeared first on CyberInsider.

Source: CyberInsider

February 7th, 2025 (5 months ago)

CVE-2024-50275

Oracle Linux 8 : kernel (ELSA-2025-1068)

Description: Nessus Plugin ID 215071 with High Severity Synopsis The remote Oracle Linux host is missing one or more security updates. Description The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-1068 advisory. - arm64/sve: Discard stale CPU state when handling SVE traps (Mark Salter) [RHEL-71535] {CVE-2024-50275}Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. Solution Update the affected packages. Read more at https://www.tenable.com/plugins/nessus/215071

Source: Tenable Plugins

February 7th, 2025 (5 months ago)

CVE-2025-1072

GitLab 7.14.1 < 17.3.7 / 17.4 < 17.4.4 / 17.5 < 17.5.2 (CVE-2025-1072)

Description: Nessus Plugin ID 215072 with Medium Severity Synopsis The version of GitLab installed on the remote host is affected by a vulnerability. Description The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14.1 prior to 17.3.7, 17.4 prior to 17.4.4, and 17.5 prior to 17.5.2. A denial of service could occur upon importing maliciously crafted content using the Fogbugz importer. (CVE-2025-1072)Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Upgrade to GitLab version 17.3.7, 17.4.4, 17.5.2 or later. Read more at https://www.tenable.com/plugins/nessus/215072

CVSS: MEDIUM (6.5)

EPSS Score: 0.05%

Source: Tenable Plugins

February 7th, 2025 (5 months ago)

Fedora 40 : java-11-openjdk (2025-603b975ee6)

Description: Nessus Plugin ID 215073 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-603b975ee6 advisory. January CPU 2025Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected 1:java-11-openjdk package. Read more at https://www.tenable.com/plugins/nessus/215073

Source: Tenable Plugins

February 7th, 2025 (5 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-1107	Múltiples vulnerabilidades en Janto Description: Multiple vulnerabilities in Janto Fri, 02/07/2025 - 13:37 Aviso Affected Resources Janto, versions prior to r12. Description INCIBE has coordinated the publication of 2 vulnerabilities: one critical and one high severity, affecting Janto de Impronta, a ticketing platform, which have been discovered by Guzmán Fernández Ocaña.These vulnerabilities have been assigned the following codes, CVSS v3.1 base score, CVSS vector and CWE vulnerability type for each vulnerability.CVE-2025-1107: CVSS v3.1: 9.9 \| CVSS AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L \| CWE-620CVE-2025-1108: CVSS v3.1: 8.6 \| CVSS AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N \| CWE-345 Identificador INCIBE-2025-0066 5 - Critical Solution With the implemented patches by the Impronta team, the detected vulnerabilities have been fixed.All customers using this product in SaaS mode have been upgraded to version r12 which fixes these issues. Detail CVE-2025-1107: unverified password change vulnerability in Janto from Impronta. This could allow an unauthenticated attacker to change another user's password without knowing their current password. To exploit the vulnerability, the attacker must create a specific POST request and send it to the endpoint ‘/public/cgi/Gateway.php’.CVE-2025-1108: insufficient data authenticity verification vulnerability ... EPSS Score: 0.04% Source: Incibe CERT February 7th, 2025 (5 months ago)
	UK industry leaders unleash hurricane-grade scale for cyberattacks Source: TheRegister February 7th, 2025 (5 months ago)
	Microsoft Identifies 3,000+ Publicly Disclosed ASP.NET Machine Keys Vulnerable to Code Injection Description: Microsoft is warning of an insecure practice wherein software developers are incorporating publicly disclosed ASP.NET machine keys from publicly accessible resources, thereby putting their applications in attackers' pathway. The tech giant's threat intelligence team said it observed limited activity in December 2024 that involved an unknown threat actor using a publicly available, static ASP.NET Source: TheHackerNews February 7th, 2025 (5 months ago)
	AI-Powered Social Engineering: Reinvented Threats Description: The foundations for social engineering attacks – manipulating humans – might not have changed much over the years. It’s the vectors – how these techniques are deployed – that are evolving. And like most industries these days, AI is accelerating its evolution. This article explores how these changes are impacting business, and how cybersecurity leaders can respond. Impersonation attacks: Source: TheHackerNews February 7th, 2025 (5 months ago)
	Microsoft Edge update adds AI-powered Scareware Blocker Description: Microsoft Edge 133 is now rolling out globally, and it ships with several improvements, including a new scareware blocker feature. In addition, Microsoft is updating the backend of the Downloads UI with performance improvements. [...] Source: BleepingComputer February 7th, 2025 (5 months ago)
	India’s RBI Introduces Exclusive "bank.in" Domain to Combat Digital Banking Fraud Description: India's central bank, the Reserve Bank of India (RBI), said it's introducing an exclusive "bank.in" internet domain for banks in the country to combat digital financial fraud. "This initiative aims to reduce cyber security threats and malicious activities like phishing; and, streamline secure financial services, thereby enhancing trust in digital banking and payment services," the RBI said in a Source: TheHackerNews February 7th, 2025 (5 months ago)
	Microsoft Warns of Code Injection via Exposed ASP.NET Keys Description: Microsoft Threat Intelligence has identified a security risk involving publicly available ASP.NET machine keys, which have been exploited in code injection attacks. Microsoft’s security researchers observed limited malicious activity in December 2024, when a threat actor leveraged a publicly disclosed ASP.NET machine key to perform a ViewState code injection attack. During the investigation, Microsoft found … The post Microsoft Warns of Code Injection via Exposed ASP.NET Keys appeared first on CyberInsider. Source: CyberInsider February 7th, 2025 (5 months ago)
CVE-2024-50275	Oracle Linux 8 : kernel (ELSA-2025-1068) Description: Nessus Plugin ID 215071 with High Severity Synopsis The remote Oracle Linux host is missing one or more security updates. Description The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-1068 advisory. - arm64/sve: Discard stale CPU state when handling SVE traps (Mark Salter) [RHEL-71535] {CVE-2024-50275}Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. Solution Update the affected packages. Read more at https://www.tenable.com/plugins/nessus/215071 Source: Tenable Plugins February 7th, 2025 (5 months ago)
CVE-2025-1072	GitLab 7.14.1 < 17.3.7 / 17.4 < 17.4.4 / 17.5 < 17.5.2 (CVE-2025-1072) Description: Nessus Plugin ID 215072 with Medium Severity Synopsis The version of GitLab installed on the remote host is affected by a vulnerability. Description The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14.1 prior to 17.3.7, 17.4 prior to 17.4.4, and 17.5 prior to 17.5.2. A denial of service could occur upon importing maliciously crafted content using the Fogbugz importer. (CVE-2025-1072)Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Upgrade to GitLab version 17.3.7, 17.4.4, 17.5.2 or later. Read more at https://www.tenable.com/plugins/nessus/215072 CVSS: MEDIUM (6.5) EPSS Score: 0.05% Source: Tenable Plugins February 7th, 2025 (5 months ago)
	Fedora 40 : java-11-openjdk (2025-603b975ee6) Description: Nessus Plugin ID 215073 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-603b975ee6 advisory. January CPU 2025Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected 1:java-11-openjdk package. Read more at https://www.tenable.com/plugins/nessus/215073 Source: Tenable Plugins February 7th, 2025 (5 months ago)