Microsoft fixed actively exploited flaw in Power Pages

Microsoft addressed a privilege escalation vulnerability in Power Pages, the flaw is actively exploited in attacks. Microsoft has addressed two critical vulnerabilities, tracked as CVE-2025-21355 (CVSS score: 8.6) and CVE-2025-24989 (CVSS score: 8.2), respectively impacting Bing and Power Pages. CVE-2025-21355 is a missing authentication for critical Function in Microsoft Bing, an unauthorized attacker could exploit the flaw […]

Microsoft Patches Actively Exploited Power Pages Privilege Escalation Vulnerability

itsecuritynews.info - 20/Feb 05:31

Microsoft has released security updates to address two Critical-rated flaws impacting Bing and Power Pages, including one that has come under active...

Critical Microsoft Bing Vulnerability Enabled Remote Code Execution Attacks

itsecuritynews.info - 20/Feb 05:32

A critical security flaw in Microsoft Bing tracked as CVE-2025-21355, allowed unauthorized attackers to execute arbitrary code remotely, posing severe...

Juniper Networks fixed a critical flaw in Session Smart Routers

securityaffairs.co - 18/Feb 22:30

Juniper Networks has addressed a critical vulnerability, tracked as CVE-2025-21589, impacting the Session Smart Router. Juniper Networks addressed a...

Palo Alto Networks tags new firewall bug as exploited in attacks

bleepingcomputer.com - 19/Feb 15:38

Palo Alto Networks warns that hackers are actively exploiting a critical authentication bypass flaw (CVE-2025-0108) in PAN-OS firewalls, chaining it...

Citrix addressed NetScaler console privilege escalation flaw

securityaffairs.co - 20/Feb 10:46

Citrix addressed a high-severity privilege escalation vulnerability impacting NetScaler Console and NetScaler Agent under certain conditions. Citrix...

Microsoft Patch Tuesday – February 2025

thecyberthrone.in - 12/Feb 00:58

Microsoft’s February 2025 Patch Tuesday is a significant update, addressing a total of 55 vulnerabilities, including four zero-day...

OpenSSH bugs allows Man-in-the-Middle and DoS Attacks

securityaffairs.co - 19/Feb 12:10

Two OpenSSH vulnerabilities could allow machine-in-the-middle (MitM) and denial-of-service (DoS) attacks under certain conditions. The Qualys Threat...

Microsoft Patch Tuesday February 2025 – 61 Vulnerabilities Fixed, 3 Zero-Day’s Actively Exploited

itsecuritynews.info - 11/Feb 20:32

Microsoft released a security update as part of the February Patch Tuesday that addressed 61 vulnerabilities, including 25 classified as critical...

SonicWall Firewall Authentication Bypass Vulnerability Exploited in Wild Following PoC Release

itsecuritynews.info - 16/Feb 06:31

A critical authentication bypass vulnerability in SonicWall firewalls, tracked as CVE-2024-53704, is now being actively exploited in the wild,...

Symantec Diagnostic Tool Flaw Enables Unauthorized Privilege Escalation

itsecuritynews.info - 20/Feb 08:11

Symantec, a division of Broadcom, has released a critical security update to address a high-severity vulnerability identified in its Symantec...

Rubriques :