LDAPNightmare, a PoC exploit targets Windows LDAP flaw CVE-2024-49113

Experts warn of a new PoC exploit, LDAPNightmare, that targets a Windows LDAP flaw (CVE-2024-49113), causing crashes & reboots. The vulnerability CVE-2024-49113 (CVSS score of 7.5), named LDAPNightmare, is a Windows Lightweight Directory Access Protocol (LDAP) Denial of Service flaw that was discovered by the researcher Yuki Chen. An attacker can exploit the now-patched vulnerability to […]

Windows KDC Proxy RCE Vulnerability Allows Remote Server Takeover

itsecuritynews.info - 05/Mar 06:03

A recently patched remote code execution (RCE) vulnerability in Microsoft Windows’ Key Distribution Center (KDC) Proxy implementation allows...

Microsoft fixed actively exploited flaw in Power Pages

securityaffairs.co - 20/Feb 11:20

Microsoft addressed a privilege escalation vulnerability in Power Pages, the flaw is actively exploited in attacks. Microsoft has addressed two...

Google Released PoC for CVE-2025-0110 PAN OS Flaw

thecyberthrone.in - 23/Feb 14:25

Google’s Project Zero and Mandiant cybersecurity teams have jointly released a proof-of-concept (PoC) exploit for a significant security...

Google Released PoC Exploit For Palo Alto Firewall Command Injection Vulnerability

itsecuritynews.info - 21/Feb 05:11

Google’s Project Zero and Mandiant cybersecurity teams have jointly published a proof-of-concept (PoC) exploit for a high-severity command injection...

LibreOffice Flaws Allow Attackers to Run Malicious Files on Windows

itsecuritynews.info - 27/Feb 06:04

A high-severity security vulnerability (CVE-2025-0514) in LibreOffice, the widely used open-source office suite, has been patched after researchers...

Citrix addressed NetScaler console privilege escalation flaw

securityaffairs.co - 20/Feb 10:46

Citrix addressed a high-severity privilege escalation vulnerability impacting NetScaler Console and NetScaler Agent under certain conditions. Citrix...

Elastic patches critical Kibana flaw allowing code execution

securityaffairs.co - 21:35

Elastic fixed a critical flaw in the Kibana data visualization dashboard software for Elasticsearch that could lead to arbitrary code execution....

WordPress Plugin Vulnerability Exposes 10,000 Sites to Code Execution Attacks

itsecuritynews.info - 05/Mar 15:04

A critical security flaw in the GiveWP Donation Plugin tracked as CVE-2025-0912, has exposed over 100,000 WordPress websites to unauthenticated remote...

CVE-2025-20111 impacts Cisco Nexus

thecyberthrone.in - 03/Mar 15:10

CVE-2025-20111 is a high-severity vulnerability identified in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and Cisco Nexus...

PoC Exploit Released for F5 BIG-IP Command Injection Vulnerability

itsecuritynews.info - 24/Feb 05:32

Security researchers have disclosed critical details about CVE-2025-20029, a command injection vulnerability in F5’s BIG-IP Traffic Management...

Rubriques :