RCE via ND6 Router Advertisements in FreeBSD
https://www.freebsd.org/security/advisories/FreeBSD-SA-25:12.rtsold.asc
#HackerNews #RCE #ND6 #Router #FreeBSD #Security #Advisory #Cybersecurity
Inside PostHog: SSRF, ClickHouse SQL Escape and Default Postgres Creds to RCE
#HackerNews #InsidePostHog #SSRF #ClickHouse #RCE #Cybersecurity
A public service announcement regarding CVEs: one identified vulnerability gets one #CVE.
Each vendor doesn't get their own CVE that corresponds to their security bulletin.
CVE-2025-66478 is REJECTED as duplicate of CVE-2025-55182
RCE Vulnerability in React and Next.js
https://github.com/vercel/next.js/security/advisories/GHSA-9qr9-h5gf-34mp
#HackerNews #RCE #Vulnerability #in #React #and #Next.js #ReactJS #NextJS #Vulnerability #Cybersecurity #SoftwareSecurity
If you use 7zip, or its forks and derivatives, then ensure you have updated to v25.0 or later. Check now! 🙂👍
If you use 7zip, or its forks and derivatives, then ensure you have updated to v25.0 or later. Check now! 🙂👍
GoSign Desktop RCE flaws affecting users in Italy
https://www.ush.it/2025/11/14/multiple-vulnerabilities-gosign-desktop-remote-code-execution/
#HackerNews #GoSignDesktop #RCE #Italy #vulnerabilities #cybersecurity #remoteCodeExecution
No Leak, No Problem – Bypassing ASLR with a ROP Chain to Gain RCE
https://modzero.com/en/blog/no-leak-no-problem/
#HackerNews #NoLeakNoProblem #ROPChain #RCE #SecurityResearch #ASLR #Exploit
🪤 TARmageddon (CVE-2025-62518): RCE Vulnerability Highlights the Challenges of Open Source Abandonware
「 In the worst-case scenario, this vulnerability has a severity of 8.1 (High) and can lead to Remote Code Execution (RCE) through file overwriting attacks, such as replacing configuration files or hijacking build backends 」
"SUSE Multi-Linux Manager provides automated patching, content lifecycle management, and realtime monitoring to keep your mixed Linux environment secure"
Stefano Marinelli
boosted
For our MSFT-aligned friends in particular,
Happy POST /_layouts/15/ToolPane.aspx?DisplayMode=Edit day to all who celebrate!
https://www.cisa.gov/news-events/alerts/2025/07/20/microsoft-releases-guidance-exploitation-sharepoint-vulnerability-cve-2025-53770 #sharepoint #bugs #msft #post #rce
For our MSFT-aligned friends in particular,
Happy POST /_layouts/15/ToolPane.aspx?DisplayMode=Edit day to all who celebrate!
https://www.cisa.gov/news-events/alerts/2025/07/20/microsoft-releases-guidance-exploitation-sharepoint-vulnerability-cve-2025-53770 #sharepoint #bugs #msft #post #rce
maco
and 1 other
boosted
I found a vulnerability in git. CVE-2025-48384: Breaking git with a carriage return and cloning RCE - https://dgl.cx/2025/07/git-clone-submodule-cve-2025-48384
As the post explains this is one of my favourite classes of vulnerability, using characters that are old and sometimes forgotten.
I found a vulnerability in git. CVE-2025-48384: Breaking git with a carriage return and cloning RCE - https://dgl.cx/2025/07/git-clone-submodule-cve-2025-48384
As the post explains this is one of my favourite classes of vulnerability, using characters that are old and sometimes forgotten.