New assessment for topic: CVE-2025-47165
Topic description: "Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. ..."
"# Titles: Microsoft Excel LTSC Professional Pilus 2021 - Microsoft® Word LTSC MSO (16.0.14334.20090) 64-bit - Remote Code Execution Bypass - ZIP (RCE)
..."
Link: https://attackerkb.com/assessments/1160a1ba-f757-485a-b938-37fc088197ef
AttackerKB
AttackerKB bot (Unofficial)
New assessment for topic: CVE-2025-47957
Topic description: "Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. ..."
"# Software: https://www.microsoft.com/en/microsoft-365/excel?market=af ..."
Link: https://attackerkb.com/assessments/4f9ad32a-1fc4-440e-b270-9d21cce44bf0
Topic description: "Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. ..."
"# Software: https://www.microsoft.com/en/microsoft-365/excel?market=af ..."
Link: https://attackerkb.com/assessments/4f9ad32a-1fc4-440e-b270-9d21cce44bf0
New assessment for topic: CVE-2025-4653
Topic description: "Improper Neutralization of Special Elements in the backup name field may allow OS command injection ..."
"I recently opened another box of Pandora ;-) and found some vulnerabilities. ..."
Link: https://attackerkb.com/assessments/5b2df46c-e99c-4e86-8fe9-22b639c85a47
Topic description: "Improper Neutralization of Special Elements in the backup name field may allow OS command injection ..."
"I recently opened another box of Pandora ;-) and found some vulnerabilities. ..."
Link: https://attackerkb.com/assessments/5b2df46c-e99c-4e86-8fe9-22b639c85a47
New assessment for topic: CVE-2025-27751
Topic description: "Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. ..."
"# Software: https://www.microsoft.com/en/microsoft-365/excel?market=af ..."
Link: https://attackerkb.com/assessments/aad43a7e-ca5a-469b-8fa7-b041e4b0861f
Topic description: "Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. ..."
"# Software: https://www.microsoft.com/en/microsoft-365/excel?market=af ..."
Link: https://attackerkb.com/assessments/aad43a7e-ca5a-469b-8fa7-b041e4b0861f
New assessment for topic: CVE-2025-33053
Topic description: "External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network. ..."
"CVE-2025-33053 is a zero-day vulnerability that enables remote code execution (RCE) through abuse of how Windows processes resolve executable paths relative to the working directory ..."
Link: https://attackerkb.com/assessments/31876429-6c7c-4d98-9458-6805bedbbb56
Topic description: "External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network. ..."
"CVE-2025-33053 is a zero-day vulnerability that enables remote code execution (RCE) through abuse of how Windows processes resolve executable paths relative to the working directory ..."
Link: https://attackerkb.com/assessments/31876429-6c7c-4d98-9458-6805bedbbb56
New assessment for topic: CVE-2025-33073
Topic description: "Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network. ..."
"CVE-2025-33073 is a logical flaw in the Windows SMB client that enables authenticated remote attackers to achieve SYSTEM-level command execution by bypassing long-standing NTLM reflection mitigations ..."
Link: https://attackerkb.com/assessments/b38be88a-6d03-4442-8582-8e185caac3a5
Topic description: "Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network. ..."
"CVE-2025-33073 is a logical flaw in the Windows SMB client that enables authenticated remote attackers to achieve SYSTEM-level command execution by bypassing long-standing NTLM reflection mitigations ..."
Link: https://attackerkb.com/assessments/b38be88a-6d03-4442-8582-8e185caac3a5
New assessment for topic: CVE-2025-41646
Topic description: "An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion ..."
"< if ( (($objLoginData->ownPW == "") && (md5($defaultPW[0]) == $hashcode) ) || ..."
Link: https://attackerkb.com/assessments/ee73eaf9-b173-4c60-8b1b-f0e7d6b22152
Topic description: "An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion ..."
"< if ( (($objLoginData->ownPW == "") && (md5($defaultPW[0]) == $hashcode) ) || ..."
Link: https://attackerkb.com/assessments/ee73eaf9-b173-4c60-8b1b-f0e7d6b22152
New assessment for topic: CVE-2025-48734
Topic description: "Improper Access Control vulnerability in Apache Commons. ..."
"On May 28 2025, Apache posted an [advisory](https://www.openwall.com/lists/oss-security/2025/05/28/6) to the OSS Security mailing list warning that Apache Commons BeanUtils versions 1.x before 1.11.0 and 2.x before 2.0.0-M2 were vulnerable to insecure access to the Java Classloader via exposed enum properties, namely the `declaredClass` property ..."
Link: https://attackerkb.com/assessments/1d98f952-f6f1-475a-8646-74062d040247
Topic description: "Improper Access Control vulnerability in Apache Commons. ..."
"On May 28 2025, Apache posted an [advisory](https://www.openwall.com/lists/oss-security/2025/05/28/6) to the OSS Security mailing list warning that Apache Commons BeanUtils versions 1.x before 1.11.0 and 2.x before 2.0.0-M2 were vulnerable to insecure access to the Java Classloader via exposed enum properties, namely the `declaredClass` property ..."
Link: https://attackerkb.com/assessments/1d98f952-f6f1-475a-8646-74062d040247
New assessment for topic: CVE-2025-41232
Topic description: "Spring Security Aspects may not correctly locate method security annotations on private methods ..."
"On May 19 2025, Spring released an [advisory](https://spring.io/security/cve-2025-41232) warning that Spring Security versions before `6.4.6` were vulnerable to a flaw in how Spring security annotations were identified and processed, that could lead to annotations being ignored on private methods, potentially leading to authorization bypasses on those private methods ..."
Link: https://attackerkb.com/assessments/c3734c78-c018-4e5f-9c70-b5f3c074a411
Topic description: "Spring Security Aspects may not correctly locate method security annotations on private methods ..."
"On May 19 2025, Spring released an [advisory](https://spring.io/security/cve-2025-41232) warning that Spring Security versions before `6.4.6` were vulnerable to a flaw in how Spring security annotations were identified and processed, that could lead to annotations being ignored on private methods, potentially leading to authorization bypasses on those private methods ..."
Link: https://attackerkb.com/assessments/c3734c78-c018-4e5f-9c70-b5f3c074a411
New Rapid7 Analysis on AttackerKB topic: CVE-2024-58136
"Yii framework is a component-based MVC web application framework, providing developers with the building blocks to create complex web applications including modules for authentication, database access, REST etc ..."
Link: https://attackerkb.com/topics/622fff34-7ccf-4193-8a78-60e6b21d8811
"Yii framework is a component-based MVC web application framework, providing developers with the building blocks to create complex web applications including modules for authentication, database access, REST etc ..."
Link: https://attackerkb.com/topics/622fff34-7ccf-4193-8a78-60e6b21d8811
New assessment for topic: CVE-2025-4427
Topic description: "An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API. ..."
"On May 13, 2025, Ivanti [published an advisory](https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US) for [CVE-2025-4427](https://nvd.nist.gov/vuln/detail/CVE-2025-4427), a high severity authentication bypass in Ivanti Endpoint Manager Mobile (EPMM) ..."
Link: https://attackerkb.com/assessments/ef99e5bd-b83c-485a-9841-e0d54a7d4650
Topic description: "An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API. ..."
"On May 13, 2025, Ivanti [published an advisory](https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US) for [CVE-2025-4427](https://nvd.nist.gov/vuln/detail/CVE-2025-4427), a high severity authentication bypass in Ivanti Endpoint Manager Mobile (EPMM) ..."
Link: https://attackerkb.com/assessments/ef99e5bd-b83c-485a-9841-e0d54a7d4650
New assessment for topic: CVE-2025-4428
Topic description: "Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests. ..."
"On May 13, 2025, Ivanti [published an advisory](https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US) for [CVE-2025-4428](https://nvd.nist.gov/vuln/detail/CVE-2025-4428), a high-privilege expression language server-side template injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM) ..."
Link: https://attackerkb.com/assessments/a8195fc7-566e-4ad2-9926-3101a8e4d0f8
Topic description: "Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests. ..."
"On May 13, 2025, Ivanti [published an advisory](https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US) for [CVE-2025-4428](https://nvd.nist.gov/vuln/detail/CVE-2025-4428), a high-privilege expression language server-side template injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM) ..."
Link: https://attackerkb.com/assessments/a8195fc7-566e-4ad2-9926-3101a8e4d0f8
New assessment for topic: CVE-2023-41425
Topic description: "Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component. ..."
"On November 5th, WonderCMS released version 3.4.3, which addresses vulnerability CVE-2023-41425 - a reflected cross-site scripting vulnerability ..."
Link: https://attackerkb.com/assessments/7540246c-ba79-4cb1-8fed-0407049ba2b0
Topic description: "Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component. ..."
"On November 5th, WonderCMS released version 3.4.3, which addresses vulnerability CVE-2023-41425 - a reflected cross-site scripting vulnerability ..."
Link: https://attackerkb.com/assessments/7540246c-ba79-4cb1-8fed-0407049ba2b0
New assessment for topic: CVE-2025-3096
Topic description: "Clinic’s Patient Management System versions 2.0 suffers from a SQL injection vulnerability in the login page. ..."
"Clinic Patient Management System (CPMS) 2.0 is a management system written in PHP to control and manage patients and their health information ..."
Link: https://attackerkb.com/assessments/4dc1dd4e-1815-4515-a096-1fed078d0c83
Topic description: "Clinic’s Patient Management System versions 2.0 suffers from a SQL injection vulnerability in the login page. ..."
"Clinic Patient Management System (CPMS) 2.0 is a management system written in PHP to control and manage patients and their health information ..."
Link: https://attackerkb.com/assessments/4dc1dd4e-1815-4515-a096-1fed078d0c83
New assessment for topic: CVE-2024-58136
Topic description: "Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025. ..."
"On the April 9 2025, Yii released an advisory warning that Yii framework versions before `2.0.52` were susceptible to Unsafe Reflection, with this CVE essentially a patch bypass of `CVE-2024-4990` ..."
Link: https://attackerkb.com/assessments/e6d2c5ff-8653-41a3-acf1-882330960fe1
Topic description: "Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025. ..."
"On the April 9 2025, Yii released an advisory warning that Yii framework versions before `2.0.52` were susceptible to Unsafe Reflection, with this CVE essentially a patch bypass of `CVE-2024-4990` ..."
Link: https://attackerkb.com/assessments/e6d2c5ff-8653-41a3-acf1-882330960fe1
New assessment for topic: CVE-2025-22457
Topic description: "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution. ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/699141dd-fa5f-4a99-ae53-8b385bfdebc0
Topic description: "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution. ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/699141dd-fa5f-4a99-ae53-8b385bfdebc0
New assessment for topic: CVE-2025-25065
Topic description: "SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x before 10.0.12, and 10.1.x before 10.1.4 allows unauthorized redirection to internal network endpoints. ..."
"On the 17th December 2024, Zimbra released an [advisory](https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes) warning that Zimbra versions before 10.1.4 were susceptible to Server-Side Request Forgery (SSRF) via the RSS feed parser ..."
Link: https://attackerkb.com/assessments/3a9053d9-8891-4e66-8d99-af387e965048
Topic description: "SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x before 10.0.12, and 10.1.x before 10.1.4 allows unauthorized redirection to internal network endpoints. ..."
"On the 17th December 2024, Zimbra released an [advisory](https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes) warning that Zimbra versions before 10.1.4 were susceptible to Server-Side Request Forgery (SSRF) via the RSS feed parser ..."
Link: https://attackerkb.com/assessments/3a9053d9-8891-4e66-8d99-af387e965048
New assessment for topic: CVE-2025-32354
Topic description: "In Zimbra Collaboration (ZCS) 9.0 through 10.1, a Cross-Site Request Forgery (CSRF) vulnerability exists in the GraphQL endpoint (/service/extension/graphql) of Zimbra webmail due to a lack of CSRF token validation ..."
"On the 17th December 2024, Zimbra released an [advisory](https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes) warning that Zimbra versions before `10.1.4` were susceptible to Cross-Site Request Forgery (CSRF) attacks on an exposed GraphQL endpoint ..."
Link: https://attackerkb.com/assessments/48571868-d8f5-4408-8e24-b7ccec2ef7e3
Topic description: "In Zimbra Collaboration (ZCS) 9.0 through 10.1, a Cross-Site Request Forgery (CSRF) vulnerability exists in the GraphQL endpoint (/service/extension/graphql) of Zimbra webmail due to a lack of CSRF token validation ..."
"On the 17th December 2024, Zimbra released an [advisory](https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes) warning that Zimbra versions before `10.1.4` were susceptible to Cross-Site Request Forgery (CSRF) attacks on an exposed GraphQL endpoint ..."
Link: https://attackerkb.com/assessments/48571868-d8f5-4408-8e24-b7ccec2ef7e3
New assessment for topic: CVE-2025-30406
Topic description: "Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025 ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/25edbe02-53c3-4f7b-9993-e57282580766
Topic description: "Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025 ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/25edbe02-53c3-4f7b-9993-e57282580766
New assessment for topic: CVE-2024-38475
Topic description: "Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure ..."
"SonicWall [updated a 2024 advisory](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018) to note that this third-party vulnerability is being exploited in the wild in their SMA100 devices ..."
Link: https://attackerkb.com/assessments/306036ec-fc18-46f2-91b8-d8c5391031c5
Topic description: "Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure ..."
"SonicWall [updated a 2024 advisory](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018) to note that this third-party vulnerability is being exploited in the wild in their SMA100 devices ..."
Link: https://attackerkb.com/assessments/306036ec-fc18-46f2-91b8-d8c5391031c5
Client Info
Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst