Trending now

CVE-2025-13176 is a DLL injection vulnerability found in ESET Inspect Connector for Windows. This flaw allows a local attacker to exploit improper privilege management by planting a custom configuration file. This configuration file can then enable the loading of a malicious DLL. The vulnerability stems from the application's handling of configuration files, specifically its failure to properly validate or restrict modifications that control DLL loading behavior. An attacker with local access and low-level privileges can create or modify a configuration file to point to a malicious DLL, which the application subsequently loads with elevated privileges.

CVE-2025-32433 is a vulnerability found in the Erlang/OTP SSH server. It stems from a flaw in the SSH protocol message handling, which allows an attacker with network access to execute arbitrary code on the server without authentication. Specifically, the vulnerability enables a malicious actor to send connection protocol messages before authentication takes place. Successful exploitation could lead to full compromise of the host, unauthorized access, manipulation of sensitive data, or denial-of-service attacks.

I am unable to provide a description for CVE-2025-32355 as no information regarding this specific CVE could be found in popular articles or public databases at this time. It is possible that the CVE identifier is incorrect, or the vulnerability has not yet been publicly disclosed or widely discussed.

CVE-2025-9793 describes a SQL injection vulnerability found in version 1.0 of the Apartment Management System. Specifically, the flaw exists within the `/setting/admin.php` file. Attackers can exploit this vulnerability by manipulating the 'ddlBranch' argument, which allows them to execute unauthorized SQL commands. Successful exploitation of this vulnerability could enable an attacker to manipulate or extract database information, potentially bypass authentication mechanisms, and gain unauthorized access to the application's backend database. This could compromise the confidentiality, integrity, and availability of the system.

CVE-2024-7694 describes a file upload vulnerability found in TeamT5's ThreatSonar Anti-Ransomware. The core of this vulnerability lies in the product's insufficient validation of uploaded file content. This flaw enables remote attackers who possess administrator privileges on the product platform to upload malicious files. Once a malicious file is uploaded, it can be leveraged to execute arbitrary system commands on the affected server. This vulnerability has been added to the CISA Known Exploited Vulnerabilities (KEV) Catalog, indicating that it has been actively exploited in real-world scenarios.

CVE-2020-7796 is a Server-Side Request Forgery (SSRF) vulnerability identified in Zimbra Collaboration Suite (ZCS) versions prior to 8.8.15 Patch 7. This flaw specifically arises when the WebEx zimlet is installed and the zimlet JSP is enabled within the ZCS environment. Exploitation of this vulnerability allows an attacker to send unauthorized requests to a server. This can potentially enable access to sensitive information or resources that would typically be protected by firewalls or other security measures.

CVE-2025-68947 is a driver vulnerability found in NSecsoft's NSecKrnl Windows driver. This flaw allows a local, authenticated attacker to terminate processes belonging to other users, including those running as SYSTEM or designated as Protected Processes. This is achieved by sending specially crafted Input/Output Control (IOCTL) requests to the driver. The vulnerability is categorized under CWE-862 (Missing Authorization), indicating that the NSecKrnl driver fails to properly validate the authorization of requests to terminate processes. This issue presents a "Bring Your Own Vulnerable Driver" (BYOVD) attack surface, which can be leveraged by threat actors to disable endpoint security solutions and other critical system processes. For instance, the Black Basta ransomware has been observed utilizing this vulnerability.

CVE-2025-8088 is a path traversal vulnerability affecting the Windows version of WinRAR. It allows attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild. It was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET. The vulnerability was exploited in phishing attacks to deliver RomCom malware. The attackers can trick the program into saving a file in a different location than the user intended, such as the computer's Startup folder. This allows the attackers to execute their own code. WinRAR patched the vulnerability in version 7.13.

CVE-2025-31125 is an arbitrary file read vulnerability that affects Vite, a frontend tooling framework for JavaScript. The vulnerability exists because Vite exposes the content of non-allowed files when using `?inline&import` or `?raw?import`. Exploitation is possible if the Vite development server is exposed to the network using the `--host` or `server.host` configuration options. An unauthenticated attacker can exploit this vulnerability by crafting malicious HTTP requests to read arbitrary files on the server, potentially leading to sensitive information leakage. Users can mitigate this vulnerability by updating to versions 6.2.4, 6.1.3, 6.0.13, 5.4.16, or 4.5.11. If upgrading is not immediately feasible, restricting access to the Vite development server can provide temporary relief.

CVE-2024-43468 is a SQL injection vulnerability affecting Microsoft Configuration Manager (SCCM). It allows an unauthenticated attacker with network access to a Management Point to execute arbitrary SQL queries on the site database. The vulnerability stems from the lack of proper sanitization of externally influenced input when constructing SQL commands. Successful exploitation grants the attacker unauthorized access to the SQL server database with the same privileges as the SCCM process, potentially leading to remote code execution, malware deployment, credential theft, and lateral movement within the network.