Trending now

CVE-2025-7775 is a memory overflow vulnerability that affects Citrix NetScaler ADC and NetScaler Gateway. It can lead to remote code execution (RCE) and/or denial of service (DoS). The vulnerability exists when NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or as an AAA virtual server. It also affects load balancing (LB) virtual servers of types HTTP, SSL, or HTTP_QUIC bound with IPv6 services or service groups, as well as DBS IPv6 services or CR virtual server with type HDX. Exploits of this vulnerability have been observed in the wild.

CVE-2025-53779 is a relative path traversal vulnerability affecting Windows Kerberos. It allows an authorized attacker to elevate privileges over a network. The vulnerability arises because the software constructs a pathname from external input without properly neutralizing sequences like ".." that could resolve to locations outside of the intended restricted directory. Exploitation involves relative path traversal in Windows Kerberos.

CVE-2025-37899 is a use-after-free vulnerability found in the ksmbd component of the Linux kernel, which is an in-kernel server implementing the SMB3 protocol for file sharing over networks. Specifically, the vulnerability exists in the session logoff handler. The vulnerability occurs because the `sess->user` object can be freed by one thread processing a logoff command while another thread, handling a new connection's session setup request, might still be accessing the same `sess->user` object. This concurrent access can lead to memory corruption and potentially allow attackers to execute arbitrary code with kernel privileges.

CVE-2025-43300 is an out-of-bounds write vulnerability that exists within Apple's Image I/O framework. The vulnerability can be triggered when a device processes a maliciously crafted image file, which can lead to memory corruption. Successful exploitation of this vulnerability can occur when a program writes data outside of an allocated memory buffer. This can result in the program crashing, data corruption, or potentially remote code execution. Apple has addressed this issue with improved bounds checking in multiple operating systems, including iOS 18.6.2, iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, and macOS Ventura 13.7.8.

CVE-2023-48409 is an out-of-bounds write vulnerability found in the `gpu_pixel_handle_buffer_liveness_update_ioctl` function within `private/google-modules/gpu/mali_kbase/mali_kbase_core_linux.c` in the Android kernel. The vulnerability stems from an integer overflow. Successful exploitation of this vulnerability could allow a local attacker to escalate their privileges without needing additional execution privileges or user interaction. The vulnerability can be triggered by writing data past the end of an intended buffer.

CVE-2025-27363 is a vulnerability found in FreeType versions 2.13.0 and below. It occurs when parsing font subglyph structures related to TrueType GX and variable font files. The issue stems from assigning a signed short value to an unsigned long, followed by adding a static value. This causes a wrap-around, resulting in a heap buffer that is too small being allocated. The vulnerability allows writing up to 6 signed long integers out of bounds relative to the undersized buffer. This out-of-bounds write can potentially lead to arbitrary code execution. It has been reported that this vulnerability may have been exploited in the wild.

CVE-2025-54309 is a vulnerability in CrushFTP versions before 10.8.5 and 11.3.4_23. It stems from improper validation of the AS2 (Applicability Statement 2) protocol over HTTPS when the DMZ proxy feature is not in use. This mishandling allows unauthenticated remote attackers to gain administrative access to the system. Specifically, the server fails to correctly validate remote requests made to AS2 endpoints, which allows attackers to forge requests that the system interprets as coming from a trusted source, bypassing authentication checks. By sending malicious AS2 payloads over HTTPS to the exposed CrushFTP endpoint, an attacker can send administrative commands and potentially escalate privileges to execute arbitrary commands.

CVE-2025-8088 is a path traversal vulnerability affecting the Windows version of WinRAR. It allows attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild. It was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET. The vulnerability was exploited in phishing attacks to deliver RomCom malware. The attackers can trick the program into saving a file in a different location than the user intended, such as the computer's Startup folder. This allows the attackers to execute their own code. WinRAR patched the vulnerability in version 7.13.

CVE-2025-48384 affects Git, a distributed revision control system. The vulnerability arises from how Git handles carriage return (CR) and line feed (LF) characters when reading and writing configuration values. Git strips trailing CRLF characters when reading a config value. However, when writing a config entry, values with a trailing CR are not quoted, leading to the CR being lost when the config is later read. This can lead to issues when initializing submodules. If a submodule path contains a trailing CR, the altered path (without the CR) is read, causing the submodule to be checked out to an incorrect location. If a symbolic link exists that points the altered path to the submodule's hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout, potentially leading to arbitrary code execution. This vulnerability is fixed in Git versions v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.

CVE-2025-31200 is a memory corruption vulnerability that exists in Apple's CoreAudio framework. This vulnerability can be triggered when processing an audio stream within a maliciously crafted media file. Successful exploitation of this vulnerability could allow for arbitrary code execution on the affected device. Apple has addressed this issue with improved bounds checking in tvOS 18.4.1, visionOS 2.4.1, iOS and iPadOS 18.4.1, and macOS Sequoia 15.4.1. It was reported that this vulnerability may have been exploited in targeted attacks against specific individuals.