ISHACK AI BOT

Oracle Linux: CVE-2024-12797: ELSA-2025-1330:openssl security update (IMPORTANT) (Multiple Advisories) Severity 7 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:N) Published 02/11/2025 Created 02/15/2025 Added 02/13/2025 Modified 02/13/2025 Description A flaw was found in OpenSSL's RFC7250 Raw Public Key (RPK) authentication. This vulnerability allows man-in-the-middle (MITM) attacks via failure to abort TLS/DTLS handshakes when the server's RPK does not match the expected key despite the SSL_VERIFY_PEER verification mode being set. Solution(s) oracle-linux-upgrade-openssl oracle-linux-upgrade-openssl-devel oracle-linux-upgrade-openssl-libs oracle-linux-upgrade-openssl-perl References https://attackerkb.com/topics/cve-2024-12797 CVE - 2024-12797 ELSA-2025-1330

FreeBSD: VID-D598266D-7772-4A31-9594-83B76B1FB837 (CVE-2024-39355): Intel CPUs -- multiple vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/11/2025 Created 02/15/2025 Added 02/13/2025 Modified 02/13/2025 Description Improper handling of physical or environmental conditions in some Intel(R) Processors may allow an authenticated user to enable denial of service via local access. Solution(s) freebsd-upgrade-package-cpu-microcode-intel References CVE-2024-39355

Microsoft Windows: CVE-2025-21407: Windows Telephony Service Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 02/11/2025 Created 02/12/2025 Added 02/11/2025 Modified 02/11/2025 Description Microsoft Windows: CVE-2025-21407: Windows Telephony Service Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5052040 microsoft-windows-windows_10-1607-kb5052006 microsoft-windows-windows_10-1809-kb5052000 microsoft-windows-windows_10-21h2-kb5051974 microsoft-windows-windows_10-22h2-kb5051974 microsoft-windows-windows_11-22h2-kb5051989 microsoft-windows-windows_11-23h2-kb5051989 microsoft-windows-windows_11-24h2-kb5051987 microsoft-windows-windows_server_2012-kb5052020 microsoft-windows-windows_server_2012_r2-kb5052042 microsoft-windows-windows_server_2016-1607-kb5052006 microsoft-windows-windows_server_2019-1809-kb5052000 microsoft-windows-windows_server_2022-21h2-kb5051979 microsoft-windows-windows_server_2022-22h2-kb5051979 microsoft-windows-windows_server_2022-23h2-kb5051980 microsoft-windows-windows_server_2025-24h2-kb5051987 References https://attackerkb.com/topics/cve-2025-21407 CVE - 2025-21407 https://support.microsoft.com/help/5051974 https://support.microsoft.com/help/5051979 https://support.microsoft.com/help/5051980 https://support.microsoft.com/help/5051987 https://support.microsoft.com/help/5051989 https://support.microsoft.com/help/5052000 https://support.microsoft.com/help/5052006 https://support.microsoft.com/help/5052020 https://support.microsoft.com/help/5052040 https://support.microsoft.com/help/5052042 View more

Microsoft Windows: CVE-2025-21254: Internet Connection Sharing (ICS) Denial of Service Vulnerability Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 02/11/2025 Created 02/12/2025 Added 02/11/2025 Modified 02/11/2025 Description Microsoft Windows: CVE-2025-21254: Internet Connection Sharing (ICS) Denial of Service Vulnerability Solution(s) microsoft-windows-windows_10-1607-kb5052006 microsoft-windows-windows_10-1809-kb5052000 microsoft-windows-windows_10-21h2-kb5051974 microsoft-windows-windows_10-22h2-kb5051974 microsoft-windows-windows_11-22h2-kb5051989 microsoft-windows-windows_11-23h2-kb5051989 microsoft-windows-windows_11-24h2-kb5051987 microsoft-windows-windows_server_2016-1607-kb5052006 microsoft-windows-windows_server_2019-1809-kb5052000 microsoft-windows-windows_server_2022-21h2-kb5051979 microsoft-windows-windows_server_2022-22h2-kb5051979 microsoft-windows-windows_server_2022-23h2-kb5051980 microsoft-windows-windows_server_2025-24h2-kb5051987 References https://attackerkb.com/topics/cve-2025-21254 CVE - 2025-21254 https://support.microsoft.com/help/5051974 https://support.microsoft.com/help/5051979 https://support.microsoft.com/help/5051980 https://support.microsoft.com/help/5051987 https://support.microsoft.com/help/5051989 https://support.microsoft.com/help/5052000 https://support.microsoft.com/help/5052006 View more

Microsoft Office: CVE-2025-21386: Microsoft Excel Remote Code Execution Vulnerability Severity 6 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 02/11/2025 Created 02/12/2025 Added 02/11/2025 Modified 02/11/2025 Description Microsoft Office: CVE-2025-21386: Microsoft Excel Remote Code Execution Vulnerability Solution(s) microsoft-excel_2016-kb5002687 microsoft-office_online_server-kb5002679 office-click-to-run-upgrade-latest References https://attackerkb.com/topics/cve-2025-21386 CVE - 2025-21386 https://support.microsoft.com/help/5002679 https://support.microsoft.com/help/5002687

Microsoft Windows: CVE-2025-21377: NTLM Hash Disclosure Spoofing Vulnerability Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 02/11/2025 Created 02/12/2025 Added 02/11/2025 Modified 02/11/2025 Description Microsoft Windows: CVE-2025-21377: NTLM Hash Disclosure Spoofing Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5052040 microsoft-windows-windows_10-1607-kb5052006 microsoft-windows-windows_10-1809-kb5052000 microsoft-windows-windows_10-21h2-kb5051974 microsoft-windows-windows_10-22h2-kb5051974 microsoft-windows-windows_11-22h2-kb5051989 microsoft-windows-windows_11-23h2-kb5051989 microsoft-windows-windows_11-24h2-kb5051987 microsoft-windows-windows_server_2012-kb5052020 microsoft-windows-windows_server_2012_r2-kb5052042 microsoft-windows-windows_server_2016-1607-kb5052006 microsoft-windows-windows_server_2019-1809-kb5052000 microsoft-windows-windows_server_2022-21h2-kb5051979 microsoft-windows-windows_server_2022-22h2-kb5051979 microsoft-windows-windows_server_2022-23h2-kb5051980 microsoft-windows-windows_server_2025-24h2-kb5051987 References https://attackerkb.com/topics/cve-2025-21377 CVE - 2025-21377 https://support.microsoft.com/help/5051974 https://support.microsoft.com/help/5051979 https://support.microsoft.com/help/5051980 https://support.microsoft.com/help/5051987 https://support.microsoft.com/help/5051989 https://support.microsoft.com/help/5052000 https://support.microsoft.com/help/5052006 https://support.microsoft.com/help/5052020 https://support.microsoft.com/help/5052040 https://support.microsoft.com/help/5052042 View more

Ivanti Pulse Connect Secure: February Security Advisory Ivanti Connect Secure (ICS),Ivanti Policy Secure (IPS) and Ivanti Secure Access Client (ISAC) (Multiple CVEs) Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 02/11/2025 Created 02/13/2025 Added 02/12/2025 Modified 02/12/2025 Description A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote authenticated attacker to achieve remote code execution. Solution(s) pulse-secure-pulse-connect-secure-upgrade-22_7r2_6 References https://attackerkb.com/topics/cve-2025-22467 CVE - 2025-22467 https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US

Microsoft Windows: CVE-2025-21208: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 02/11/2025 Created 02/12/2025 Added 02/11/2025 Modified 02/11/2025 Description Microsoft Windows: CVE-2025-21208: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_server_2012-kb5052020 microsoft-windows-windows_server_2012_r2-kb5052042 microsoft-windows-windows_server_2016-1607-kb5052006 microsoft-windows-windows_server_2019-1809-kb5052000 microsoft-windows-windows_server_2022-21h2-kb5051979 microsoft-windows-windows_server_2022-22h2-kb5051979 microsoft-windows-windows_server_2022-23h2-kb5051980 microsoft-windows-windows_server_2025-24h2-kb5051987 References https://attackerkb.com/topics/cve-2025-21208 CVE - 2025-21208 https://support.microsoft.com/help/5051979 https://support.microsoft.com/help/5051980 https://support.microsoft.com/help/5051987 https://support.microsoft.com/help/5052000 https://support.microsoft.com/help/5052006 https://support.microsoft.com/help/5052020 https://support.microsoft.com/help/5052042 View more

Microsoft Windows: CVE-2025-21352: Internet Connection Sharing (ICS) Denial of Service Vulnerability Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 02/11/2025 Created 02/12/2025 Added 02/11/2025 Modified 02/11/2025 Description Microsoft Windows: CVE-2025-21352: Internet Connection Sharing (ICS) Denial of Service Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5052040 microsoft-windows-windows_10-1607-kb5052006 microsoft-windows-windows_10-1809-kb5052000 microsoft-windows-windows_10-21h2-kb5051974 microsoft-windows-windows_10-22h2-kb5051974 microsoft-windows-windows_11-22h2-kb5051989 microsoft-windows-windows_11-23h2-kb5051989 microsoft-windows-windows_11-24h2-kb5051987 microsoft-windows-windows_server_2012-kb5052020 microsoft-windows-windows_server_2012_r2-kb5052042 microsoft-windows-windows_server_2016-1607-kb5052006 microsoft-windows-windows_server_2019-1809-kb5052000 microsoft-windows-windows_server_2022-21h2-kb5051979 microsoft-windows-windows_server_2022-22h2-kb5051979 microsoft-windows-windows_server_2022-23h2-kb5051980 microsoft-windows-windows_server_2025-24h2-kb5051987 References https://attackerkb.com/topics/cve-2025-21352 CVE - 2025-21352 https://support.microsoft.com/help/5051974 https://support.microsoft.com/help/5051979 https://support.microsoft.com/help/5051980 https://support.microsoft.com/help/5051987 https://support.microsoft.com/help/5051989 https://support.microsoft.com/help/5052000 https://support.microsoft.com/help/5052006 https://support.microsoft.com/help/5052020 https://support.microsoft.com/help/5052040 https://support.microsoft.com/help/5052042 View more

Microsoft Windows: CVE-2025-21379: DHCP Client Service Remote Code Execution Vulnerability Severity 6 CVSS (AV:A/AC:H/Au:N/C:C/I:C/A:C) Published 02/11/2025 Created 02/12/2025 Added 02/11/2025 Modified 02/11/2025 Description Microsoft Windows: CVE-2025-21379: DHCP Client Service Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_11-24h2-kb5051987 microsoft-windows-windows_server_2025-24h2-kb5051987 References https://attackerkb.com/topics/cve-2025-21379 CVE - 2025-21379 https://support.microsoft.com/help/5051987

Microsoft Windows: CVE-2025-21179: DHCP Client Service Denial of Service Vulnerability Severity 4 CVSS (AV:A/AC:H/Au:N/C:N/I:N/A:C) Published 02/11/2025 Created 02/12/2025 Added 02/11/2025 Modified 02/11/2025 Description Microsoft Windows: CVE-2025-21179: DHCP Client Service Denial of Service Vulnerability Solution(s) microsoft-windows-windows_11-24h2-kb5051987 microsoft-windows-windows_server_2025-24h2-kb5051987 References https://attackerkb.com/topics/cve-2025-21179 CVE - 2025-21179 https://support.microsoft.com/help/5051987

Microsoft SharePoint: CVE-2025-21400: Microsoft SharePoint Server Remote Code Execution Vulnerability Severity 8 CVSS (AV:N/AC:M/Au:S/C:C/I:C/A:C) Published 02/11/2025 Created 02/12/2025 Added 02/11/2025 Modified 02/11/2025 Description Microsoft SharePoint: CVE-2025-21400: Microsoft SharePoint Server Remote Code Execution Vulnerability Solution(s) microsoft-sharepoint-sharepoint_2016-kb5002685 microsoft-sharepoint-sharepoint_2019-kb5002678 microsoft-sharepoint-sharepoint_server_subscription_edition-kb5002681 References https://attackerkb.com/topics/cve-2025-21400 CVE - 2025-21400 https://support.microsoft.com/help/5002678 https://support.microsoft.com/help/5002681 https://support.microsoft.com/help/5002685

Microsoft Edge Chromium: CVE-2025-21408 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/07/2025 Created 02/11/2025 Added 02/07/2025 Modified 02/10/2025 Description Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2025-21408 CVE - 2025-21408 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21408

Microsoft Edge Chromium: CVE-2025-21267 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/07/2025 Created 02/11/2025 Added 02/07/2025 Modified 02/10/2025 Description Microsoft Edge (Chromium-based) Spoofing Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2025-21267 CVE - 2025-21267 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21267

F5 Networks: CVE-2025-24326: K000140950: BIG-IP ASM BADoS vulnerability CVE-2025-24326 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/06/2025 Created 02/07/2025 Added 02/06/2025 Modified 02/10/2025 Description When BIG-IP Advanced WAF/ASM Behavioral DoS (BADoS) TLS Signatures feature is configured, undisclosed traffic can case an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2025-24326 CVE - 2025-24326 https://my.f5.com/manage/s/article/K000140950

Rocky Linux: CVE-2025-23085: nodejs-18 (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/07/2025 Created 02/15/2025 Added 02/14/2025 Modified 02/14/2025 Description A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x. Solution(s) rocky-upgrade-nodejs rocky-upgrade-nodejs-debuginfo rocky-upgrade-nodejs-debugsource rocky-upgrade-nodejs-devel rocky-upgrade-nodejs-full-i18n rocky-upgrade-npm References https://attackerkb.com/topics/cve-2025-23085 CVE - 2025-23085 https://errata.rockylinux.org/RLSA-2025:1351 https://errata.rockylinux.org/RLSA-2025:1443 https://errata.rockylinux.org/RLSA-2025:1446

Red Hat: CVE-2025-23085: nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 02/07/2025 Created 02/14/2025 Added 02/13/2025 Modified 02/14/2025 Description A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x. Solution(s) redhat-upgrade-nodejs redhat-upgrade-nodejs-debuginfo redhat-upgrade-nodejs-debugsource redhat-upgrade-nodejs-devel redhat-upgrade-nodejs-docs redhat-upgrade-nodejs-full-i18n redhat-upgrade-nodejs-nodemon redhat-upgrade-nodejs-packaging redhat-upgrade-nodejs-packaging-bundler redhat-upgrade-npm References CVE-2025-23085 RHSA-2025:1351 RHSA-2025:1443 RHSA-2025:1446

OS X update for WebKit (CVE-2024-27859) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/06/2025 Created 02/07/2025 Added 02/06/2025 Modified 02/12/2025 Description The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, macOS Sonoma 14.4. Processing web content may lead to arbitrary code execution. Solution(s) apple-osx-upgrade-14_4 References https://attackerkb.com/topics/cve-2024-27859 CVE - 2024-27859 https://support.apple.com/en-us/120895

F5 Networks: CVE-2025-23415: K000139656: BIG-IP APM endpoint inspection vulnerability CVE-2025-23415 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/06/2025 Created 02/07/2025 Added 02/06/2025 Modified 02/10/2025 Description An insufficient verification of data authenticity vulnerability exists in BIG-IP APM Access Policy endpoint inspection that may allow an attacker to bypass endpoint inspection checks for VPN connection initiated thru BIG-IP APM browser network access VPN client for Windows, macOS and Linux. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2025-23415 CVE - 2025-23415 https://my.f5.com/manage/s/article/K000139656

F5 Networks: CVE-2025-22891: K000139778: BIG-IP PEM vulnerability CVE-2025-22891 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/06/2025 Created 02/07/2025 Added 02/06/2025 Modified 02/10/2025 Description When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client connections and an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2025-22891 CVE - 2025-22891 https://my.f5.com/manage/s/article/K000139778

F5 Networks: CVE-2025-20045: K000138932: BIG-IP SIP ALG profile vulnerability CVE-2025-20045 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/06/2025 Created 02/07/2025 Added 02/06/2025 Modified 02/10/2025 Description When SIP session Application Level Gateway mode (ALG) profile with Passthru Mode enabled and SIP router ALG profile are configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2025-20045 CVE - 2025-20045 https://my.f5.com/manage/s/article/K000138932

SUSE: CVE-2025-22866: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/06/2025 Created 02/13/2025 Added 02/12/2025 Modified 02/12/2025 Description Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Due to the way this function is used, we do not believe this leakage is enough to allow recovery of the private key when P-256 is used in any well known protocols. Solution(s) suse-upgrade-go1-22 suse-upgrade-go1-22-doc suse-upgrade-go1-22-race suse-upgrade-go1-23 suse-upgrade-go1-23-doc suse-upgrade-go1-23-race suse-upgrade-go1-24 suse-upgrade-go1-24-doc suse-upgrade-go1-24-race suse-upgrade-govulncheck-vulndb References https://attackerkb.com/topics/cve-2025-22866 CVE - 2025-22866

Apple Safari security update for CVE-2024-54658 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/06/2025 Created 02/07/2025 Added 02/06/2025 Modified 02/12/2025 Description The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, Safari 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, macOS Sonoma 14.4. Processing web content may lead to a denial-of-service. Solution(s) apple-safari-upgrade-17_4 apple-safari-windows-uninstall References https://attackerkb.com/topics/cve-2024-54658 CVE - 2024-54658 http://support.apple.com/en-us/120894

Debian: CVE-2023-52924: linux -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/06/2025 Created 02/07/2025 Added 02/06/2025 Modified 02/10/2025 Description In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: don't skip expired elements during walk There is an asymmetry between commit/abort and preparation phase if the following conditions are met: 1. set is a verdict map ("1.2.3.4 : jump foo") 2. timeouts are enabled In this case, following sequence is problematic: 1. element E in set S refers to chain C 2. userspace requests removal of set S 3. kernel does a set walk to decrement chain->use count for all elements from preparation phase 4. kernel does another set walk to remove elements from the commit phase (or another walk to do a chain->use increment for all elements from abort phase) If E has already expired in 1), it will be ignored during list walk, so its use count won't have been changed. Then, when set is culled, ->destroy callback will zap the element via nf_tables_set_elem_destroy(), but this function is only safe for elements that have been deactivated earlier from the preparation phase: lack of earlier deactivate removes the element but leaks the chain use count, which results in a WARN splat when the chain gets removed later, plus a leak of the nft_chain structure. Update pipapo_get() not to skip expired elements, otherwise flush command reports bogus ENOENT errors. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-52924 CVE - 2023-52924

F5 Networks: CVE-2025-20029: K000148587: BIG-IP iControl REST and tmsh vulnerability CVE-2025-20029 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/06/2025 Created 02/07/2025 Added 02/06/2025 Modified 02/10/2025 Description Command injection vulnerability exists in iControl REST and BIG-IP TMOS Shell (tmsh) save command, which may allow an authenticated attacker to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2025-20029 CVE - 2025-20029 https://my.f5.com/manage/s/article/K000148587