Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Siemens SIDIS Prime

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIDIS Prime Vulnerabilities: Race Condition Enabling Link Following, Improper Validation of Integrity Check Value, Unchecked Input for Loop Condition, Expected Behavior Violation, Incorrect Provision of Specified Functionality, Heap-based Buffer Overflow, Cleartext Transmission of Sensitive Information, Use After Free, NULL Pointer Dereference, Exposure of Sensitive Information to an Unauthorized Actor, Out-of-bounds Write, Improper Input Validation, Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of these vulnerabilities coul...

us-cert
Open in Source
#sql#vulnerability#web#mac#windows#microsoft#dos#js#rce#perl#buffer_overflow#auth#ssl
WhatsApp for Windows vulnerable to attacks. Update now!

If you use WhatsApp for Windows, you'll want to make sure you're on the latest version.

PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware

Microsoft has revealed that a now-patched security flaw impacting the Windows Common Log File System (CLFS) was exploited as a zero-day in ransomware attacks aimed at a small number of targets. "The targets include organizations in the information technology (IT) and real estate sectors of the United States, the financial sector in Venezuela, a Spanish software company, and the retail sector in

Microsoft Patches 126 Flaws Including Actively Exploited Windows CLFS Vulnerability

Microsoft has released security fixes to address a massive set of 126 flaws affecting its software products, including one vulnerability that it said has been actively exploited in the wild. Of the 126 vulnerabilities, 11 are rated Critical, 112 are rated Important, and two are rated Low in severity. Forty-nine of these vulnerabilities are classified as privilege escalation, 34 as remote code

Patch Tuesday, April 2025 Edition

Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of those flaws earned Microsoft's most-dire "critical" rating, meaning malware or malcontents could exploit them with little to no interaction from Windows users.

Microsoft Patch Tuesday for April 2025 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for April of 2025 which includes 126 vulnerabilities affecting a range of products, including 11 that Microsoft has marked as “critical”.

WhatsApp for Windows Flaw Could Let Hackers Sneak In Malicious Files

If you use WhatsApp Desktop on Windows, listen up! A flaw in WhatsApp for Windows (CVE-2025-30401) let attackers disguise malicious files as safe ones. Update to version 2.2450.6 or later to stay secure.

CVE-2025-29819: Windows Admin Center in Azure Portal Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability includes unauthorized read-only access to the local file system.