Overview CVE-2025-64715 is a medium-severity vulnerability affecting Cilium, a networking, observability, and security solution that leverages an eBPF-based dataplane. This vulnerability impacts CiliumNetworkPolicys that utilize egress.toGroups.aws.securityGroupsIds. When these policies reference AWS security group IDs that are either non-existent or not attached to any network interface, they can unintentionally permit broader outbound access than intended by the policy author. Technical Details The vulnerability stems from the failure to generate the toCIDRset section of the derived Cilium network policy when the referenced AWS security group IDs are invalid or unattached. Without the toCIDRset constraints, outbound traffic may be permitted to a wider…

Overview CVE-2025-13683 is a security vulnerability affecting Devolutions Server and Remote Desktop Manager (RDM) on Windows. This vulnerability allows for the potential exposure of credentials in unintended requests. Specifically, versions of Devolutions Server up to and including 2025.3.8.0, and Remote Desktop Manager up to and including 2025.3.23.0 are affected. This exposure could allow unauthorized access to sensitive systems and data. Technical Details The vulnerability stems from how Devolutions Server and Remote Desktop Manager handle certain requests. Under specific conditions, the application might inadvertently include user credentials or other sensitive information within requests that are not intended to have them. This…

Overview CVE-2025-12183 describes a critical vulnerability affecting the org.lz4:lz4-java library, versions 1.8.0 and earlier. This flaw allows remote attackers to trigger out-of-bounds memory operations by providing crafted, untrusted compressed input. Exploitation can lead to a denial-of-service (DoS) condition and potentially enable the reading of adjacent memory, potentially exposing sensitive information. Technical Details The vulnerability stems from insufficient bounds checking during the decompression process. When processing maliciously crafted compressed data, the lz4-java library attempts to access memory locations outside the allocated buffer. This out-of-bounds access can corrupt memory, crash the application, or, in more severe cases, allow an attacker to read…

Overview A medium-severity vulnerability, identified as CVE-2025-59792, affects Apache Kvrocks versions 1.0.0 through 2.13.0. This flaw allows attackers to potentially capture plaintext credentials due to insufficient sanitization when using the MONITOR command. This can lead to unauthorized access and data breaches. Technical Details The MONITOR command in Apache Kvrocks is designed to provide a real-time stream of commands processed by the server. However, a security vulnerability exists where the output of the MONITOR command might reveal sensitive information, including plaintext credentials if they are being passed as part of the Redis protocol commands. Attackers with sufficient privileges to execute the…

Overview This article details CVE-2025-59790, a critical Improper Privilege Management vulnerability affecting Apache Kvrocks, a key-value storage database that uses RocksDB as a storage engine. This vulnerability exists in versions v2.9.0 through v2.13.0. Users are strongly encouraged to upgrade to version 2.14.0 to mitigate this risk. Technical Details CVE-2025-59790 stems from a flaw in how Apache Kvrocks manages user privileges. This improper handling could allow an attacker with limited access to elevate their privileges and potentially gain unauthorized control over the Kvrocks instance. The specifics of the vulnerable code are not publicly available at this time beyond the vulnerability description.…

Overview A file upload vulnerability, identified as CVE-2025-51736, has been discovered in HCL Technologies Ltd. Unica version 12.0.0. This vulnerability could potentially allow an attacker to upload malicious files to the server, leading to code execution and other severe consequences. While the severity and CVSS score are currently listed as ‘N/A’, it’s crucial to understand and address this issue proactively. Technical Details The vulnerability resides in the file upload functionality of HCL Unica 12.0.0. Without proper validation and sanitization of uploaded files, an attacker could bypass security measures and upload arbitrary files with executable extensions (e.g., .php, .jsp, .asp). These…

Overview CVE-2025-51735 describes a CSV (Comma Separated Values) formula injection vulnerability found in HCL Technologies Ltd.’s Unica version 12.0.0. This vulnerability allows an attacker to inject malicious formulas into CSV files generated by the application. When these files are opened by a user in spreadsheet software (like Microsoft Excel or Google Sheets), the injected formulas can be executed, potentially leading to information disclosure, arbitrary code execution, or other malicious actions. Technical Details CSV injection occurs when user-controlled data is included in a CSV file without proper sanitization or escaping. Spreadsheet applications interpret certain strings as formulas, beginning with characters such…

Overview A cross-site scripting (XSS) vulnerability has been identified in HCL Technologies Ltd. Unica 12.0.0. This vulnerability, tracked as CVE-2025-51734, could allow attackers to inject malicious scripts into the browser of unsuspecting users, potentially leading to data theft, session hijacking, or website defacement. This article provides a detailed analysis of the vulnerability, its potential impact, and steps you can take to mitigate the risk. Technical Details The XSS vulnerability in HCL Unica 12.0.0 is a [Specify Type of XSS if available e.g., Stored/Reflected/DOM-based] vulnerability. While specific details of the vulnerable component are not publicly available (beyond the reference link), XSS…

Overview A Cross-Site Request Forgery (CSRF) vulnerability, identified as CVE-2025-51733, has been discovered in HCL Technologies Ltd.’s Unica 12.0.0. This vulnerability could allow an attacker to trick a user into performing actions on the Unica application without their knowledge or consent. This article provides a detailed overview of the vulnerability, its potential impact, and recommended mitigation steps. Technical Details CVE-2025-51733 is a CSRF vulnerability. CSRF vulnerabilities arise when a web application doesn’t adequately verify that a request was intentionally initiated by the authenticated user. An attacker can exploit this by crafting malicious HTML code (e.g., embedded in an email or…

Overview CVE-2025-12638 identifies a critical path traversal vulnerability affecting Keras version 3.11.3. This flaw resides within the keras.utils.get_file() function, specifically during the extraction of tar archives. Due to insufficient security measures during extraction, malicious actors can potentially write files outside the intended extraction directory, leading to system compromise. Technical Details The vulnerability stems from the usage of Python’s tarfile.extractall() method in keras.utils.get_file() without employing the crucial filter='data' parameter. While Keras attempts to mitigate risks using the filter_safe_paths() function, a critical race condition exists. The filtering happens before the extraction, and a PATH_MAX symlink resolution bug is triggered during the extraction…