CVE-2025-32719 Windows Storage Management Provider Information Disclosure Vulnerability
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-32718 Windows SMB Client Elevation of Privilege Vulnerability
Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally.
CVE-2025-30399 .NET and Visual Studio Remote Code Execution Vulnerability
Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network.
CVE-2025-32712 Win32k Elevation of Privilege Vulnerability
Use after free in Windows Win32K – GRFX allows an authorized attacker to elevate privileges locally.
CVE-2025-33052 Windows DWM Core Library Information Disclosure Vulnerability
Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally.
MicroDicom DICOM Viewer
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: MicroDicom Equipment: DICOM Viewer Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following MicroDicom products are affected: […]
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems (ICS) advisories on June 10, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-160-01 SinoTrack GPS Receiver ICSA-25-160-02 Hitachi Energy Relion 670, 650, SAM600-IO Series ICSMA-25-160-01 MicroDicom DICOM Viewer ICSA-25-140-11 Assured Telematics Inc (ATI) Fleet Management System (Update A) CISA encourages users […]
Hitachi Energy Relion 670, 650, SAM600-IO Series
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION: Exploitable remotely Vendor: Hitachi Energy Equipment: Relion 670, 650, SAM600-IO Series Vulnerability: Observable Discrepancy 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to decrypt application data in transit. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Hitachi Energy reports that the following products are […]
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-24016 Wazuh Server Deserialization of Untrusted Data Vulnerability CVE-2025-33053 Web Distributed Authoring and Versioning (WebDAV) External Control of File Name or Path Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose […]
SinoTrack GPS Receiver
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: SinoTrack Equipment: All Known SinoTrack Devices Vulnerabilities: Weak Authentication, Observable Response Discrepency 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access device profiles without authorization through the common web management interface. Access to the device profile […]
