February 2025 – Page 6 – TheCyberThrone

CVE-2025-1240 impacts WinZip with a RCE

CVE-2025-1240 is a critical security vulnerability affecting the popular file compression software WinZip. This vulnerability presents significant risks to users by allowing remote attackers to execute arbitrary code on affected…

PravinKarthik February 15, 2025

CVE-2025-1094 impacts PostgreSQL with SQL Injection

CVE-2025-1094 is a critical security vulnerability affecting the PostgreSQL interactive tool psql. This vulnerability presents significant risks to the integrity and security of database systems using PostgreSQL. Nature of the…

PravinKarthik February 15, 2025

CVE-2024-32838 impacts Apache Fineract with SQL injection

CVE-2024-32838 is a critical security vulnerability affecting Apache Fineract, a popular open-source core banking platform. This vulnerability presents significant risks to the integrity and security of financial institutions using the…

PravinKarthik February 14, 2025

CISA adds SimpleHelp Vulnerability to KEV Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has recently added the SimpleHelp Path Traversal Vulnerability (CVE-2024-57727) to its Known Exploited Vulnerabilities (KEV) Catalog. This vulnerability presents significant risks to organizations…

PravinKarthik February 14, 2025

Mustang Panda Exploits Windows GUI Vulnerability

A recently discovered vulnerability in the Microsoft Windows GUI (Graphical User Interface) is being actively exploited by the Mustang Panda threat group, which is believed to have connections to Chinese…

PravinKarthik February 14, 2025

CVE-2025-0108 impacts PaloAlto PAN-OS

CVE-2025-0108 is a high-severity vulnerability affecting Palo Alto Networks PAN-OS software. Description CVE-2025-0108 is an authentication bypass vulnerability in the PAN-OS management web interface. This flaw allows an unauthenticated attacker…

PravinKarthik February 13, 2025

CVE-2025-1146 impacts selected CrowdStrike Falcon Sensors

CVE-2025-1146 is a significant security vulnerability affecting CrowdStrike Falcon sensors for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor. This vulnerability presents a critical risk to the integrity and…

PravinKarthik February 13, 2025

CISA KEV Catalog Update Part VI – February 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has recently added two significant vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. These vulnerabilities, affecting Mitel and Apple products, have been actively…

PravinKarthik February 13, 2025