February 2025 – Page 9 – TheCyberThrone

CVE-2025-0994 affects Trimble Cityworks

CVE-2025-0994 is a serious security vulnerability affecting Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10. This vulnerability can lead to remote code execution,…

PravinKarthik February 7, 2025

CVE-2025-23419 impacts Nginx Server

CVE-2025-23419 is a security vulnerability that arises when multiple server blocks in an Nginx configuration share the same IP address and port. An attacker can exploit this vulnerability by using…

PravinKarthik February 7, 2025

CISA KEV Catalog Update Part III- February 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) Catalog, adding five new vulnerabilities that are actively being exploited in the wild. These vulnerabilities…

PravinKarthik February 7, 2025

Cisco fixes Twin ISE Vulnerabilities

Cisco has recently addressed two critical vulnerabilities in its Identity Services Engine (ISE), identified as CVE-2025-20124 and CVE-2025-20125. These vulnerabilities pose significant security risks, as they could allow attackers to…

PravinKarthik February 6, 2025

CVE-2024-56161 impacts AMD SEV-SNP Microcode

Background CVE-2024-56161 is an improper signature verification vulnerability found in the AMD CPU ROM microcode patch loader. This vulnerability enables an attacker with local administrator privileges to load malicious CPU…

PravinKarthik February 6, 2025

CVE-2024-53104 Linux Kernel Flaw Added to CISA’s KEV Catalog

On February 5, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2024-53104 to its Known Exploited Vulnerabilities (KEV) Catalog. This addition highlights the critical nature of this vulnerability and…

PravinKarthik February 6, 2025

CVE-2025-21293 PoC Exploit Code Released

Vulnerability Overview CVE-2025-21293 is an elevation of privilege vulnerability in Active Directory Domain Services. The vulnerability arises from excessive permissions granted to the Network Configuration Operators group, which can be…

PravinKarthik February 6, 2025

Google Chrome 133 Stable Channel Released

On February 4, 2025, Google released Chrome 133, which includes several crucial security bug fixes aimed at enhancing the browser's security and protecting users from potential exploits. Here is a…

PravinKarthik February 5, 2025