Advisory Week


Week 1, 2025
National Cyber Awareness System
 
CISA Releases Four Industrial Control Systems Advisories
CISA Releases the Cybersecurity Performance Goals Adoption Report
Ivanti Releases Security Updates for Connect Secure, Policy Secure, and ZTA Gateways
CISA Adds One Vulnerability to the KEV Catalog
CISA Releases Two Industrial Control Systems Advisories
CISA Adds Three Known Exploited Vulnerabilities to Catalog
Mozilla Security Advisories
 
Security Vulnerabilities fixed in Firefox for iOS 134 mfsa2025-06
Security Vulnerabilities fixed in Firefox ESR 115.19 mfsa2025-03
Security Vulnerabilities fixed in Firefox ESR 128.6 mfsa2025-02
Security Vulnerabilities fixed in Firefox 134 mfsa2025-01
Security Vulnerabilities fixed in Thunderbird ESR 128.6 mfsa2025-05
Security Vulnerabilities fixed in Thunderbird 134 mfsa2025-04
Ubuntu Security Notices
 
Linux kernel (Real-time) vulnerabilities: USN-7169-5
rlottie vulnerabilities: USN-7198-1
Go Networking vulnerability: USN-7197-1
Linux kernel (Azure) vulnerabilities: USN-7185-2 / USN-7169-4 / USN-7196-1 / USN-7195-1 / USN-7194-1
Linux kernel vulnerabilities: USN-7186-2 / USN-7169-3 / USN-7167-2 / USN-7179-2 / USN-7185-1 / USN-7184-1 / USN-7183-1
Thunderbird vulnerability: USN-7193-1
xfpt vulnerability: USN-7192-1
Firefox vulnerabilities: USN-7191-1
Tinyproxy vulnerability: USN-7190-1 / USN-7140-2
HTMLDOC vulnerabilities: USN-7189-1
FFmpeg vulnerability: USN-7188-1
Linux kernel (GKE) vulnerabilities: USN-7179-3
Linux kernel (OEM) vulnerabilities: USN-7187-1
Linux kernel (Intel IoTG) vulnerabilities: USN-7186-1
Linux kernel (Raspberry Pi) vulnerabilities: USN-7159-5
Linux kernel (HWE) vulnerabilities: USN-7154-2
Ceph vulnerability: USN-7182-1
Salt vulnerability: USN-7181-1
Python vulnerabilities: USN-7180-1
Red Hat Security Advisory
 
Important: webkit2gtk3 security update: RHSA-2025:0226 / RHSA-2025:0146 / RHSA-2025:0145
Important: Red Hat build of Cryostat security update: RHSA-2025:0224
Important: dpdk security update: RHSA-2025:0222 / RHSA-2025:0221 / RHSA-2025:0220 / RHSA-2025:0211 / RHSA-2025:0210 / RHSA-2025:0209 / RHSA-2025:0208
Important: Red Hat OpenStack Platform 16.2 (openstack-ironic) security update: RHSA-2025:0204
Important: Red Hat OpenStack Platform 16.2 (etcd) security update: RHSA-2025:0203
Important: Red Hat OpenStack Platform 16.2 (python-waitress) security update: RHSA-2025:0201
Moderate: tuned security update: RHSA-2025:0195
Moderate: OpenShift Container Platform 4.14.44 bug fix and security update: RHSA-2025:0029
Important: iperf3 security update: RHSA-2025:0168 / RHSA-2025:0161
Important: thunderbird security update: RHSA-2025:0167 / RHSA-2025:0166 / RHSA-2025:0165 / RHSA-2025:0147
Moderate: Red Hat OpenShift Data Foundation 4.15.9 Bug Fix Update: RHSA-2025:0164
Important: firefox security update: RHSA-2025:0162 / RHSA-2025:0144 / RHSA-2025:0138 / RHSA-2025:0137 / RHSA-2025:0136 / RHSA-2025:0135 / RHSA-2025:0134 / RHSA-2025:0133 / RHSA-2025:0132 / RHSA-2025:0080
Important: OpenShift Container Platform 4.12.71 bug fix and security update: RHSA-2025:0014
Important: kpatch-patch-4_18_0-553, kpatch-patch-4_18_0-553_16_1, and kpatch-patch-4_18_0-553_30_1 security update: RHSA-2025:0109
Low: cups security update: RHSA-2025:0083
Important: Red Hat OpenShift Data Foundation 4.16.5 Bug Fix Update: RHSA-2025:0082
Important: Red Hat OpenShift Data Foundation 4.17.2 Bug Fix Update: RHSA-2025:0079
Moderate: python3.11-urllib3 security update: RHSA-2025:0078
Important: kernel security update: RHSA-2025:0063 / RHSA-2025:0065 / RHSA-2025:0062 / RHSA-2025:0061 / RHSA-2025:0059 / RHSA-2025:0058 / RHSA-2025:0057 / RHSA-2025:0055
Important: kpatch-patch-4_18_0-372_118_1, kpatch-patch-4_18_0-372_131_1, and kpatch-patch-4_18_0-372_91_1 security update: RHSA-2025:0067
Important: kernel-rt security update: RHSA-2025:0066 / RHSA-2025:0064 / RHSA-2025:0060 / RHSA-2025:0056
Important: kpatch-patch-5_14_0-284_52_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 security update: RHSA-2025:0054
Important: kpatch-patch-4_18_0-305_120_1, kpatch-patch-4_18_0-305_138_1, and kpatch-patch-4_18_0-305_145_1 security update: RHSA-2025:0053
Important: kpatch-patch-5_14_0-427_13_1, kpatch-patch-5_14_0-427_31_1, and kpatch-patch-5_14_0-427_44_1 security update: RHSA-2025:0052
Important: kpatch-patch-4_18_0-477_43_1, kpatch-patch-4_18_0-477_67_1, and kpatch-patch-4_18_0-477_81_1 security update: RHSA-2025:0051
Important: kpatch-patch-5_14_0-70_112_1, kpatch-patch-5_14_0-70_121_1, and kpatch-patch-5_14_0-70_85_1 security update: RHSA-2025:0050
Important: kpatch-patch-5_14_0-503_15_1 security update: RHSA-2025:0049
Important: OpenShift Virtualization 4.17.3 Images: RHSA-2025:0048
Important: bind and bind-dyndb-ldap security update: RHSA-2025:0039
Node.js Security Advisories
 
Upcoming CVE for End-of-Life Node.js Versions
Cisco Security Advisory
 
Cisco ThousandEyes Agent Certificate Validation Vulnerability
Cisco Common Services Platform Collector Cross-Site Scripting Vulnerabilities
Cisco Crosswork Network Controller Stored Cross-Site Scripting Vulnerabilities
Microsoft Security
 
Microsoft January 2025 Security Update Guide
CVE-2025-21380 Azure Marketplace SaaS Resources Information Disclosure Vulnerability
CVE-2025-21385 Microsoft Purview Information Disclosure Vulnerability
Github Security Advisories
 
[GHSA-5xh2-23cc-5jc6] Strawberry GraphQL has type resolution vulnerability in node interface that allows potential data leakage through incorrect type resolution
[GHSA-675f-rq2r-jw82] JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh
[GHSA-j3f9-p6hm-5w6q] Carbon has an arbitrary file include via unvalidated input passed to Carbon::setLocale
[GHSA-j4jw-m6xr-fv6c] Soft Serve vulnerable to path traversal attacks
[GHSA-95m2-chm4-mq7m] PHP-Textile has persistent XSS vulnerability in image link handling
[GHSA-2r2v-9pf8-6342] WireGuard Portal v2 Vulnerable to OAuth Insecure Redirect URI / Account Takeover
[GHSA-r5vf-wf4h-82gg] matrix-sdk-crypto missing facility to signal rotation of a verified cryptographic identity
[GHSA-f27p-cmv8-xhm6] fetch: Authorization headers not dropped when redirecting cross-origin
[GHSA-237r-r8m4-4q88] Guzzle OAuth Subscriber has insufficient nonce entropy
[GHSA-v6jv-p6r8-j78w] NiceGUI On Air authentication issue
[GHSA-r9px-m959-cxf4] go-git clients vulnerable to DoS via maliciously crafted Git server replies
[GHSA-v725-9546-7q7m] go-git has an Argument Injection via the URL field
[GHSA-4x6x-8rm8-c37j] Extension:TabberNeue vulnerable to Cross-site Scripting
CISA Known Exploted Vulnerabilities
 
Oracle WebLogic Server Unspecified Vulnerability CVE-2020-2883
Mitel MiCollab Path Traversal Vulnerability CVE-2024-55550
Mitel MiCollab Path Traversal Vulnerability CVE-2024-41713
Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability CVE-2025-0282

The known exploited vulnerabilities list contains vulnerabilities that are known to be actively exploited. They may not be new or recently discovered. Vulnerabilities listed here were added to this list in the past week.
Switch to Daily Mode
  We're thrilled to announce the launch of AdvisoryDaily, a once a day version of this newsletter.

Get AdvisoryDaily