Advisory Week

Week 6, 2025

Apple Security Advisory

iOS 18.3.1 and iPadOS 18.3.1 - Apple Security Content

iPadOS 17.7.5 - Apple Security Content

National Cyber Awareness System

CISA Releases Twenty Industrial Control Systems Advisories

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA and FBI Warn of Malicious Cyber Actors Using Buffer Overflow Vulnerabilities to Compromise Software

CISA Releases Two Industrial Control Systems Advisories

CISA Adds Four Known Exploited Vulnerabilities to Catalog

Adobe Security Bulletins and Advisories

Security Updates Available for Adobe Illustrator | APSB25-11

Security Updates Available for Adobe Commerce | APSB25-08

Security Update Available for Adobe InDesign | APSB25-01

Security Update Available for Adobe InCopy | APSB25-10

Ubuntu Security Notices

ActiveMQ vulnerabilities: USN-7268-1

libsndfile vulnerability: USN-7267-1

Ansible regression: USN-6846-3

digiKam vulnerabilities: USN-7266-1

Ruby regression: USN-7256-2

Linux kernel (AWS) vulnerabilities: USN-7234-4 / USN-7235-3 / USN-7238-4

Linux kernel (Azure) vulnerabilities: USN-7236-3

BlueZ vulnerabilities: USN-7265-1

OpenSSL vulnerabilities: USN-7264-1

Firefox vulnerabilities: USN-7263-1

Ruby vulnerability: USN-6838-2

Linux kernel vulnerabilities: USN-7262-1

GNU C Library vulnerability: USN-7259-3 / USN-7259-2

Vim vulnerability: USN-7261-1

rsync regression: USN-7206-4

OpenRefine vulnerabilities: USN-7260-1

Red Hat Security Advisory

Important: updated discovery container images: RHSA-2025:1487 / RHSA-2025:1249

Important: ACS 4.4 enhancement and security update: RHSA-2025:1468

Moderate: Update Red Hat Developer Hub 1.3 to mitigate relevant CVEs: RHSA-2025:1454

Moderate: nodejs:18 security update: RHSA-2025:1446

Important: nodejs:20 security update: RHSA-2025:1443 / RHSA-2025:1351

Important: kpatch-patch-5_14_0-284_52_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 security update: RHSA-2025:1437

Important: kpatch-patch-5_14_0-427_13_1, kpatch-patch-5_14_0-427_31_1, and kpatch-patch-5_14_0-427_44_1 security update: RHSA-2025:1434

Important: kpatch-patch-5_14_0-503_15_1 security update: RHSA-2025:1433

Important: Updated service-interconnect rhel9 container images for 1.8: RHSA-2025:1413

Important: OpenShift Container Platform 4.13.55 packages and security update: RHSA-2025:1118

Important: OpenShift Container Platform 4.13.55 bug fix and security update: RHSA-2025:1116

Important: OpenShift Container Platform 4.12.73 bug fix and security update: RHSA-2025:1242

Important: OpenShift Container Platform 4.13.55 security and extras update: RHSA-2025:1115

Moderate: OpenShift Container Platform 4.12.73 security and extras update: RHSA-2025:1241

Important: kpatch-patch-5_14_0-70_112_1, kpatch-patch-5_14_0-70_121_1, and kpatch-patch-5_14_0-70_85_1 security update: RHSA-2025:1374

Important: container-tools:rhel8 security update: RHSA-2025:1372 / RHSA-2025:1275 / RHSA-2025:1207

Important: Logging for Red Hat OpenShift - 5.8.17: RHSA-2025:1225

Important: Logging for Red Hat OpenShift - 5.9.11: RHSA-2025:1227

Moderate: krb5 security update: RHSA-2025:1352

Important: libxml2 security update: RHSA-2025:1350

Important: thunderbird security update: RHSA-2025:1348 / RHSA-2025:1341 / RHSA-2025:1340 / RHSA-2025:1319 / RHSA-2025:1318 / RHSA-2025:1317 / RHSA-2025:1292 / RHSA-2025:1184

Important: kernel security update: RHSA-2025:1347 / RHSA-2025:1291 / RHSA-2025:1282 / RHSA-2025:1281 / RHSA-2025:1278 / RHSA-2025:1270 / RHSA-2025:1268 / RHSA-2025:1267 / RHSA-2025:1266 / RHSA-2025:1264 / RHSA-2025:1262 / RHSA-2025:1253

Moderate: gcc security update: RHSA-2025:1346 / RHSA-2025:1301 / RHSA-2025:1311 / RHSA-2025:1312 / RHSA-2025:1310 / RHSA-2025:1308 / RHSA-2025:1305 / RHSA-2025:1304 / RHSA-2025:1303

Moderate: gcc-toolset-13-gcc security update: RHSA-2025:1342 / RHSA-2025:1309 / RHSA-2025:1306

Important: OpenShift Container Platform 4.15.45 packages and security update: RHSA-2025:1130

Moderate: gcc-toolset-14-gcc security update: RHSA-2025:1338 / RHSA-2025:1300

Important: OpenShift Container Platform 4.16.34 security and extras update: RHSA-2025:1123

Important: RHUI 4.11 security, bugfix, and enhancement update: RHSA-2025:1335

Important: ACS 4.5 enhancement and security update: RHSA-2025:1334

Important: Gatekeeper v3.14.3: RHSA-2025:1333

Important: Gatekeeper v3.15.3: RHSA-2025:1332

Important: Gatekeeper v3.17.1: RHSA-2025:1331

Important: openssl security update: RHSA-2025:1330

Moderate: doxygen security update: RHSA-2025:1329 / RHSA-2025:1315 / RHSA-2025:1314 / RHSA-2025:1256 / RHSA-2025:1255 / RHSA-2025:1247 / RHSA-2025:1185

Moderate: OpenShift Container Platform 4.17.16 security update: RHSA-2025:1122

Important: OpenShift Container Platform 4.17.16 bug fix and security update: RHSA-2025:1120 / RHSA-2025:1119

Important: podman security update: RHSA-2025:1296 / RHSA-2025:1189 / RHSA-2025:1186

Important: buildah security update: RHSA-2025:1295 / RHSA-2025:1188 / RHSA-2025:1187

Important: firefox security update: RHSA-2025:1283

Important: kernel-rt security update: RHSA-2025:1280 / RHSA-2025:1269 / RHSA-2025:1254 / RHSA-2025:1231 / RHSA-2025:1230

Moderate: python-jinja2 security update: RHSA-2025:1250

Moderate: tbb security update: RHSA-2025:1217 / RHSA-2025:1216 / RHSA-2025:1215 / RHSA-2025:1214 / RHSA-2025:1213 / RHSA-2025:1212 / RHSA-2025:1211 / RHSA-2025:1210 / RHSA-2025:1209

Important: OpenShift Container Platform 4.16.33 packages and security update: RHSA-2025:0830

Important: Red Hat OpenStack Platform 17.1 (python-waitress) security update: RHSA-2025:1192 / RHSA-2025:1191

Important: Red Hat OpenStack Platform 17.1 (etcd) security update: RHSA-2025:1190

Microsoft Security

Microsoft February 2025 Security Update Guide

Chromium: CVE -2025-0996 Inappropriate implementation in Browser UI: CVE-2025-0996

Chromium: CVE -2025-0995 Use after free in V8: CVE-2025-0995

Chromium: CVE -2025-0997 Use after free in Navigation: CVE-2025-0997

Chromium: CVE -2025-0998 Out of bounds memory access in V8: CVE-2025-0998

CVE-2025-21198 Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability

CVE-2025-21373 Windows Installer Elevation of Privilege Vulnerability

CVE-2025-24042 Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability

CVE-2025-21414 Windows Core Messaging Elevation of Privileges Vulnerability

CVE-2025-21254 Internet Connection Sharing (ICS) Denial of Service Vulnerability

CVE-2025-21322 Microsoft PC Manager Elevation of Privilege Vulnerability

CVE-2025-21212 Internet Connection Sharing (ICS) Denial of Service Vulnerability

CVE-2025-21216 Internet Connection Sharing (ICS) Denial of Service Vulnerability

CVE-2025-21181 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-21184 Windows Core Messaging Elevation of Privileges Vulnerability

CVE-2025-21400 Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2025-21179 DHCP Client Service Denial of Service Vulnerability

CVE-2025-21397 Microsoft Office Remote Code Execution Vulnerability

CVE-2025-21392 Microsoft Office Remote Code Execution Vulnerability

CVE-2025-21394 Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21387 Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21390 Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21381 Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21386 Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21377 NTLM Hash Disclosure Spoofing Vulnerability

CVE-2025-21367 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

CVE-2025-21371 Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21358 Windows Core Messaging Elevation of Privileges Vulnerability

CVE-2025-21359 Windows Kernel Security Feature Bypass Vulnerability

CVE-2025-21349 Windows Remote Desktop Configuration Service Tampering Vulnerability

CVE-2025-21350 Windows Kerberos Denial of Service Vulnerability

CVE-2025-21347 Windows Deployment Services Denial of Service Vulnerability

CVE-2025-21201 Windows Telephony Server Remote Code Execution Vulnerability

CVE-2025-21337 Windows NTFS Elevation of Privilege Vulnerability

CVE-2025-21190 Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21200 Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21407 Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21410 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2025-21406 Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21194 Microsoft Surface Security Feature Bypass Vulnerability

CVE-2025-21208 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2025-24039 Visual Studio Code Elevation of Privilege Vulnerability

CVE-2025-21259 Microsoft Outlook Spoofing Vulnerability

CVE-2023-32002 HackerOne: CVE-2023-32002 Node.js `Module._load()` policy Remote Code Execution Vulnerability

CVE-2025-24036 Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability

CVE-2025-21419 Windows Setup Files Cleanup Elevation of Privilege Vulnerability

CVE-2025-21420 Windows Disk Cleanup Tool Elevation of Privilege Vulnerability

CVE-2025-21391 Windows Storage Elevation of Privilege Vulnerability

CVE-2025-21418 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVE-2025-21182 Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability

CVE-2025-21183 Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability

CVE-2025-21379 DHCP Client Service Remote Code Execution Vulnerability

CVE-2025-21383 Microsoft Excel Information Disclosure Vulnerability

CVE-2025-21375 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

CVE-2025-21376 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2025-21369 Microsoft Digest Authentication Remote Code Execution Vulnerability

CVE-2025-21352 Internet Connection Sharing (ICS) Denial of Service Vulnerability

CVE-2025-21368 Microsoft Digest Authentication Remote Code Execution Vulnerability

CVE-2025-21206 Visual Studio Installer Elevation of Privilege Vulnerability

CVE-2025-21351 Windows Active Directory Domain Services API Denial of Service Vulnerability

CVE-2025-21188 Azure Network Watcher VM Extension Elevation of Privilege Vulnerability

CISA Known Exploted Vulnerabilities

Zyxel DSL CPE OS Command Injection Vulnerability CVE-2024-40891

Zyxel DSL CPE OS Command Injection Vulnerability CVE-2024-40890

Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability CVE-2025-21418

Microsoft Windows Storage Link Following Vulnerability CVE-2025-21391

Apple iOS and iPadOS Incorrect Authorization Vulnerability CVE-2025-24200

Mitel SIP Phones Argument Injection Vulnerability CVE-2024-41710

SimpleHelp Path Traversal Vulnerability CVE-2024-57727

The known exploited vulnerabilities list contains vulnerabilities that are known to be actively exploited. They may not be new or recently discovered. Vulnerabilities listed here were added to this list in the past week.

Switch to Daily Mode

We're thrilled to announce the launch of AdvisoryDaily, a once a day version of this newsletter.

Get AdvisoryDaily