Advisory Week


Week 3, 2025
National Cyber Awareness System
 
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Releases Six Industrial Control Systems Advisories
CISA Adds One Known Exploited Vulnerability to Catalog
CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
CISA Releases Three Industrial Control Systems Advisories
Oracle Security Alerts
 
Oracle Critical Patch Update Advisory - January 2025
Ubuntu Security Notices
 
PCL vulnerability: USN-7227-1
Cacti vulnerability: USN-7226-1
Django vulnerability: USN-7205-2
HTMLDOC vulnerabilities: USN-7225-1
Cyrus IMAP Server vulnerabilities: USN-7224-1
OpenJPEG vulnerabilities: USN-7223-1
BlueZ vulnerabilities: USN-7222-1
Linux kernel (OEM) vulnerabilities: USN-7221-1
Vim vulnerability: USN-7220-1
Python vulnerability: USN-7219-1 / USN-7218-1
Linux kernel (Xilinx ZynqMP) vulnerabilities: USN-7166-4
PoDoFo library vulnerabilities: USN-7217-1
Red Hat Security Advisory
 
Important: Red Hat Advanced Cluster Management 2.10.7 bug fixes and container updates: RHSA-2025:0679
Important: RHSA: Submariner 0.16.8 - bug and security fixes: RHSA-2025:0678
Important: Multicluster Engine for Kubernetes 2.5.8 security updates and bug fixes: RHSA-2025:0676
Important: git-lfs security update: RHSA-2025:0673
Important: python-jinja2 security update: RHSA-2025:0667
Moderate: Release of OpenShift Serverless Logic 1.35.0 security update & enhancements: RHSA-2025:0664
Important: grafana security update: RHSA-2025:0662 / RHSA-2025:0401
Important: redis:6 security update: RHSA-2025:0640 / RHSA-2025:0595
Important: rsync security update: RHSA-2025:0637
Moderate: OpenJDK 21.0.6 Security Update for Portable Linux Builds: RHSA-2025:0427
Moderate: OpenJDK 21.0.6 Security Update for Windows Builds: RHSA-2025:0428
Moderate: java-21-openjdk security update for RHEL 8.10, 9.4 and 9.5: RHSA-2025:0426
Moderate: Red Hat OpenStack Platform 18.0.4 (openstack-ironic) security update: RHSA-2025:0439
Moderate: OpenJDK 11.0.26 ELS Security Update for Windows Builds: RHSA-2025:0430
Moderate: OpenJDK 17.0.14 Security Update for Portable Linux Builds: RHSA-2025:0424
Moderate: OpenJDK 17.0.14 Security Update for Windows Builds: RHSA-2025:0425
Moderate: java-17-openjdk security update for RHEL 9.0 and 9.2: RHSA-2025:0423
Moderate: java-17-openjdk security update for RHEL 8.4: RHSA-2025:0421
Moderate: java-11-openjdk ELS security update: RHSA-2025:0429
Moderate: java-17-openjdk security update for RHEL 8.6, 8.8, 8.10, 9.4 and 9.5: RHSA-2025:0422
Important: OpenShift Container Platform 4.14.45 bug fix and security update: RHSA-2025:0364
Moderate: kernel security update: RHSA-2025:0578
Important: Red Hat multicluster global hub 1.3.2 enhancements and container updates: RHSA-2025:0577
Important: Red Hat Advanced Cluster Management 2.9.6 bug fixes and container updates: RHSA-2025:0576
Important: iperf3 security update: RHSA-2025:0570 / RHSA-2025:0548 / RHSA-2025:0505 / RHSA-2025:0440 / RHSA-2025:0404 / RHSA-2025:0403 / RHSA-2025:0402
Important: redis:7 security update: RHSA-2025:0566
Important: Red Hat Multicluster GlobalHub 1.2.1 bug fixes and container updates: RHSA-2025:0560
Important: Multicluster Engine for Kubernetes 2.4.7 security updates and bug fixes: RHSA-2025:0552
Moderate: JBoss EAP XP 5.0 Update 1.0 release. See references for release notes.: RHSA-2025:0542
Important: .NET 8.0 security update: RHSA-2025:0532
Moderate: Red Hat JBoss Web Server 6.0.5 release and security update: RHSA-2025:0343 / RHSA-2025:0342
Important: redis security update: RHSA-2025:0400 / RHSA-2025:0399 / RHSA-2025:0398
Cisco Security Advisory
 
ClamAV OLE2 File Format Decryption Denial of Service Vulnerability
Cisco Meeting Management REST API Privilege Escalation Vulnerability
Cisco BroadWorks SIP Denial of Service Vulnerability
Atlassian Security Advisories
 
Security Bulletin - January 21 2025
Microsoft Security
 
Microsoft January 2025 Security Update Guide
CVE-2025-21262 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Jenkins Security Advisories
 
Jenkins Security Advisory 2025-01-22
Amazon AWS Security Advisories
 
Issue with AWS Sign-in IAM User Login Flow – Possible Username Enumeration (CVE-2025-0693)
CISA Known Exploted Vulnerabilities
 
JQuery Cross-Site Scripting (XSS) Vulnerability CVE-2020-11023
SonicWall SMA1000 Appliances Deserialization Vulnerability CVE-2025-23006

The known exploited vulnerabilities list contains vulnerabilities that are known to be actively exploited. They may not be new or recently discovered. Vulnerabilities listed here were added to this list in the past week.
Switch to Daily Mode
  We're thrilled to announce the launch of AdvisoryDaily, a once a day version of this newsletter.

Get AdvisoryDaily