Advisory Week

Week 7, 2025

National Cyber Awareness System

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Releases Eight Industrial Control Systems Advisories

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA and Partners Release Advisory on Ghost (Cring) Ransomware

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Releases Two Industrial Control Systems Advisories

Mozilla Security Advisories

Security Vulnerabilities fixed in Firefox 135.0.1 mfsa2025-12

Ubuntu Security Notices

tomcat7 vulnerabilities: USN-7282-1

Apache Solr vulnerability: USN-7283-1

Libtasn1 vulnerability: USN-7275-2 / USN-7275-1

GnuTLS vulnerability: USN-7281-1

Python vulnerability: USN-7280-1

WebKitGTK vulnerabilities: USN-7279-1

OpenSSL vulnerabilities: USN-7278-1

LSN-0109-1: Kernel Live Patch Security Notice

Linux kernel vulnerabilities: USN-7277-1 / USN-7276-1

OpenSSH vulnerability: USN-7270-2

Atril vulnerabilities: USN-7274-1

libsndfile vulnerabilities: USN-7273-1

Symfony vulnerabilities: USN-7272-1

virtualenv vulnerability: USN-7271-1

OpenSSH vulnerabilities: USN-7270-1

Docker vulnerabilities: USN-7161-2

Intel Microcode vulnerabilities: USN-7269-1

Red Hat Security Advisory

Important: libpq security update: RHSA-2025:1745 / RHSA-2025:1744 / RHSA-2025:1738 / RHSA-2025:1737 / RHSA-2025:1735 / RHSA-2025:1733 / RHSA-2025:1732 / RHSA-2025:1725 / RHSA-2025:1720

Important:postgresql:16 security update: RHSA-2025:1743 / RHSA-2025:1740 / RHSA-2025:1731

Important: postgresql security update: RHSA-2025:1742 / RHSA-2025:1728 / RHSA-2025:1727 / RHSA-2025:1726

Important: postgresql:15 security update: RHSA-2025:1741 / RHSA-2025:1739 / RHSA-2025:1730 / RHSA-2025:1722 / RHSA-2025:1721

Important: postgresql:13 security update: RHSA-2025:1736 / RHSA-2025:1729 / RHSA-2025:1724 / RHSA-2025:1723

Important: bind security update: RHSA-2025:1718 / RHSA-2025:1691 / RHSA-2025:1687 / RHSA-2025:1685 / RHSA-2025:1684 / RHSA-2025:1681 / RHSA-2025:1675 / RHSA-2025:1674 / RHSA-2025:1669 / RHSA-2025:1666 / RHSA-2025:1665 / RHSA-2025:1664

Important: OpenShift Container Platform 4.14.48 security update: RHSA-2025:1453 / RHSA-2025:1451

Important: OpenShift Container Platform 4.16.35 security update: RHSA-2025:1386

Important: kpatch-patch-4_18_0-477_43_1, kpatch-patch-4_18_0-477_67_1, and kpatch-patch-4_18_0-477_81_1 security update: RHSA-2025:1680

Important: bind9.16 security update: RHSA-2025:1679 / RHSA-2025:1678 / RHSA-2025:1676

Important: mysql:8.0 security update: RHSA-2025:1673

Important: mysql security update: RHSA-2025:1671

Important: bind9.18 security update: RHSA-2025:1670

Important: kpatch-patch-4_18_0-305_120_1, kpatch-patch-4_18_0-305_138_1, and kpatch-patch-4_18_0-305_145_1 security update: RHSA-2025:1663

Important: kpatch-patch-4_18_0-372_118_1, kpatch-patch-4_18_0-372_131_1, and kpatch-patch-4_18_0-372_91_1 security update: RHSA-2025:1662

Important: OpenShift Container Platform 4.14.48 security and extras update: RHSA-2025:1450

Moderate: kernel security update: RHSA-2025:1659 / RHSA-2025:1658

Important: kpatch-patch-4_18_0-553, kpatch-patch-4_18_0-553_16_1, and kpatch-patch-4_18_0-553_30_1 security update: RHSA-2025:1657

Important: OpenShift Container Platform 4.17.17 bug fix and security update: RHSA-2025:1403

Important: Red Hat JBoss Enterprise Application Platform 7.4.21 security update: RHSA-2025:1638 / RHSA-2025:1637 / RHSA-2025:1636 / RHSA-2025:1635

Important: redhat-ds:11 security update: RHSA-2025:1632

Important: nodejs:22 security update: RHSA-2025:1613 / RHSA-2025:1611

Moderate: gcc security update: RHSA-2025:1601 / RHSA-2025:1580

Moderate: nodejs:18 security update: RHSA-2025:1582

Important: nodejs:20 security update: RHSA-2025:1522

Moderate: libxml2 security update: RHSA-2025:1517

Important: libxml2 security update: RHSA-2025:1516

Moderate: idm:DL1 security update: RHSA-2025:1515

Moderate: ipa security update: RHSA-2025:1514

Cisco Security Advisory

Cisco BroadWorks Application Delivery Platform Cross-Site Scripting Vulnerability

Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure Vulnerability

Cisco Secure Email Gateway Email Filter Bypass Vulnerability

Atlassian Security Advisories

Security Bulletin - February 18 2025

Microsoft Security

Microsoft February 2025 Security Update Guide

CVE-2025-21401 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

CVE-2025-21325 Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Chromium: CVE-2025-1426 Heap buffer overflow in GPU: CVE-2025-1006

Chromium: CVE-2025-1006 Use after free in Network: CVE-2025-1426

Chromium: CVE-2025-0999 Heap buffer overflow in V8

CVE-2025-24989 Microsoft Power Pages Elevation of Privilege Vulnerability

CVE-2025-21355 Microsoft Bing Remote Code Execution Vulnerability

Github Security Advisories

[GHSA-f679-254h-qhvj] Leantime allows Cross-Site Scripting (XSS)

[GHSA-95j3-435g-vjcp] Leantime affected by Improper Neutralization of HTML Tags

[GHSA-3hfj-qcvj-4hx8] Leantime has Missing Authorization Check for Host Parameter

[GHSA-38h4-fx85-qcx7] Exiv2 allows Use After Free

[GHSA-c39w-3pjx-qc7m] Leantime allows Stored Cross-Site Scripting (XSS)

[GHSA-92xh-6x7v-4rmq] Leantime allows Cross-Site Request Forgery (CSRF)

[GHSA-v4q9-437p-mhpg] Leantime allows Cross Site Scripting (XSS) and SQL Injection (SQLi)

[GHSA-h33q-mhmp-8p67] Vyper has a double eval in For List Iter

[GHSA-4w26-8p97-f4jp] AugAssign evaluation order causing OOB write within the object in Vyper

[GHSA-2p94-8669-xg86] Vyper's sqrt doesn't define rounding behavior

[GHSA-63cr-xg3f-8jvr] Leantime allows Stored Cross-Site Scripting (XSS)

[GHSA-52xf-h226-pfgx] Leantime allows Refelected Cross-Site Scripting (XSS)

[GHSA-h6w8-27ph-c385] Leantime has Insufficiently Protected Credentials

[GHSA-mg4c-884j-pcq9] Leantime allows Stored Cross-Site Scripting (XSS)

[GHSA-99r5-84gr-59f6] Leantime has Host Header Injection Vulnerability

[GHSA-j7jw-28jm-whr6] lakeFS allows an authenticated user to cause a crash by exhausting server memory

[GHSA-fpmr-m242-xm7x] Malciously crafted QPY files can allows Remote Attackers to Cause Denial of Service in Qiskit

[GHSA-pp9m-qf39-hxjc] S3-Proxy allows Reflected Cross-site Scripting (XSS) in template implementation

[GHSA-f8qm-hmm3-fv7f] Namada-apps allows Excessive Computation in Mempool Validation

[GHSA-82vg-5v4f-f9wq] Namada-apps can Crash with Excessive Computation in Mempool Validation

[GHSA-2gw2-qgjg-xh6p] Namada-apps allows Post-Genesis Validator Bypass

[GHSA-x5vx-95h7-rv4p] Cosmos SDK: Groups module can halt chain when handling a malicious proposal

[GHSA-j3mm-wmfm-mwvh] Cross-site scripting (XSS) in the CKEditor 5 real-time collaboration package

[GHSA-rr6p-3pfg-562j] XWiki Platform allows remote code execution as guest via SolrSearchMacros request

[GHSA-fh4v-v779-4g2w] SSRF in sliver teamserver

[GHSA-g4v5-6f5p-m38j] OpenFGA Authorization Bypass

[GHSA-m5mf-3963-4x26] Authelia applies regulation separately to Username-based logins to Email-based logins

[GHSA-qxj7-2x7w-3mpp] Duende.AccessTokenManagement race condition when concurrently retrieving customized Client Credentials Access Tokens

[GHSA-99vm-5v2h-h6r6] Directus allows updates to non-allowed fields due to overlapping policies

[GHSA-vvfq-8hwr-qm4m] Nokogiri updates packaged libxml2 to 2.13.6 to resolve CVE-2025-24928 and CVE-2024-56171

[GHSA-m3pm-rpgg-5wj6] Home Assistant does not correctly validate SSL for outgoing requests in core and used libs

[GHSA-vq63-8f72-f486] AspNetCore Remote Authenticator for CIE3.0 Allows SAML Response Signature Verification Bypass

[GHSA-36h8-r92j-w9vw] The AspNetCore Remote Authenticator for SPID Allows SAML Response Signature Verification Bypass

Drupal Security Advisories

Drupal core - Moderately critical - Gadget Chain - SA-CORE-2025-003

Drupal core - Moderately critical - Access bypass - SA-CORE-2025-002

Drupal core - Critical - Cross site scripting - SA-CORE-2025-001

CISA Known Exploted Vulnerabilities

Palo Alto PAN-OS Authentication Bypass Vulnerability CVE-2025-0108

SonicWall SonicOS SSLVPN Improper Authentication Vulnerability CVE-2024-53704

Palo Alto Networks PAN-OS File Read Vulnerability CVE-2025-0111

Craft CMS Code Injection Vulnerability CVE-2025-23209

Microsoft Power Pages Improper Access Control Vulnerability CVE-2025-24989

The known exploited vulnerabilities list contains vulnerabilities that are known to be actively exploited. They may not be new or recently discovered. Vulnerabilities listed here were added to this list in the past week.

Switch to Daily Mode

We're thrilled to announce the launch of AdvisoryDaily, a once a day version of this newsletter.

Get AdvisoryDaily