Advisory Week


Week 2, 2025
National Cyber Awareness System
 
CISA and FBI Release Updated Guidance on Product Security Bad Practices
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Releases Twelve Industrial Control Systems Advisories
CISA and Partners Release Call to Action to Close the National Software Understanding Gap
CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook
CISA Releases Four Industrial Control Systems Advisories
CISA Releases the JCDC AI Cybersecurity Collaboration Playbook and Fact Sheet
Ivanti Releases Security Updates for Multiple Products
Fortinet Releases Security Updates for Multiple Products
CISA Adds Four Known Exploited Vulnerabilities to Catalog
Adobe Releases Security Updates for Multiple Products
Microsoft Releases January 2025 Security Updates
CISA and US and International Partners Publish Guidance on Priority Considerations in Product Selection for OT Owners and Operators
CISA Adds Two Known Exploited Vulnerabilities to Catalog
Adobe Security Bulletins and Advisories
 
Security updates available for Adobe Photoshop | APSB25-02
Security Updates Available for Adobe Illustrator Mobile - IOS | APSB25-04
Security updates available for Adobe Animate | APSB25-05
Ubuntu Security Notices
 
tqdm vulnerability: USN-7216-1
rsync regression: USN-7206-2
libxml2 vulnerability: USN-7215-1
HarfBuzz vulnerability: USN-7214-1
poppler vulnerability: USN-7213-1
Python 2.7 vulnerabilities: USN-7212-1
Audacity vulnerability: USN-7211-1
GIMP DDS Plugin vulnerabilities: USN-7209-1
Apache Commons BCEL vulnerability: USN-7208-1
.NET vulnerabilities: USN-7210-1
Linux kernel (Raspberry Pi) vulnerabilities: USN-7173-3
NeoMutt vulnerabilities: USN-7204-1
rsync vulnerabilities: USN-7206-1
Git vulnerabilities: USN-7207-1
Linux kernel (Azure) vulnerabilities: USN-7195-2
Django vulnerability: USN-7205-1
PowerDNS vulnerabilities: USN-7203-1
HPLIP vulnerability: USN-7202-1
WebKitGTK vulnerabilities: USN-7201-1
Roundcube vulnerability: USN-7200-1
snapd vulnerabilities: USN-6940-2
xmltok library vulnerabilities: USN-7199-1
Red Hat Security Advisory
 
Moderate: Red Hat JBoss Web Server 5.8.2 release and security update: RHSA-2025:0362 / RHSA-2025:0361
Important: VolSync 0.10.2 for RHEL 9: RHSA-2025:0386
Important: VolSync 0.11.1 for RHEL 9: RHSA-2025:0385
Important: RHSA: Submariner 0.18.4 - bug and security fixes: RHSA-2025:0384
Important: .NET 9.0 security update: RHSA-2025:0382
Important: .NET 8.0 security update: RHSA-2025:0381
Moderate: Security and bug fixes for NetworkManager: RHSA-2025:0377
Important: Red Hat JBoss Enterprise Application Platform 8.0 security update: RHSA-2025:0372 / RHSA-2025:0371
Moderate: tuned security update: RHSA-2025:0368 / RHSA-2025:0327
Important: iperf3 security update: RHSA-2025:0346
Important: fence-agents security update: RHSA-2025:0345 / RHSA-2025:0338 / RHSA-2025:0335 / RHSA-2025:0308
Important: Logging for Red Hat OpenShift - 5.6.27: RHSA-2024:10988
Important: Red Hat Ansible Automation Platform 2.5 Container Release Update: RHSA-2025:0341
Important: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update: RHSA-2025:0340
Moderate: ipa security update: RHSA-2025:0334
Moderate: Logging for Red Hat OpenShift - 5.9.10: RHSA-2024:10990
Important: Logging for Red Hat OpenShift - 5.8.16: RHSA-2025:0329
Important: raptor2 security update: RHSA-2025:0326 / RHSA-2025:0319 / RHSA-2025:0318 / RHSA-2025:0316 / RHSA-2025:0315 / RHSA-2025:0314 / RHSA-2025:0313 / RHSA-2025:0312 / RHSA-2025:0311 / RHSA-2025:0310
Important: rsync security update: RHSA-2025:0325 / RHSA-2025:0324
Important: OpenShift Container Platform 4.15.43 bug fix and security update: RHSA-2025:0121
Moderate: Red Hat OpenShift Data Foundation 4.14.13 Bug Fix Update: RHSA-2025:0323
Important: OpenShift Container Platform 4.16.30 bug fix and security update: RHSA-2025:0140
Moderate: libreswan security update: RHSA-2025:0309
Important: OpenShift Container Platform 4.17.12 bug fix and security update: RHSA-2025:0115
Moderate: Red Hat build of Keycloak 26.0.8 Update: RHSA-2025:0300
Moderate: Red Hat build of Keycloak 26.0.8 Images Update: RHSA-2025:0299
Important: thunderbird security update: RHSA-2025:0286 / RHSA-2025:0287 / RHSA-2025:0284 / RHSA-2025:0281 / RHSA-2025:0275
Moderate: Bug fix of NetworkManager: RHSA-2025:0288
Important: webkit2gtk3 security update: RHSA-2025:0283 / RHSA-2025:0282 / RHSA-2025:0279 / RHSA-2025:0278 / RHSA-2025:0277 / RHSA-2025:0276
Moderate: python3.11 security update: RHSA-2025:0280
Node.js Security Advisories
 
Tuesday, January 21, 2025 Security Releases
Microsoft Security
 
Microsoft January 2025 Security Update Guide
CVE-2021-45985 Mitre: CVE-2021-45985 Erroneous finalizer call in Lua leads to a heap-based buffer over-read
Chromium: CVE-2025-0291 Type Confusion in V8
CVE-2025-21409 Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21245 Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21240 Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21238 Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21223 Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21417 Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21250 Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21246 Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21311 Windows NTLM V1 Elevation of Privilege Vulnerability
CVE-2025-21333 Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
CVE-2025-21334 Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
CVE-2025-21332 MapUrlToZone Security Feature Bypass Vulnerability
CVE-2025-21326 Internet Explorer Remote Code Execution Vulnerability
CVE-2025-21218 Windows Kerberos Denial of Service Vulnerability
CVE-2025-21313 Windows Security Account Manager (SAM) Denial of Service Vulnerability
CVE-2025-21378 Windows CSC Service Elevation of Privilege Vulnerability
CVE-2025-21402 Microsoft Office OneNote Remote Code Execution Vulnerability
CVE-2025-21372 Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2025-21374 Windows CSC Service Information Disclosure Vulnerability
CVE-2025-21361 Microsoft Outlook Remote Code Execution Vulnerability
CVE-2025-21370 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
CVE-2025-21343 Windows Web Threat Defense User Service Information Disclosure Vulnerability
CVE-2025-21360 Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
CVE-2025-21339 Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21340 Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability
CVE-2025-21336 Windows Cryptographic Information Disclosure Vulnerability
CVE-2025-21338 GDI+ Remote Code Execution Vulnerability
CVE-2025-21324 Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21331 Windows Installer Elevation of Privilege Vulnerability
CVE-2025-21317 Windows Kernel Memory Information Disclosure Vulnerability
CVE-2025-21323 Windows Kernel Memory Information Disclosure Vulnerability
CVE-2025-21172 .NET and Visual Studio Remote Code Execution Vulnerability
CVE-2025-21310 Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21312 Windows Smart Card Reader Information Disclosure Vulnerability
CVE-2025-21307 Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
CVE-2025-21308 Windows Themes Spoofing Vulnerability
CVE-2025-21300 Windows upnphost.dll Denial of Service Vulnerability
CVE-2025-21305 Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21287 Windows Installer Elevation of Privilege Vulnerability
CVE-2025-21292 Windows Search Service Elevation of Privilege Vulnerability
CVE-2025-21276 Windows MapUrlToZone Denial of Service Vulnerability
CVE-2025-21286 Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21274 Windows Event Tracing Denial of Service Vulnerability
CVE-2025-21275 Windows App Package Installer Elevation of Privilege Vulnerability
CVE-2025-21189 MapUrlToZone Security Feature Bypass Vulnerability
CVE-2025-21273 Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21256 Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21261 Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21231 IP Helper Denial of Service Vulnerability
CVE-2025-21232 Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21228 Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21229 Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21230 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2025-21226 Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21227 Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21224 Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability
CVE-2025-21225 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
CVE-2025-21211 Secure Boot Security Feature Bypass Vulnerability
CVE-2025-21213 Secure Boot Security Feature Bypass Vulnerability
CVE-2025-21187 Microsoft Power Automate Remote Code Execution Vulnerability
CVE-2025-21186 Microsoft Access Remote Code Execution Vulnerability
CVE-2025-21207 Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability
CVE-2025-21202 Windows Recovery Environment Agent Elevation of Privilege Vulnerability
CVE-2025-21193 Active Directory Federation Server Spoofing Vulnerability
CVE-2025-21220 Microsoft Message Queuing Information Disclosure Vulnerability
CVE-2025-21335 Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
CVE-2025-21328 MapUrlToZone Security Feature Bypass Vulnerability
CVE-2025-21330 Windows Remote Desktop Services Denial of Service Vulnerability
CVE-2025-21329 MapUrlToZone Security Feature Bypass Vulnerability
CVE-2025-21405 Visual Studio Elevation of Privilege Vulnerability CVE-2025-21252 Windows Telephony Service Remote Code Execution Vulnerability
Amazon AWS Security Advisories
 
Issue with Amazon WorkSpaces, Amazon AppStream 2.0, and Amazon DCV (CVE-2025-0500 and CVE-2025-0501)
Github Security Advisories
 
[GHSA-c9p4-xwr9-rfhx] Zot IdP group membership revocation ignored
[GHSA-cg87-wmx4-v546] KaTeX \htmlData does not validate attribute names
[GHSA-v4mq-x674-ff73] AWS Cloud Development Kit (AWS CDK) IAM OIDC custom resource allows connection to unauthorized OIDC provider
[GHSA-fcr8-4r9f-r66m] nbgrader's `frame-ancestors: self` grants all users access to formgrader
[GHSA-4ff6-858j-r822] Gomatrixserverlib Server-Side Request Forgery (SSRF) on redirects and federation
[GHSA-rcxc-wjgw-579r] Matrix Media Repo (MMR) allows untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders
[GHSA-r6jg-jfv6-2fjv] Matrix Media Repo (MMR) allows Server-Side Request Forgery (SSRF) on redirects and federation
[GHSA-gp86-q8hg-fpxj] matrix-media-repo (MMR) allows a denial of service through memory exhaustion
[GHSA-jhvj-f397-8w6q] HAL Console has a Cross Site Scripting (XSS) vulnerability of user input
[GHSA-vc2m-hw89-qjxf] matrix-media-repo (MMR) allows denial of service/high operating costs through unauthenticated downloads
[GHSA-8vmr-h7h5-cqhg] matrix-media-repo (MMR) allows unauthenticated writes to the media repository, which may allow planting of problematic content
[GHSA-g84x-g96g-rcjc] Librenms has a reflected XSS on error alert
[GHSA-c66p-64fj-jmc2] LibreNMS Misc Section Stored Cross-site Scripting vulnerability
[GHSA-27vf-3g4f-6jp7] LibreNMS Ports Stored Cross-site Scripting vulnerability
[GHSA-pm8j-3v64-92cq] LibreNMS Display Name Stored Cross-site Scripting vulnerability
[GHSA-p9v8-q5m4-pf46] CVE-2024-5138: snapd snapctl auth bypass
[GHSA-2f4w-6mc7-4w78] LibreNMS Display Name 2 Stored Cross-site Scripting vulnerability
[GHSA-mm6v-68qp-f9fw] Crayfish allows Remote Code Execution via Homarus Authorization header
[GHSA-c873-wfhp-wx5m] SP1 has missing verifier checks and fiat-shamir observations
[GHSA-7pq6-v88g-wf3w] Sentry's improper authentication on SAML SSO process allows user impersonation
[GHSA-2c6g-pfx3-w7h8] Insecure Temporary File in RESTEasy
[GHSA-mqf3-qpc3-g26q] Silverstripe Framework has a Reflected Cross Site Scripting (XSS) in error message
[GHSA-ff6q-3c9c-6cf5] Silverstripe Framework has a XSS in form messages
[GHSA-7cmp-cgg8-4c82] Silverstripe Framework has a XSS via insert media remote file oembed
[GHSA-m9c9-mc2h-9wjw] Lodestar snappy checksum issue
[GHSA-53rv-hcvm-rpp9] Lodestar snappy decompression issue
[GHSA-2v2w-8v8c-wcm9] Rancher UI has Stored Cross-site Scripting vulnerability
[GHSA-q6r2-x2cc-vrp7] Git LFS permits exfiltration of credentials via crafted HTTP URLs
[GHSA-9v8m-qv22-f268] Umbraco Forms's Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length
[GHSA-86c2-4x57-wc8g] Git Credential Manager carriage-return character in remote URL allows malicious repository to leak credentials
[GHSA-j2jg-fq62-7c3h] Gradio Blocked Path ACL Bypass Vulnerability
[GHSA-w8xv-rwgf-4fwh] CVE-2025-0343: Swift ASN.1 can crash when parsing maliciously formed BER/DER
[GHSA-rmm7-r7wr-xpfg] XWiki Realtime WYSIWYG Editor extension allows privilege escalation (PR) through realtime WYSIWYG editing
[GHSA-cpv4-ggrr-7j9v] Rasa Allows Remote Code Execution via Remote Model Loading
[GHSA-8mv3-37rc-pvxj] TYPO3 DB Check Module vulnerable to Cross-Site Request Forgery
[GHSA-7835-fcv3-g256] TYPO3 Scheduler Module vulnerable to Cross-Site Request Forgery
[GHSA-7r5q-4qgx-v545] TYPO3 Indexed Search Module vulnerable to Cross-Site Request Forgery
[GHSA-ww7h-g2qf-7xv6] TYPO3 Form Framework Module vulnerable to Cross-Site Request Forgery
[GHSA-4g52-pq8j-6qv5] TYPO3 Extension Manager Module vulnerable to Cross-Site Request Forgery
[GHSA-qwx7-39pw-2mhr] TYPO3 Cross-Site Request Forgery in Dashboard Module
[GHSA-6w4x-gcx3-8p7v] TYPO3 Cross-Site Request Forgery in Backend User Module
[GHSA-cjfr-9f5r-3q93] TYPO3 Cross-Site Request Forgery in Log Module
[GHSA-2fx5-pggv-6jjr] TYPO3 Potential Open Redirect via Parsing Differences
[GHSA-38x7-cc6w-j27q] TYPO3 Information Disclosure via Exception Handling/Logger
[GHSA-32q6-rr98-cjqv] OpenFGA Authorization Bypass
[GHSA-w3g8-r9gw-qrh8] Denial of Service in Keycloak Server via Security Headers
[GHSA-f4v7-3mww-9gc2] Keycloak allows unrestricted admin use of system and environment variables
[GHSA-vh22-6c6h-rm8q] jte's HTML templates containing Javascript template strings are subject to XSS
[GHSA-mgr7-5782-6jh9] The Umbraco Heartcore headless client library uses a vulnerable Refit dependency package
[GHSA-45v3-38pc-874v] notation-go's timestamp signature generation lacks certificate revocation check
[GHSA-qjh3-4j3h-vmwp] notation-go has an OS error when setting CRL cache leads to denial of signature verification
CISA Known Exploted Vulnerabilities
 
Qlik Sense HTTP Tunneling Vulnerability CVE-2023-48365
BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerabilit CVE-2024-12686
Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability CVE-2025-21335
Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability CVE-2025-21334
Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability CVE-2025-21333
Fortinet FortiOS Authorization Bypass Vulnerability CVE-2024-55591
Aviatrix Controllers OS Command Injection Vulnerability CVE-2024-50603

The known exploited vulnerabilities list contains vulnerabilities that are known to be actively exploited. They may not be new or recently discovered. Vulnerabilities listed here were added to this list in the past week.
Switch to Daily Mode
  We're thrilled to announce the launch of AdvisoryDaily, a once a day version of this newsletter.

Get AdvisoryDaily