Aggregator

Submit #578030 / VDB-221827

Submit #578028 / VDB-221825

Submit #578024 / VDB-221824

Submit #578019 / VDB-309448

A vulnerability classified as critical has been found in jammy928 CoinExchange_CryptoExchange_Java up to 8adf508b996020d3efbeeb2473d7235bd01436fa. This affects the function uploadLocalImage of the file /CoinExchange_CryptoExchange_Java-master/00_framework/core/src/main/java/com/bizzan/bitrade/util/UploadFileUtil.java of the component File Upload Endpoint. The manipulation of the argument filename leads to path traversal. This vulnerability is uniquely identified as CVE-2025-4893. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

Submit #577907 / VDB-309447

A vulnerability was found in CSV Mass Importer Plugin up to 1.2 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to unrestricted upload. This vulnerability is handled as CVE-2025-4190. The attack may be launched remotely. There is no exploit available.

Submit #577870 / VDB-300657

Submit #577869 / VDB-300665

Submit #577868 / VDB-309037

Welcome to the third and final day of Pwn2Own Berlin 2025. We' start the day at $695,000 awarded for the contest. It will be interesting to see if we can breach the million dollar mark. Stay tuned for all of the results.

And we are finished!! What an amazing three days of research. Today, we awarded $383,750, which brings the event total to $1,078,750! Congratulations to the STAR Labs SG team for winning Master of Pwn. They earned $$320,000 and 35 Master of Pwn points. During the event, we purchased (and disclosed) 28 unique 0-days - seven of which came from the AI category. Thanks to OffensiveCon for hosting the event, the participants for bringing their amazing research, and the vendors for acting on the bugs quickly.

COLLISION - Although Angelboy (@scwuaptx) from DEVCORE Research Team successfully demonstrated their privilege escalation on Windows 11, one of the two bugs he used was known to the vendor. He still earns $11,250 and 2.25 Master of Pwn points.

COLLISION - Although @namhb1, @havancuong000, and @HieuTra34558978 of FPT NightWolf successfully exploited NVIDIA Triton, the bug they used was known by the vendor (but not patched yet). They still earn $15,000 and 1.5 Master of Pwn points.

SUCCESS - Former Master of Pwn winner Manfred Paul used an integer overflow to exploit Mozilla Firefox (renderer only). His excellent work earns him $50,000 and 5 Master of Pwn points.

SUCCESS - Nir Ohfeld (@nirohfeld) Shir Tamari (@shirtamari) of Wiz Research used a External Initialization of Trusted Variables bug to exploit the #NVIDIA Container Toolkit. This unique bug earns them $30,000 and 3 Master of Pwn points.

FAILURE - Unfortunately, the team from STAR Labs could not get their exploit of NVIDIA's Triton Inference server working within the time allotted.

SUCCESS - Dung and Nguyen (@MochiNishimiya) of STARLabs used a TOCTOU race condition to escape the VM and an Improper Validation of Array Index for the Windows privilege escalation. They earn $70,000 and 9 Master of Pwn points.

SUCCESS/COLLISION - Corentin BAYET (@OnlyTheDuck) from @Reverse_Tactics used two bugs to exploit ESXi, but the Use of Uninitialized Variable bug collided with a prior entry. His integer overflow was unique though, so he still earns $112,500 and 11.5 Master of Pwn points.

SUCCESS - Thomas Bouzerar (@MajorTomSec) and Etienne Helluy-Lafont from Synacktiv (@Synacktiv) used a heap-based buffer overflow to exploit VMware Workstation. They earn $80,000 and 8 Master of Pwn points.

SUCCESS - In the final attempt of Pwn2Own Berlin 2025, Miloš Ivanović (infosec.exchange/@ynwarcs) used a race condition bug to escalate privileges to SYSTEM on Windows 11. His fourth-round win nets him $15,000 and 3 Master of Pwn points.

FrigidStealer, a sophisticated information-stealing malware that emerged in January 2025, is actively targeting macOS endpoints to steal sensitive user data through deceptive tactics. Unlike traditional malware, FrigidStealer exploits user trust in routine software updates, making it particularly insidious. The malware has raised significant concerns among cybersecurity experts due to its ability to bypass standard security […]

The post New FrigidStealer Malware Attacking macOS Users to Steal Login Credentials appeared first on Cyber Security News.

A vulnerability was found in Ajax Search Lite Plugin up to 4.12.3 on WordPress. It has been classified as problematic. This affects an unknown part of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-10568. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Ivanti Endpoint Manager up to 2022 SU6/2024. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to uncontrolled search path. This vulnerability is known as CVE-2025-22458. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Red Hat Enterprise Linux 6/7/8/9. Affected is the function SyncInitTrigger of the component X.org X11 Server/TigerVNC. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-26601. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability classified as problematic has been found in Restrict Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content Plugin up to 4.15.14 on WordPress. Affected is an unknown function of the component Drag/Drop Builder. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-10517. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content Plugin up to 4.15.14 on WordPress. Affected by this vulnerability is an unknown functionality of the component Membership Plan Setting Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-10518. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in JFinalOA 1.0.2. It has been classified as problematic. Affected is an unknown function of the file getBusinessUploadListPage?busid. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-57774. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in JFinalOA 1.0.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file common/getEditPage?view. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-57771. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.