-
The Cybersecurity Council Of The Philippines Is Launched
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 18, 2025 – Read the full story in BusinessWorld The Philippines is ranked among the top 10 countries in terms of users attacked by malware, phishing attempts, and ransomware. Major Philippine institutions — from government agencies to hospitals and universities — have…
-
How to Prepare for the NIS2 Directive
The Network and Information Security Directive (NIS2), effective October 17, 2024, requires Member States to adopt and publish the national measures necessary to ensure compliance with the directive. Industrial organizations will have 21 months to bring their operations into full compliance. Go to Source
-
CVE-2025-52934 – Apache HTTP Server Missing Configuration
CVE ID : CVE-2025-52934 Published : June 26, 2025, 8:15 a.m. | 1 hour, 42 minutes ago Description : Rejected reason: Not a vulnerability. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more… Go to Source
-
CVE-2025-5459 – Puppet Enterprise Root Command Execution Vulnerability
CVE ID : CVE-2025-5459 Published : June 26, 2025, 7:15 a.m. | 2 hours, 42 minutes ago Description : A user with specific node group editing permissions and a specially crafted class parameter could be used to execute commands as root on the primary host. It affects Puppet Enterprise versions 2018.1.8 through 2023.8.3 and 2025.3 and has…
-
CVE-2025-5846 – GitLab EE GraphQL Framework Assignment Vulnerability
CVE ID : CVE-2025-5846 Published : June 26, 2025, 6:15 a.m. | 3 hours, 42 minutes ago Description : An issue has been discovered in GitLab EE affecting all versions from 16.10 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to assign unrelated compliance frameworks to projects by sending crafted…
-
CVE-2025-5315 – GitLab Guest Role Bypass API Vulnerability (Authentication Bypass)
CVE ID : CVE-2025-5315 Published : June 26, 2025, 6:15 a.m. | 3 hours, 42 minutes ago Description : An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident…
-
CVE-2025-48497 – Iroha Board CSRF
CVE ID : CVE-2025-48497 Published : June 26, 2025, 6:15 a.m. | 3 hours, 42 minutes ago Description : Cross-site request forgery vulnerability exists in iroha Board versions v0.10.12 and earlier. If a user accesses a specially crafted URL while being logged in to the affected product, arbitrary learning histories may be registered. Severity: 4.3 | MEDIUM…
-
CVE-2025-41404 – Iroha Board Information Disclosure
CVE ID : CVE-2025-41404 Published : June 26, 2025, 6:15 a.m. | 3 hours, 42 minutes ago Description : Direct request (‘Forced Browsing’) issue exists in iroha Board versions v0.10.12 and earlier. If this vulnerability is exploited, non-public contents may be viewed by an attacker who can log in to the affected product. Severity: 4.3 | MEDIUM…
-
CVE-2025-3279 – GitLab GraphQL Denial of Service Vulnerability
CVE ID : CVE-2025-3279 Published : June 26, 2025, 6:15 a.m. | 3 hours, 42 minutes ago Description : An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated attackers to create a DoS condition by sending crafted GraphQL requests.…
-
CVE-2025-37101 – HPE OneView for VMware vCenter Vertical Privilege Escalation
CVE ID : CVE-2025-37101 Published : June 26, 2025, 6:15 a.m. | 3 hours, 25 minutes ago Description : A potential security vulnerability has been identified in HPE OneView for VMware vCenter (OV4VC). This vulnerability could be exploited allowing an attacker with read only privilege to cause Vertical Privilege Escalation (operator can perform admin actions). Severity: 8.7…