Whalers Blog

CVE ID : CVE-2025-20282 Published : June 25, 2025, 5:15 p.m. | 16 hours, 25 minutes ago Description : A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root.…

IBM i Vulnerability Allows Let Attackers Escalate Privileges A critical security vulnerability affecting multiple versions of IBM i that could allow attackers to escalate privileges through an unqualified library call in IBM Facsimile Support for i. The vulnera … Read more Published Date: Jun 26, 2025 (1 hour, 36 minutes ago) Vulnerabilities has been mentioned in this…

CISA Warns of Vulnerabilities in ControlID iDSecure Software Allowing Authentication Bypass CISA has issued a high-priority security advisory warning organizations about critical vulnerabilities in ControlID’s iDSecure On-premises vehicle control software. Released on June 24, 2025, the advi … Read more Published Date: Jun 26, 2025 (1 hour, 42 minutes ago) Vulnerabilities has been mentioned in this article.…

Surge in Attacks Targeting MOVEit Transfer Systems – 100+ Unique IPs Used by Attackers Researchers observed a significant increase in malicious scanning activity targeting MOVEit Transfer systems observed with over 682 unique IP addresses participating in coordinated reconnaissance and … Read more Published Date: Jun 26, 2025 (1 hour, 53 minutes ago) Vulnerabilities has been mentioned in…

CISA: AMI MegaRAC bug enabling server hijacks exploited in attacks CISA has confirmed that a maximum severity vulnerability in AMI’s MegaRAC Baseboard Management Controller (BMC) software is now actively exploited in attacks. The MegaRAC BMC firmware provides remote … Read more Published Date: Jun 26, 2025 (2 hours, 33 minutes ago) Vulnerabilities has been mentioned in this…

Cisco ISE-servers via kritieke kwetsbaarheden volledig over te nemen Cisco waarschuwt voor twee kritieke kwetsbaarheden in de Identity Services Engine (ISE) waardoor aanvallers volledige controle kunnen krijgen over de server waarop de oplossing draait. De impact van b … Read more Published Date: Jun 26, 2025 (2 hours, 36 minutes ago) Vulnerabilities has been mentioned in this…

Citrix waarschuwt voor misbruik van kritiek lek in NetScaler ADC en Gateway Citrix waarschuwt organisaties voor actief misbruik van een kritieke kwetsbaarheid in NetScaler ADC en NetScaler Gateway. Het gaat om een buffer overflow die volgens Citrix tot “unintended control flo … Read more Published Date: Jun 26, 2025 (3 hours, 44 minutes ago) Vulnerabilities has been…

CISA Warns of FortiOS Hard-Coded Credentials Vulnerability Exploited in Attacks CISA has issued a critical warning regarding a Fortinet FortiOS vulnerability that poses significant risks to network security infrastructure. On June 25, 2025, CISA added CVE-2019-6693 to its Known E … Read more Published Date: Jun 26, 2025 (3 hours, 53 minutes ago) Vulnerabilities has been mentioned…