Bedrohungswarnzentrum
Seien Sie der Erste, der von den neusten Cyber-Bedrohungen erfährt. Unsere Warnmeldungen informieren Sie rechtzeitig über aktuelle Sicherheitsprobleme, Schwachstellen und Missbräuche.
A Likely Zero-Day Vulnerability in SonicWall SSL-VPN Exploited by Akira Ransomware Group
Update SonicWall has clarified that the recent cyber activity affecting Gen 7 firewalls with SSL-...
Read More
Microsoft SharePoint On-Premise Vulnerability (CVE-2025-53770) Under Active Exploitation
Summary A critical zero-day vulnerability (now assigned CVE-2025-53770) has been identified in Mi...
Read More
Adversary Infrastructure and Indicators Behind the SAP NetWeaver 0-Day Exploitation
On the 27th of March 2025, we’ve seen a previously unknown vulnerability (now tagged as CVE-2025-...
Read More
Unauthorized Data Exposure via Range Queries in ServiceNow ACLs – CVE-2025-3648
Summary A vulnerability has been identified in the ServiceNow Platform that may allow unauthentic...
Read More
XML External Entity (XXE) Processing Vulnerability in GeoServer WFS Service (CVE-2025-30220)
Summary A high-severity vulnerability has been identified in GeoServer’s Web Feature Servic...
Read More
Critical RCE Vulnerabilities in Sitecore XP and PowerShell Extensions (CVE-2025-34509; CVE-2025-34510; CVE-2025-34511)
Summary WatchTowr researchers have identified a chain of critical vulnerabilities in Sitecore Exp...
Read More
Critical Exposure of Azure AD Data via Unauthenticated Microsoft GraphAPI Token
Summary CloudSEK’s BeVigil platform has recently uncovered a critical security flaw affecting a m...
Read More
Ivanti EPMM Bugs Combine for Unauthenticated RCE in the Wild
Summary On March 13, Ivanti disclosed two vulnerabilities which a ect their on-premise Endpoint M...
Read More
SonicWall SMA 100 Series – Critical Post-Authentication Vulnerabilities (CVE-2025-32819, CVE-2025-32820, CVE-2025-32821)
Summary On May 7, 2025, SonicWall and Rapid7 disclosed three vulnerabilities affecting SonicWall ...
Read More
Critical Vulnerability in SAP NetWeaver Visual Composer (CVE-2025-31324)
Summary ReliaQuest has identified and investigated active exploitation of a critical vulnerabilit...
Read More
Gladinet CentreStack and Gladinet Triofox – Critical RCE (CVE-2025-30406)
Summary A critical security vulnerability, CVE-2025-30406, has been identified in Gladinet Centre...
Read More
Apache Roller – Critical session management vulnerability (CVE-2025-24859)
Summary A critical session management vulnerability, CVE-2025-24859, affects Apache Roller—a Java...
Read More
Fortinet FortiSwitch – Unverified Password Change Vulnerability (CVE-2024-48887)
Summary On April 8, 2025, Fortinet disclosed a critical vulnerability affecting multiple versions...
Read More
Apache Parquet – Critical RCE via Deserialization (CVE-2025-30065)
Summary On April 5, 2025, a critical deserialization vulnerability (CVE-2025-30065) affecting Apa...
Read More
CVE-2025-22457: Critical Ivanti Connect Secure Vulnerability
Summary On April 3, 2025, Ivanti disclosed CVE-2025-22457 that impacts Ivanti Connect Secure VPN ...
Read More