Vulnerability Details
The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat. Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day.
Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.
Monday 19 May 2025
Mozilla

0-Day
Mozilla has published Critical updates Firefox and Firefox ESR to fix vulnerabilities identified in a Pwn2Own competition.
More info.
Weidmueller

Patch
Weidmueller product ResMa is affected by a vulnerability in Progress Telerik UI for AJAX that could result in a DoS. CVSSv3 score of 7.5
More info.
NetApp

New
NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 7.8
No patches yet.
More info.
IBM

Patch
IBM has published Critical bulletins for Event Streams, Storage Defender Copy Data Management, Astronomer with IBM, and watsonx.
More info.
Dell

Patch
Dell has published Critical bulletins for RecoverPoint for Virtual Machines, and PowerFlex Appliance.
More info.
Xerox

Patch
Xerox has published a security bulletin for FreeFlow Print Server.
More info.
Linux

Patch
Friday 16 May 2025
Microsoft

Patch
Microsoft has updated Edge with the latest chromium fixes.
More info.
Rockwell
Automation

Patch
A vulnerability has been identified in the third-party Apache log4net software, impacting the FactoryTalk Historian-ThingWorx Connector. CVSSv4 score of 9.3
Note this is a 7 year old vulnerability.
More info.
Wiesemann
& Theis

Patch
Multiple W&T devices are shipped with a jQuery version with a known XSS vulnerability. CVSSv3 score of 6.1
More info.
Mozilla

Patch
Mozilla has published 2 bulletins for Thunderbird, both rated High.
More info.
BD

Patch
BD has publisnhed Critical bulletins for Totalys, Phoenix M50, and BACTEC FX40.
More info.
Samsung

Patch
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server (for Samsung TVs) allows remote attackers to write arbitrary file as system authority. CVSSv3 score of 9.8
More info.
Linux

Patch
Thursday 15 May 2025
Palo Alto
Networks

Patch
Palo Alto Monthly Patches includes 11 bulletins. Highest CVSSv4 score of 8.2
More info.
Pgpool-II

Patch
An authentication bypass vulnerability exists in the client authentication mechanism of Pgpool-II. CVSSv4 score of 9.3
More info.

Exploit
Hitachi

Patch
Hitachi has published 7 new bulletins for JP1/IT Desktop Management, Infrastructure Analytics Advisor, Ops Center Analyzer, Ops Center Common Services, Ops Center Viewpoint, and Cosminexus
More info.
Progress

Patch
Sonicwall

Patch
Linux

Patch
Red Hat has updated the kernel and kernel-rt. More info.
Wednesday 14 May 2025
Microsoft

Patch
Adobe

Patch
Adobe has published Monthly Patches with updates for Lightroom, Dreamweaver, Connect, InDesign, Substance 3D Painter, Photoshop, Animate, Illustrator, Bridge, Dimension, Substance 3D Stager, Substance 3D Modeler, and ColdFusion. Highest CVSSv3 score of 9.1
More info.
Fortinet

Patch
Fortinet Monthly Patches include 9 new bulletins for FortiOS, FortiProxy, FortiSwitchManager, FortiClient, FortiVoiceUC, FortiClientWindows, FortiPortal, FortiManager, FortiClientEMS, FortiVoice, FortiMail, FortiNDR, PortiRecorder, and FortiCamera. Some are being exploited in the wild. Highest CVSSv3 score of 9.6
More info.
Ivanti

Patch
Juniper
Networks

Patch
Multiple vulnerabilities have been resolved in Juniper Secure Analytics. Highest CVSSv4 score of 10.
More info.
Dell

Patch
Dell has published a Critical bulletin for PowerFlex Appliance.
More info.
Tuesday 13 May 2025
SAP

Patch
SAP Monthly Patches include 16 new security notes and 2 updated notes. Of the new security notes, highest CVSSv3 score of 9.1
More info.
Siemens

Patch
Siemens Monthly Patches include 18 new bulletins and 15 updated bulletins. Of the new bulletins, highest CVSSv3 score of 10
More info.
Schneider
Electric

Patch
Monthly Patches for Schneider Electric include 4 new bulletins and 3 updated bulletins. Of the new bulletins, highest CVSSv3 score of 10
More info.
Apple

Patch
Apple has published security bulletins for iOS, iPadOS, macOS, watchOS, tvOS, visionOS, and Safari.
More info.
Phoenix
Contact

Patch
Linksys

Patch
A remote attacker can execute arbitrary system commands on TOTOLink A950RG routers.
More info.
Linux

Patch
Amazon Linux 1 and 2 have updated the kernel. More info.
Monday 12 May 2025
BD

Patch
BD has published Critical updates for Pyxis, Data Agent, and CCE.
More info.
IBM

Patch
IBM has published Critical bulletins for Business Automation Workflow, App Connect Enterprise, Planning Analytics, Operational Decision Manager, watsonx, and Cloud Pak for Data.
More info.
Dell

Patch
Dell has published a Critical bulletin for PowerFlex Rack.
More info.
Xerox

Patch
Xerox has published a Critical bulletin for FreeFlow Print Server.
More info.
NetApp

Patch
NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 10
Three have patches.
More info.
Linux

Patch
PRODUCT

GUARDED
This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.
PRODUCT

INCREASED
This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.
PRODUCT

HIGH
This alert state indicates a more serious vulnerability which is exploitable.
PRODUCT

CRITICAL
This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.

NEW
NEW
This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.

+24hrs
+24hrs
This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.

Patch
PATCH
This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported. It could be paired with Increased or High, and on rare occasions Critical.

Exploit
EXPLOIT
This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported. It could be paired with High or Critical.

ZERO
ZERO DAY
This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known. It could be paired with High or Critical.