News – Page 3 – UZCERT Team

Computer Emergency
Response Team

News

Google Releases Open-Source Version of OSV-Scanner, Elevating Vulnerability Detection to a New Level

On March 17, 2025, Google officially introduced OSV-Scanner V2.0.0. This updated tool significantly enhances the ability of security professionals to identify and remediate vulnerabilities in software. Initially launched in December 2022, OSV-Scanner has secured its place among open-source security tools.…

News

Hackers Can Completely Take Over Servers Using an Apache Tomcat Vulnerability!

A remote code execution (RCE) vulnerability in Apache Tomcat, identified as CVE-2025-24813, is actively being exploited by cybercriminals. This vulnerability allows attackers to gain full control over the server. According to security experts, exploitation of this vulnerability is rapidly increasing.…

News

Vulnerabilities in Adobe Acrobat Reader Put User Data at Risk

Adobe Acrobat Reader, an essential tool for document exchange and official paperwork, has been found to contain three critical vulnerabilities. These flaws could allow attackers to execute arbitrary code or disclose sensitive information. The vulnerabilities were discovered by Cisco Talos…

News

Critical Vulnerability in TP-Link TL-WR845N Routers: Hackers Can Gain Root Access

🔍 Researchers have discovered a serious security vulnerability in TP-Link TL-WR845N routers. This flaw allows attackers to gain full control over the router, monitor network traffic, and install malicious software. Vulnerability Details This vulnerability is identified as CVE-2024-57040 and has…

News

Cisco IOS XR Vulnerability Poses a Threat to Network Security

Cisco has issued a warning about a critical vulnerability in its IOS XR software that, if exploited, could lead to a Denial-of-Service (DoS) attack. This vulnerability, identified as CVE-2025-20115, has been assigned a CVSS score of 8.6, indicating a high…

News

Cybercriminals Exploit Fortinet Vulnerabilities to Launch SuperBlack Ransomware Attacks

Between late January and early March 2025, cybersecurity researchers from Forescout’s Vedere Labs identified a series of sophisticated attacks conducted by a threat actor tracked as Mora_001. These attacks targeted Fortinet systems, exploiting vulnerabilities to deploy a specially crafted SuperBlack…

News

New Security Vulnerabilities in GitLab Allow Authentication Bypass and Remote Code Execution

GitLab has alerted its users to critical security vulnerabilities and urged them to update their systems immediately. According to the latest security update, attackers could exploit these vulnerabilities to access the system as legitimate users or execute arbitrary code within…

News

Multiple Vulnerabilities Discovered in Zoom, Putting Confidential Data at Risk!

Recent security reports have identified multiple high-risk vulnerabilities in the Zoom application. These vulnerabilities could endanger millions of users, leading to data leaks, privilege escalation attacks, and unauthorized access. On March 11, 2025, Zoom released a security bulletin detailing vulnerabilities…

News

Cisco IOS XR Vulnerability Allows Attackers to Execute Commands with Root Privileges

Cisco has recently identified a critical privilege escalation vulnerability (CVE-2025-20138) in its IOS XR software. This vulnerability allows an attacker to execute commands with root privileges on affected systems. The vulnerability has been assigned a CVSS 3.1 score of 8.8…

News

Microsoft Releases March 2025 Patch Tuesday Security Update: 57 Vulnerabilities Fixed, 6 Zero-Day Exploits Actively Used

As part of its March 2025 Patch Tuesday update, Microsoft has patched a total of 57 security vulnerabilities. Most notably, six of these are zero-day vulnerabilities, which are actively being exploited by cybercriminals. These updates affect the Windows operating system,…