VulnHub

Articles tagged "Zero-day"

Found 3 articles

CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability

The Hacker News

Actively Exploited

CISA has identified a critical security vulnerability in Oracle Identity Manager, classified as CVE-2025-61757, which is actively being exploited. This vulnerability involves missing authentication for a critical function, posing significant security risks.

Impact: Oracle Identity Manager

Remediation: N/A

CVE Zero-day Vulnerability Critical

1 week ago

Read Original

Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day

SecurityWeek

Actively Exploited

A critical unauthenticated remote code execution vulnerability, identified as CVE-2025-61757, has been discovered in Oracle Identity Manager. This flaw poses significant risks as it may be exploited as a zero-day, allowing attackers to execute arbitrary code without authentication.

Impact: Oracle Identity Manager

Remediation: Implement security patches provided by Oracle for Oracle Identity Manager, monitor for updates from Oracle regarding this vulnerability, and apply best practices for securing identity management systems, such as limiting access and regularly auditing system logs.

CVE Zero-day Vulnerability Critical

1 week ago

Read Original

Fortinet Woes Continue With Another WAF Zero-Day Flaw

darkreading

Actively Exploited

Fortinet is facing significant challenges as a second zero-day vulnerability in its web application firewall (WAF) has been discovered and is under attack. This situation raises concerns about the vendor's disclosure practices and the overall security of their products.

Impact: Fortinet web application firewall (WAF) line

Remediation: N/A

Zero-day Fortinet Vulnerability

1 week ago

Read Original