風險: 中度風險
類型: 用戶端 - 瀏覽器
於 Microsoft Edge 發現一個漏洞。遠端攻擊者可利用此漏洞,於目標系統觸發遠端執行任意程式碼。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝軟件供應商提供的修補程式:
RISK: Medium Risk
TYPE: Clients - Browsers
A vulnerability was identified in Microsoft Edge. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 保安軟件及應用設備 - 保安軟件及應用設備
於思科產品發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、洩露敏感資料及遠端執行任意程式碼。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
Multiple vulnerabilities were identified in Cisco products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure and remote code execution on the targeted system.
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 伺服器 - 其他伺服器
於 GitLab 發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發仿冒、洩露敏感資料及阻斷服務狀況。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger spoofing, sensitive information disclosure and denial of service condition on the targeted system.
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 用戶端 - 瀏覽器
於 Google Chrome 發現一個漏洞。遠端攻擊者可利用此漏洞,於目標系統觸發遠端執行任意程式碼。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝軟件供應商提供的修補程式:
RISK: Medium Risk
TYPE: Clients - Browsers
A vulnerability was identified in Google Chrome. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 高度風險
類型: 操作系統 - Network
於 Citrix 產品發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、繞過保安限制及遠端執行任意程式碼。
注意:
CVE-2025-7775 正在被廣泛利用。這是一個記憶體溢出漏洞,可能導致未經驗證的遠端程式碼被執行於受影響的裝置上。
裝置必須處於以下其中一種配置時才會受影響:
因此,該漏洞的風險等級被評為高度風險。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
RISK: High Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in Citrix Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, security restriction bypass and remote code execution on the targeted system.
Note:
CVE-2025-7775 is being exploited in the wild. It is a memory overflow bug that can lead to unauthenticated, remote code execution on vulnerable devices.
Devices must be configured in one of the following configurations to be vulnerable:
Hence, the risk level is rated as High Risk.
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 高度風險
類型: 操作系統 - Network
於 Docker Desktop 發現一個漏洞。遠端攻擊者可利用此漏洞,於目標系統觸發繞過保安限制。
注意:
CVE-2025-9074 的概念驗證碼已被公開。該漏洞可能允許未經授權存取主機系統上的使用者檔案。因此,該漏洞的風險等級被評為高度風險。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
RISK: High Risk
TYPE: Operating Systems - Networks OS
A vulnerability has been identified in Docker Desktop. A remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system.
Note:
Proof of Concept exploit code is publicly available for CVE-2025-9074. The vulnerability may allow unauthorized access to user files on the host system. Hence, the risk level is rated as High Risk.
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 用戶端 - 瀏覽器
於 Microsoft Edge 發現一個漏洞。遠端攻擊者可利用此漏洞,於目標系統觸發遠端執行任意程式碼。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝軟件供應商提供的修補程式:
RISK: Medium Risk
TYPE: Clients - Browsers
A vulnerability was identified in Microsoft Edge. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 高度風險
類型: 操作系統 - 流動裝置及操作系統
於蘋果產品發現一個漏洞,遠端攻擊者可利用這個漏洞,於目標系統觸發遠端執行任意程式碼及阻斷服務狀況。
注意:
CVE-2025-43300 可能已在針對特定目標個體的極度複雜攻擊中被利用。此漏洞是由 Apple 安全研究人員在 Image I/O framework中發現的越界寫入弱點所導致,該漏洞使應用程式能夠讀取和寫入大多數映像檔格式。因此風險等級被評為高度風險。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
RISK: High Risk
TYPE: Operating Systems - Mobile & Apps
A vulnerability has been identified in Apple Products. A remote attacker could exploit this vulnerability to trigger remote code execution and denial of service condition on the targeted system.
Note:
CVE-2025-43300 may have been exploited in an extremely sophisticated attack against specific targeted individuals. This vulnerability is caused by an out-of-bounds write weakness discovered by Apple security researchers in the Image I/O framework, which enables applications to read and write most image file formats. Hence the risk level is rated to High Risk.
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 用戶端 - 瀏覽器
於 ChromeOS 發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發繞過保安限制、遠端執行任意程式碼及跨網站指令碼。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式,詳情請參閱以下連結:
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass, remote code execution and cross-site scripting on the targeted system.
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor. For detail, please refer to the link below:
風險: 中度風險
類型: 用戶端 - 瀏覽器
於 Google Chrome 發現一個漏洞。遠端攻擊者可利用此漏洞,於目標系統觸發遠端執行任意程式碼。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝軟件供應商提供的修補程式:
RISK: Medium Risk
TYPE: Clients - Browsers
A vulnerability was identified in Google Chrome. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 用戶端 - 瀏覽器
於 Mozilla 產品發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、遠端執行任意程式碼、仿冒、跨網站指令碼及繞過保安限制。
以下版本之前的版本﹕
在安裝軟體之前,請先瀏覽供應商之官方網站,以獲得更多詳細資料。
更新至版本:
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Mozilla Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, spoofing, cross-site scripting and security restriction bypass on the targeted system.
Versions prior to:
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 保安軟件及應用設備 - 保安軟件及應用設備
於思科產品發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、權限提升及繞過保安限制。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
Multiple vulnerabilities were identified in Cisco products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege and security restriction bypass on the targeted system.
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 操作系統 - Network
於 Fortinet FortiWeb 發現一個漏洞。遠端攻擊者可利用此漏洞,於目標系統觸發繞過保安限制。
注意:
CVE-2025-52970 的概念驗證碼已被公開。該漏洞可能允許未經身份驗證的遠端攻擊者利用非公開資訊(涉及裝置和目標使用者)透過特製的請求以裝置上的任何現有使用者身分登入。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
A vulnerability has been identified in Fortinet FortiWeb. A remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system.
Note:
Proof of Concept exploit code Is publicly available for CVE-2025-52970. The vulnerability may allow an unauthenticated remote attacker in possession of non-public information (pertaining to both the device and to the targeted user) to log in as any existing user on the device via a specially crafted request.
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 用戶端 - 瀏覽器
於 Microsoft Edge 發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發資料篡改、阻斷服務狀況及遠端執行任意程式碼。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝軟件供應商提供的修補程式:
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger data manipulation, denial of service condition and remote code execution on the targeted system.
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 伺服器 - 其他伺服器
於 GitLab 發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發跨網站指令碼、篡改、洩露敏感資料、阻斷服務狀況及繞過保安限制。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
