{"vulnerability": "CVE-2025-2336", "sightings": [{"uuid": "1dede967-273f-4725-96b3-a8dabaf2ec0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23366", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpupcghxo2t", "content": "", "creation_timestamp": "2025-01-14T18:24:06.168772Z"}, {"uuid": "21f1644c-3c4e-4b32-b087-13727dfe3785", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113867846617529704", "content": "", "creation_timestamp": "2025-01-21T18:50:53.040654Z"}, {"uuid": "4809ac3a-c21c-452e-9875-4dd8869bf0e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbku35vdj2j", "content": "", "creation_timestamp": "2025-01-21T19:15:44.162200Z"}, {"uuid": "b12d32b6-2083-42cd-823a-1239bcd70133", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgbpth33ln2e", "content": "", "creation_timestamp": "2025-01-21T20:44:56.388244Z"}, {"uuid": "503331a4-2c23-4c33-9e28-bfa9c8ad0c40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23367", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgxrnyemmy2e", "content": "", "creation_timestamp": "2025-01-30T15:16:10.348374Z"}, {"uuid": "690da727-971e-46c1-82a3-97f980aabfb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23362", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgtvm4tssa2i", "content": "", "creation_timestamp": "2025-01-29T02:16:04.072727Z"}, {"uuid": "79303c76-613e-4574-ba84-e81abbfd342f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23362", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113909242316628921", "content": "", "creation_timestamp": "2025-01-29T02:18:21.280635Z"}, {"uuid": "40dafc07-a555-4248-87b8-6afbed1a8151", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23362", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgtyvknz422r", "content": "", "creation_timestamp": "2025-01-29T03:15:09.050058Z"}, {"uuid": "5f724223-ffec-4f85-b4bd-cd501d51583f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23362", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lgsnojjajc2f", "content": "", "creation_timestamp": "2025-01-28T14:21:36.006219Z"}, {"uuid": "3f689f0c-224f-44c5-bc72-3ccc7d294a31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23363", "type": "seen", "source": "https://bsky.app/profile/pvynckier.bsky.social/post/3ljfb5aelxc2s", "content": "", "creation_timestamp": "2025-03-02T10:48:11.415833Z"}, {"uuid": "e3815759-cdba-4cc9-a00b-6bb5a3c9b16d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23363", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3lj5mucsqus2a", "content": "", "creation_timestamp": "2025-02-27T09:56:39.919519Z"}, {"uuid": "39425147-3580-4cb4-af6c-ef339483e534", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23363", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113984882074735533", "content": "", "creation_timestamp": "2025-02-11T10:54:32.506345Z"}, {"uuid": "c7483780-86b1-43ec-9592-38eefce786e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23363", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhvjtq4cxr2o", "content": "", "creation_timestamp": "2025-02-11T11:16:05.270153Z"}, {"uuid": "bac623f1-a521-4055-a8c4-a7d9756ed555", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23363", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhvu4pp7ss2h", "content": "", "creation_timestamp": "2025-02-11T14:20:07.912191Z"}, {"uuid": "6b020d72-af42-49cc-88b3-ddea43885c83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lhvwnb5ely2k", "content": "", "creation_timestamp": "2025-02-11T15:05:07.683861Z"}, {"uuid": "22071f2f-a846-4aca-80e0-7b0fe6033eaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lhunple6cs24", "content": "", "creation_timestamp": "2025-02-11T02:52:45.617071Z"}, {"uuid": "bc2c2770-0793-44db-b07d-738175c8d426", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "seen", "source": "https://bsky.app/profile/binitamshah.bsky.social/post/3li5s6cpavk2g", "content": "", "creation_timestamp": "2025-02-14T18:06:31.093332Z"}, {"uuid": "23d7895d-2062-440d-8a2e-ce65645aafab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/113991905046709996", "content": "", "creation_timestamp": "2025-02-12T16:40:35.635269Z"}, {"uuid": "e5f33893-20af-464c-80ba-03b7422af0d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "seen", "source": "https://bsky.app/profile/darkwebinformer.bsky.social/post/3lhymhoujtc27", "content": "", "creation_timestamp": "2025-02-12T16:41:02.747396Z"}, {"uuid": "1d4e5b9d-7e68-4a98-82d1-1ae48f372d5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23363", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-07", "content": "", "creation_timestamp": "2025-02-13T11:00:00.000000Z"}, {"uuid": "1e731fd6-25d5-44ab-8350-7447eebd123b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3li7rpzuaks2d", "content": "", "creation_timestamp": "2025-02-15T13:03:50.023527Z"}, {"uuid": "5cef7278-d972-4447-a9d6-a6bc8ef2988b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23364", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-191-03", "content": "", "creation_timestamp": "2025-07-10T10:00:00.000000Z"}, {"uuid": "4a6de8a1-0855-4a73-b386-ba447bc2bc1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23363", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ljg2ghyhwy2e", "content": "", "creation_timestamp": "2025-03-02T18:20:42.122628Z"}, {"uuid": "c8bd9472-9ae2-4a37-97cf-ff35ae3422c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23363", "type": "seen", "source": "MISP/1e8d1b5a-3537-4a30-907d-acb1720bbd18", "content": "", "creation_timestamp": "2025-08-19T18:29:28.000000Z"}, {"uuid": "ab97612f-624c-43cc-9c81-c88ce97b444f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23365", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-191-03", "content": "", "creation_timestamp": "2025-07-10T10:00:00.000000Z"}, {"uuid": "aa3187a7-f309-4816-a878-3776729bb223", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-09-10T07:00:37.000000Z"}, {"uuid": "06170739-c85a-441a-956d-63724330f2e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-08-09T17:25:37.000000Z"}, {"uuid": "728ca6c0-4469-4fb4-9962-d89f7ae32abc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23368", "type": "seen", "source": "MISP/fc16b923-3a13-4e9d-9aac-10a57cac12c7", "content": "", "creation_timestamp": "2025-08-18T18:31:00.000000Z"}, {"uuid": "a67839dd-a2c2-4de7-914f-f4a8840a7662", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "published-proof-of-concept", "source": "https://t.me/cKure/14322", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 GitHub Entreprise Server SAML authentication bypass (CVE-2025-23369) exploit.\n\nhttps://repzret.blogspot.com/2025/02/abusing-libxml2-quirks-to-bypass-saml.html\n\nhttps://github.com/hakivvi/CVE-2025-23369", "creation_timestamp": "2025-02-17T17:14:28.000000Z"}, {"uuid": "ba89369c-b289-48ef-b652-a792bfe88553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2336", "type": "seen", "source": "https://gist.github.com/konard/4ec7b610dd306e207cf0feb93587dfed", "content": "", "creation_timestamp": "2025-12-30T15:44:52.000000Z"}, {"uuid": "54e32108-c322-4359-9e2d-3343297b33de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2336", "type": "seen", "source": "https://gist.github.com/Darkcrai86/564815f485c70b429e11f0fe5033b511", "content": "", "creation_timestamp": "2026-01-14T18:54:12.000000Z"}, {"uuid": "4249c4e1-b3ae-4c76-8910-aebcfe5ecb70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23368", "type": "seen", "source": "https://gist.github.com/alon710/9dc5609c2467466d499eccd651154555", "content": "", "creation_timestamp": "2026-02-14T14:40:28.000000Z"}, {"uuid": "018c07a0-2414-4905-8d78-c846ec53b306", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23368", "type": "seen", "source": "https://t.me/cvedetector/19516", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23368 - Wildfly Elytron Authentication Brute Force Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23368 \nPublished : March 4, 2025, 4:15 p.m. | 28\u00a0minutes ago \nDescription : A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-04T18:21:15.000000Z"}, {"uuid": "0b0beb93-d259-4431-9f8b-177e57eac868", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/12884", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aGitHub Entreprise Server SAML authentication bypass (CVE-2025-23369) exploit\nURL\uff1ahttps://github.com/hakivvi/CVE-2025-23369\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-02-08T18:40:45.000000Z"}, {"uuid": "2b6738a8-edbc-494e-affe-4b0d566703e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23367", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3499", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23367\n\ud83d\udd25 CVSS Score: 6.4 (CVSS_V3)\n\ud83d\udd39 Description: A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor role is supposed to have only read access permissions and should not be able to suspend the server. \nThe vulnerability is caused by the Suspend and Resume handlers not performing authorization checks to validate whether the current user has the required permissions to proceed with the action.\n\ud83d\udccf Published: 2025-01-30T15:31:39Z\n\ud83d\udccf Modified: 2025-01-30T17:56:01Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2025-23367\n2. https://access.redhat.com/security/cve/CVE-2025-23367\n3. https://bugzilla.redhat.com/show_bug.cgi?id=2337620", "creation_timestamp": "2025-01-30T18:12:24.000000Z"}, {"uuid": "e39fba2b-0edf-41be-bd06-7609e9a0fe6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23363", "type": "seen", "source": "https://t.me/cvedetector/17691", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23363 - \"Teamcenter Open-Redirect Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-23363 \nPublished : Feb. 11, 2025, 11:15 a.m. | 52\u00a0minutes ago \nDescription : A vulnerability has been identified in Teamcenter (All versions &lt; V14.3.0.0). The SSO login service of affected applications accepts user-controlled input that could specify a link to an external site. This could allow an attacker to redirect the legitimate user to an attacker-chosen URL to steal valid session data. For a successful exploit, the legitimate user must actively click on an attacker-crafted link. \nSeverity: 7.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-11T13:10:21.000000Z"}, {"uuid": "c492ab27-6073-47e2-ac5c-40f649ff331e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23366", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1550", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23366\n\ud83d\udd39 Description: A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups \u201cSuperUser\u201d, \u201cAdmin\u201d, or \u201cMaintainer\u201d.\n\ud83d\udccf Published: 2025-01-14T17:41:43.092Z\n\ud83d\udccf Modified: 2025-01-14T17:41:43.092Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2025-23366\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2337619", "creation_timestamp": "2025-01-14T18:09:28.000000Z"}, {"uuid": "cacf6f94-6383-46a1-8cdc-797e16804394", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2450", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23369\n\ud83d\udd39 Description: An improper verification of cryptographic signature vulnerability was identified in GitHub Enterprise Server that allowed signature spoofing for unauthorized internal users.  Instances not utilizing SAML single sign-on or where the attacker is not already an existing user were not impacted. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12.14, 3.13.10, 3.14.7, 3.15.2, and 3.16.0. This vulnerability was reported via the GitHub Bug Bounty program.\n\ud83d\udccf Published: 2025-01-21T18:46:30.711Z\n\ud83d\udccf Modified: 2025-01-21T18:46:30.711Z\n\ud83d\udd17 References:\n1. https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.14\n2. https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.10\n3. https://docs.github.com/en/enterprise-server@3.14/admin/release-notes#3.14.7\n4. https://docs.github.com/en/enterprise-server@3.15/admin/release-notes#3.15.2", "creation_timestamp": "2025-01-22T05:41:45.000000Z"}, {"uuid": "2808a6cd-ee9f-4b9a-a8dd-a394c26b5d27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23367", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3674", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23367\n\ud83d\udd25 CVSS Score: 6.4 (CVSS_V3)\n\ud83d\udd39 Description: A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor role is supposed to have only read access permissions and should not be able to suspend the server. The vulnerability is caused by the Suspend and Resume handlers not performing authorization checks to validate whether the current user has the required permissions to proceed with the action.\n\n### Impact\nStandalone server (Domain mode is not affected) with use access control enabled with RBAC provider can be suspended or resumed by unauthorized users. When a server is suspended, the server will stop receiving user requests. The resume handle does the opposite; it will cause a suspended server to start accepting user requests.\n\n### Patches\nFixed in [WildFly Core 27.0.1.Final](https://github.com/wildfly/wildfly-core/releases/tag/27.0.1.Final)\n\n### Workarounds\nNo workaround available\n\n### References\nSee also: https://issues.redhat.com/browse/WFCORE-7153\n\n### Acknowledgements\nThe WildFly project would like to thank Claudia Bartolini (TIM S.p.A), Marco Ventura (TIM S.p.A), and Massimiliano Brolli (TIM S.p.A) for reporting this issue. https://www.gruppotim.it/it/footer/red-team.html\n\n\ud83d\udccf Published: 2025-01-31T17:34:30Z\n\ud83d\udccf Modified: 2025-01-31T17:34:30Z\n\ud83d\udd17 References:\n1. https://github.com/wildfly/wildfly-core/security/advisories/GHSA-qr6x-62gq-4ccp\n2. https://nvd.nist.gov/vuln/detail/CVE-2025-23367\n3. https://access.redhat.com/security/cve/CVE-2025-23367\n4. https://bugzilla.redhat.com/show_bug.cgi?id=2337620\n5. https://github.com/wildfly/wildfly-core", "creation_timestamp": "2025-01-31T18:15:44.000000Z"}, {"uuid": "95ff2962-00e0-455f-a47e-23ff23690f33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23362", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3337", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23362\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-01-29T02:15:27.910\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://chromewebstore.google.com/detail/exif-viewer-classic/nafpfdcmppffipmhcpkbplhkoiekndck\n2. https://exifviewers.com/\n3. https://jvn.jp/en/jp/JVN05508012/", "creation_timestamp": "2025-01-29T03:17:19.000000Z"}, {"uuid": "e547cce9-65b0-41d5-b675-9f53491eee4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23362", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3348", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23362\n\ud83d\udd25 CVSS Score: 6.2 (CVSS_V3)\n\ud83d\udd39 Description: The old versions of EXIF Viewer Classic contain a cross-site scripting vulnerability caused by improper handling of EXIF meta data. When an image is rendered and crafted EXIF meta data is processed, an arbitrary script may be executed on the web browser. Versions 2.3.2 and 2.4.0 were reported as vulnerable. According to the vendor, the product has been refactored after those old versions and the version 3.0.1 is not vulnerable.\n\ud83d\udccf Published: 2025-01-29T03:31:50Z\n\ud83d\udccf Modified: 2025-01-29T03:31:50Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2025-23362\n2. https://chromewebstore.google.com/detail/exif-viewer-classic/nafpfdcmppffipmhcpkbplhkoiekndck\n3. https://exifviewers.com\n4. https://jvn.jp/en/jp/JVN05508012", "creation_timestamp": "2025-01-29T04:09:45.000000Z"}, {"uuid": "257caf92-6f91-4cda-8888-ba920cd1df43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23363", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5316", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23363\n\ud83d\udd25 CVSS Score: 7.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N)\n\ud83d\udd39 Description: A vulnerability has been identified in Teamcenter (All versions). The SSO login service of affected applications accepts user-controlled input that could specify a link to an external site. This could allow an attacker to redirect the legitimate user to an attacker-chosen URL to steal valid session data. For a successful exploit, the legitimate user must actively click on an attacker-crafted link.\n\ud83d\udccf Published: 2025-02-11T10:29:02.933Z\n\ud83d\udccf Modified: 2025-02-25T16:12:02.182Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-656895.html", "creation_timestamp": "2025-02-25T16:23:00.000000Z"}, {"uuid": "48804b51-f265-4f6d-b794-e57344da5f69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23367", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9892", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23367\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor role is supposed to have only read access permissions and should not be able to suspend the server. \nThe vulnerability is caused by the Suspend and Resume handlers not performing authorization checks to validate whether the current user has the required permissions to proceed with the action.\n\ud83d\udccf Published: 2025-01-30T14:30:04.227Z\n\ud83d\udccf Modified: 2025-04-01T13:15:24.222Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2025:3465\n2. https://access.redhat.com/errata/RHSA-2025:3467\n3. https://access.redhat.com/security/cve/CVE-2025-23367\n4. https://bugzilla.redhat.com/show_bug.cgi?id=2337620\n5. https://github.com/advisories/GHSA-qr6x-62gq-4ccp", "creation_timestamp": "2025-04-01T13:32:37.000000Z"}, {"uuid": "0b904a79-623d-47b4-b3ec-57d1f87d6b9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23366", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5441", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23366\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups \u201cSuperUser\u201d, \u201cAdmin\u201d, or \u201cMaintainer\u201d.\n\ud83d\udccf Published: 2025-01-14T17:41:43.092Z\n\ud83d\udccf Modified: 2025-02-26T02:56:52.340Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2025-23366\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2337619", "creation_timestamp": "2025-02-26T03:24:39.000000Z"}, {"uuid": "95fcdc72-9de0-40fc-8a3b-3444c0d19e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23367", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5440", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23367\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor role is supposed to have only read access permissions and should not be able to suspend the server. \nThe vulnerability is caused by the Suspend and Resume handlers not performing authorization checks to validate whether the current user has the required permissions to proceed with the action.\n\ud83d\udccf Published: 2025-01-30T14:30:04.227Z\n\ud83d\udccf Modified: 2025-02-26T02:57:08.314Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2025-23367\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2337620\n3. https://github.com/advisories/GHSA-qr6x-62gq-4ccp", "creation_timestamp": "2025-02-26T03:24:38.000000Z"}, {"uuid": "19d769c8-f4d3-4a6e-884b-88875d11ff7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23368", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6378", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23368\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI.\n\ud83d\udccf Published: 2025-03-04T15:14:47.806Z\n\ud83d\udccf Modified: 2025-03-04T15:14:47.806Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2025-23368\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2337621", "creation_timestamp": "2025-03-04T15:31:12.000000Z"}, {"uuid": "ba1b880d-aecc-4a5f-a58a-8b9c1e4dc83b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23360", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7242", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23360\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H)\n\ud83d\udd39 Description: NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal issue by arbitrary file write. A successful exploit of this vulnerability may lead to code execution and data tampering.\n\ud83d\udccf Published: 2025-03-11T19:44:39.244Z\n\ud83d\udccf Modified: 2025-03-11T20:01:56.499Z\n\ud83d\udd17 References:\n1. https://nvidia.custhelp.com/app/answers/detail/a_id/5623", "creation_timestamp": "2025-03-11T20:41:40.000000Z"}, {"uuid": "cd775ed9-44f5-459d-a3e1-e7a37d505b2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23368", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13731", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23368\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI.\n\ud83d\udccf Published: 2025-03-04T15:14:47.806Z\n\ud83d\udccf Modified: 2025-04-28T19:47:37.744Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2025-23368\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2337621", "creation_timestamp": "2025-04-28T20:11:19.000000Z"}, {"uuid": "73d9e36b-19f5-4b11-9af7-8cc9abe0bf83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23363", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17904", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23363\n\ud83d\udd25 CVSS Score: 7.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N)\n\ud83d\udd39 Description: A vulnerability has been identified in Teamcenter V14.1 (All versions), Teamcenter V14.2 (All versions), Teamcenter V14.3 (All versions &lt; V14.3.0.14), Teamcenter V2312 (All versions &lt; V2312.0010), Teamcenter V2406 (All versions &lt; V2406.0008), Teamcenter V2412 (All versions &lt; V2412.0004). The SSO login service of affected applications accepts user-controlled input that could specify a link to an external site. This could allow an attacker to redirect the legitimate user to an attacker-chosen URL to steal valid session data. For a successful exploit, the legitimate user must actively click on an attacker-crafted link.\n\ud83d\udccf Published: 2025-02-11T10:29:02.933Z\n\ud83d\udccf Modified: 2025-06-10T15:17:22.287Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-656895.html", "creation_timestamp": "2025-06-10T15:31:01.000000Z"}, {"uuid": "53fca7fd-bc69-49dc-b448-828ef19d98a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23364", "type": "seen", "source": "https://t.me/ics_cert/1240", "content": "Siemens TIA Administrator: \u0647\u0645\u0647 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0642\u0628\u0644 \u0627\u0632 V3.0.6\n\n\u062a\u0623\u06cc\u06cc\u062f \u0646\u0627\u062f\u0631\u0633\u062a \u0627\u0645\u0636\u0627\u06cc \u0631\u0645\u0632\u0646\u06af\u0627\u0631\u06cc CWE-347\n\u0628\u0631\u0646\u0627\u0645\u0647 \u0622\u0633\u06cc\u0628\u200c\u062f\u06cc\u062f\u0647 \u0628\u0647 \u0637\u0648\u0631 \u0646\u0627\u062f\u0631\u0633\u062a \u06af\u0648\u0627\u0647\u06cc\u200c\u0647\u0627\u06cc \u0627\u0645\u0636\u0627\u06cc \u06a9\u062f \u0631\u0627 \u062a\u0623\u06cc\u06cc\u062f \u0645\u06cc\u200c\u06a9\u0646\u062f. \u0627\u06cc\u0646 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0631\u0631\u0633\u06cc \u0631\u0627 \u062f\u0648\u0631 \u0628\u0632\u0646\u062f \u0648 \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u062f\u0631 \u062d\u06cc\u0646 \u0646\u0635\u0628 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f. \u0627\u0645\u062a\u06cc\u0627\u0632 CVSS \u0646\u0633\u062e\u0647 \u06f4 \u0646\u06cc\u0632 \u0628\u0631\u0627\u06cc CVE-2025-23364 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u0645\u062a\u06cc\u0627\u0632 \u067e\u0627\u06cc\u0647 \u06f6.\u06f9 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a\u061b \u0631\u0634\u062a\u0647 \u0628\u0631\u062f\u0627\u0631 CVSS \u0639\u0628\u0627\u0631\u062a \u0627\u0633\u062a \u0627\u0632 (CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N).\n\n\u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u0646\u0627\u062f\u0631\u0633\u062a CWE-284\n\u0628\u0631\u0646\u0627\u0645\u0647 \u0622\u0633\u06cc\u0628\u200c\u062f\u06cc\u062f\u0647 \u0628\u0647 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632 \u067e\u0627\u06cc\u06cc\u0646 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0628\u0627\u0632\u0646\u0648\u06cc\u0633\u06cc \u0641\u0627\u06cc\u0644\u200c\u0647\u0627\u06cc \u062d\u0627\u0641\u0638\u0647 \u067e\u0646\u0647\u0627\u0646 \u0648 \u062a\u063a\u06cc\u06cc\u0631 \u0645\u0633\u06cc\u0631 \u062f\u0627\u0646\u0644\u0648\u062f\u0647\u0627\u060c \u0646\u0635\u0628\u200c\u0647\u0627 \u0631\u0627 \u0622\u063a\u0627\u0632 \u06a9\u0646\u0646\u062f. \u0627\u06cc\u0646 \u0627\u0645\u0631 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632 \u0631\u0627 \u0627\u0641\u0632\u0627\u06cc\u0634 \u062f\u0627\u062f\u0647 \u0648 \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.  \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0645\u062a\u06cc\u0627\u0632 CVSS \u0646\u0633\u062e\u0647 \u06f4 \u0628\u0631\u0627\u06cc CVE-2025-23365 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u0645\u062a\u06cc\u0627\u0632 \u067e\u0627\u06cc\u0647 \u06f8.\u06f5 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a\u061b \u0631\u0634\u062a\u0647 \u0628\u0631\u062f\u0627\u0631 CVSS \u0628\u0647 \u0635\u0648\u0631\u062a (CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N) \u0627\u0633\u062a.\n\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR\n\u06af\u0631\u0648\u0647 \u0627\u06cc\u062a\u0627:\nhttps://eitaa.com/joinchat/1866007784Cfd023f90b2", "creation_timestamp": "2025-07-17T17:31:50.000000Z"}, {"uuid": "68cb69e3-efea-4207-8ac1-a515bacfba95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23365", "type": "seen", "source": "https://t.me/ics_cert/1240", "content": "Siemens TIA Administrator: \u0647\u0645\u0647 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0642\u0628\u0644 \u0627\u0632 V3.0.6\n\n\u062a\u0623\u06cc\u06cc\u062f \u0646\u0627\u062f\u0631\u0633\u062a \u0627\u0645\u0636\u0627\u06cc \u0631\u0645\u0632\u0646\u06af\u0627\u0631\u06cc CWE-347\n\u0628\u0631\u0646\u0627\u0645\u0647 \u0622\u0633\u06cc\u0628\u200c\u062f\u06cc\u062f\u0647 \u0628\u0647 \u0637\u0648\u0631 \u0646\u0627\u062f\u0631\u0633\u062a \u06af\u0648\u0627\u0647\u06cc\u200c\u0647\u0627\u06cc \u0627\u0645\u0636\u0627\u06cc \u06a9\u062f \u0631\u0627 \u062a\u0623\u06cc\u06cc\u062f \u0645\u06cc\u200c\u06a9\u0646\u062f. \u0627\u06cc\u0646 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0631\u0631\u0633\u06cc \u0631\u0627 \u062f\u0648\u0631 \u0628\u0632\u0646\u062f \u0648 \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u062f\u0631 \u062d\u06cc\u0646 \u0646\u0635\u0628 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f. \u0627\u0645\u062a\u06cc\u0627\u0632 CVSS \u0646\u0633\u062e\u0647 \u06f4 \u0646\u06cc\u0632 \u0628\u0631\u0627\u06cc CVE-2025-23364 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u0645\u062a\u06cc\u0627\u0632 \u067e\u0627\u06cc\u0647 \u06f6.\u06f9 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a\u061b \u0631\u0634\u062a\u0647 \u0628\u0631\u062f\u0627\u0631 CVSS \u0639\u0628\u0627\u0631\u062a \u0627\u0633\u062a \u0627\u0632 (CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N).\n\n\u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u0646\u0627\u062f\u0631\u0633\u062a CWE-284\n\u0628\u0631\u0646\u0627\u0645\u0647 \u0622\u0633\u06cc\u0628\u200c\u062f\u06cc\u062f\u0647 \u0628\u0647 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632 \u067e\u0627\u06cc\u06cc\u0646 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0628\u0627\u0632\u0646\u0648\u06cc\u0633\u06cc \u0641\u0627\u06cc\u0644\u200c\u0647\u0627\u06cc \u062d\u0627\u0641\u0638\u0647 \u067e\u0646\u0647\u0627\u0646 \u0648 \u062a\u063a\u06cc\u06cc\u0631 \u0645\u0633\u06cc\u0631 \u062f\u0627\u0646\u0644\u0648\u062f\u0647\u0627\u060c \u0646\u0635\u0628\u200c\u0647\u0627 \u0631\u0627 \u0622\u063a\u0627\u0632 \u06a9\u0646\u0646\u062f. \u0627\u06cc\u0646 \u0627\u0645\u0631 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632 \u0631\u0627 \u0627\u0641\u0632\u0627\u06cc\u0634 \u062f\u0627\u062f\u0647 \u0648 \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.  \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0645\u062a\u06cc\u0627\u0632 CVSS \u0646\u0633\u062e\u0647 \u06f4 \u0628\u0631\u0627\u06cc CVE-2025-23365 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u0645\u062a\u06cc\u0627\u0632 \u067e\u0627\u06cc\u0647 \u06f8.\u06f5 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a\u061b \u0631\u0634\u062a\u0647 \u0628\u0631\u062f\u0627\u0631 CVSS \u0628\u0647 \u0635\u0648\u0631\u062a (CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N) \u0627\u0633\u062a.\n\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR\n\u06af\u0631\u0648\u0647 \u0627\u06cc\u062a\u0627:\nhttps://eitaa.com/joinchat/1866007784Cfd023f90b2", "creation_timestamp": "2025-07-17T17:31:50.000000Z"}, {"uuid": "0f94505c-28fe-4eae-ac23-b2fe946f085e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1529", "content": "GitHub Entreprise Server SAML authentication bypass (CVE-2025-23369) exploit.\n\nhttps://github.com/hakivvi/CVE-2025-23369\n\n#Tools@CyberDilara", "creation_timestamp": "2025-02-16T04:11:04.000000Z"}, {"uuid": "98d02ed6-a0d0-47c6-bbbc-2294ebaa8b17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23362", "type": "seen", "source": "https://t.me/cvedetector/16664", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23362 - Adobe EXIF Viewer Classic Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23362 \nPublished : Jan. 29, 2025, 2:15 a.m. | 1\u00a0hour, 38\u00a0minutes ago \nDescription : The old versions of EXIF Viewer Classic contain a cross-site scripting vulnerability caused by improper handling of EXIF meta data. When an image is rendered and crafted EXIF meta data is processed, an arbitrary script may be executed on the web browser. Versions 2.3.2 and 2.4.0 were reported as vulnerable. According to the vendor, the product has been refactored after those old versions and the version 3.0.1 is not vulnerable. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-29T05:39:42.000000Z"}, {"uuid": "fff4263d-6c7d-415b-9152-d0bdc4780ba6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23366", "type": "seen", "source": "https://t.me/cvedetector/15311", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23366 - Wildfly HAL Console Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23366 \nPublished : Jan. 14, 2025, 6:16 p.m. | 26\u00a0minutes ago \nDescription : A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups \u201cSuperUser\u201d, \u201cAdmin\u201d, or \u201cMaintainer\u201d. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T19:51:28.000000Z"}, {"uuid": "5d5721b7-553a-4db1-8601-497fe59f7921", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "seen", "source": "https://t.me/cvedetector/16004", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23369 - GitHub Enterprise Server Cryptographic Signature Spoofing Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23369 \nPublished : Jan. 21, 2025, 7:15 p.m. | 39\u00a0minutes ago \nDescription : An improper verification of cryptographic signature vulnerability was identified in GitHub Enterprise Server that allowed signature spoofing for unauthorized internal users.  Instances not utilizing SAML single sign-on or where the attacker is not already an existing user were not impacted. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12.14, 3.13.10, 3.14.7, 3.15.2, and 3.16.0. This vulnerability was reported via the GitHub Bug Bounty program. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T21:09:32.000000Z"}, {"uuid": "c4e28883-b615-489e-b2fa-58f090663964", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/12375", "content": "\ud83d\udea8GitHub Enterprise Server SAML authentication Bypass (CVE-2025-23369) Exploit\n\nLink: https://github.com/hakivvi/CVE-2025-23369\n\nWrite up: https://repzret.blogspot.com/2025/02/abusing-libxml2-quirks-to-bypass-saml.html", "creation_timestamp": "2025-02-12T17:41:41.000000Z"}, {"uuid": "8aa60cc8-7416-4fea-aca3-f7985877f67a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23367", "type": "seen", "source": "https://t.me/cvedetector/16801", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23367 - Wildfly Server Unauthorized Management Operation\", \n  \"Content\": \"CVE ID : CVE-2025-23367 \nPublished : Jan. 30, 2025, 3:15 p.m. | 1\u00a0hour, 48\u00a0minutes ago \nDescription : A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor role is supposed to have only read access permissions and should not be able to suspend the server.   \nThe vulnerability is caused by the Suspend and Resume handlers not performing authorization checks to validate whether the current user has the required permissions to proceed with the action. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-30T18:27:06.000000Z"}, {"uuid": "7b7aa4da-c183-4918-aba2-94442797cd40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/3471", "content": "CVE-2025-23369\n*\nbypass SAML authentication on GitHub Enterprise \n*\nWriteUP\n*\nExploit", "creation_timestamp": "2025-02-09T06:36:46.000000Z"}, {"uuid": "c29b470e-f471-4005-9425-fa2fae560064", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "published-proof-of-concept", "source": "Telegram/GLNGAp7-4r9Fw5qDTXN2bUbXQdnuxUMfCfnz3tT-FZBf56E", "content": "", "creation_timestamp": "2025-02-09T12:00:09.000000Z"}, {"uuid": "5bfa8b09-d730-48e2-ae2d-dca1d1fa5b20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23363", "type": "seen", "source": "Telegram/-R7DPWRFZFRe6wuiqdIPAXrcDZz9bne6krKvLYq0S2GRcFU", "content": "", "creation_timestamp": "2025-02-11T12:32:32.000000Z"}, {"uuid": "f33c743b-b261-4c4b-b419-c667068e007f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "published-proof-of-concept", "source": "Telegram/OdndNN0qnj8hvudV4yedN840hPtW7vbUQau9VnORTKiB5Sg", "content": "", "creation_timestamp": "2025-02-09T10:00:05.000000Z"}, {"uuid": "65cfb069-ac3f-433d-816f-ee7037b30777", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "published-proof-of-concept", "source": "Telegram/drlddoFbezR_ebk_7_syeXSqSlLLhcRWstX3rDUPJqwdb8g", "content": "", "creation_timestamp": "2025-02-09T04:00:07.000000Z"}, {"uuid": "31b76c61-d85e-4c45-bd22-c21d2d9f1e3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2511", "content": "CVE-2025-23369\n*\nbypass SAML authentication on GitHub Enterprise \n*\nWriteUP\n*\nExploit", "creation_timestamp": "2025-02-09T05:15:47.000000Z"}, {"uuid": "36d1cf34-df45-4b35-8199-963973c34272", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23368", "type": "seen", "source": "Telegram/hh-X2Mqu2dut3n4A4E6MXjLiXcciHySigf7r8Y2vspF8wfw", "content": "", "creation_timestamp": "2025-03-04T17:01:22.000000Z"}, {"uuid": "24143676-249c-47b6-ba9f-822918ace56c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9616", "content": "Abusing libxml2 quirks to bypass SAML authentication on GitHub Enterprise (CVE-2025-23369)\n\nhttps://repzret.blogspot.com/2025/02/abusing-libxml2-quirks-to-bypass-saml.html", "creation_timestamp": "2025-02-09T15:29:03.000000Z"}, {"uuid": "0cb88ff1-d946-4064-8f76-6e6e2289561d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7998", "content": "GitHub Entreprise Server SAML authentication bypass (CVE-2025-23369) exploit.\n\nhttps://github.com/hakivvi/CVE-2025-23369\n\n#Tools@CyberDilara", "creation_timestamp": "2025-02-18T08:51:31.000000Z"}, {"uuid": "54b87f9a-2660-4212-8f4d-a570434b65bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23369", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11791", "content": "#exploit\n1. CVE-2024-0012/CVE-2024-9474:\nAuth Bypass in PAN-OS Web Interface\nhttps://github.com/dcollaoa/cve-2024-0012-gui-poc\n\n2. CVE-2025-23369:\nGitHub Entreprise Server SAML auth bypass\nhttps://github.com/hakivvi/cve-2025-23369\n\n3. CVE-2022-45460:\nROPing our way to RCE\nhttps://modzero.com/en/blog/roping-our-way-to-rce", "creation_timestamp": "2025-02-09T22:44:51.000000Z"}]}