Cyber Security

Articles on SystemTek’s website that relate to cyber security.

NewsSecurity Vulnerabilities

Palo Alto Improper Neutralization of Input in the Management Web Interface (CVE-2025-4615)

– An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands.

Read More
NewsSecurity Vulnerabilities

Jaspersoft Jasper Reports JRLoader Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2025-10492)

– This vulnerability allows remote attackers to execute arbitrary code on affected installations of Jaspersoft Jasper Reports.

Read More
NewsSecurity Vulnerabilities

7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability (CVE-2025-11001)

– This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip.

Read More
NewsSecurity Vulnerabilities

7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability (CVE-2025-11002)

– This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip.

Read More
NewsSecurity Vulnerabilities

Allegra DatabaseBackupBL Directory Traversal Information Disclosure Vulnerability (CVE-2025-11466)

– This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra.

Read More
NewsSecurity Vulnerabilities

Active exploitation of vulnerability affecting Oracle E-Business Suite (CVE-2025-61882)

– Oracle has published a security update to address an unauthenticated remote vulnerability (CVE-2025-61882) affecting Oracle E-Business Suite (EBS).

Read More
NewsSecurity Vulnerabilities

win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability (CVE-2025-11202)

– This vulnerability allows remote attackers to execute arbitrary code on affected installations of win-cli-mcp-server.

Read More
NewsSecurity Vulnerabilities

Ivanti Endpoint Manager EFile Directory Traversal Remote Code Execution Vulnerability (CVE-2025-9712)

– This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager.

Read More
NewsSecurity Vulnerabilities

Linux Kernel ksmbd generate_key context.iov_base Null Pointer Dereference Denial-of-Service Vulnerability (CVE-2025-38562)

– This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of the Linux Kernel.

Read More
NewsSecurity Vulnerabilities

Fortinet FortiWeb _cmf_get_config_file_path Directory Traversal Information Disclosure Vulnerability (CVE-2025-53609)

– This vulnerability allows remote attackers to disclose sensitive information on affected installations of Fortinet FortiWeb.

Read More