Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability (CVE-2025-21373)
CVE-2025-21373 – This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows.
Read MoreCyber Security
Articles on SystemTek’s website that relate to cyber security.
Microsoft Edge UI Misrepresentation Remote Code Execution Vulnerability (CVE-2025-21404)
CVE-2025-21404 – This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Edge.
Read More
RedHat Out-of-bounds Write vulnerability (CVE-2025-0690)
CVE number = CVE-2025-0690 The read command is used to read the keyboard input from the user, while reads it
Read More
Cisco Secure Email Gateway Email Filter Bypass Vulnerability (CVE-2025-20153)
A vulnerability (CVE-2025-20153) in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device.
Read More
Qualys TRU Discovers Two New Vulnerabilities in OpenSSH (CVE-2025-26465 & CVE-2025-26466)
The Qualys Threat Research Unit (TRU) has discovered two vulnerabilities in OpenSSH. The first, identified as CVE-2025-26465, enables an active machine-in-the-middle attack on the OpenSSH client when the VerifyHostKeyDNS option is turned on. The second, CVE-2025-26466, impacts both the OpenSSH client and server, allowing a pre-authentication denial-of-service attack.
Read More
NVIDIA Container Toolkit mount_files Time-Of-Check Time-Of-Use Race Condition Privilege Escalation Vulnerability (CVE-2025-23359)
CVE-2025-23359 – This vulnerability allows remote attackers to escalate privileges on affected installations of NVIDIA Container Toolkit.
Read More
Red Hat Improper Authorization in Keycloak (CVE-2025-1391)
CVE-2025-1391 – A flaw was found in the Keycloak organization feature, which allows the incorrect assignment of an organization to a user if their username or email matches the organization’s domain pattern.
Read More
Dell NetWorker Management Console vulnerability (CVE-2025-21103)
CVE number = CVE-2025-21103 Dell NetWorker Management Console, version(s) 19.11 through 19.11.0.3 & Versions prior to 19.10.0.7 contain(s) an improper
Read More
Palo Alto Unauthorized Access to Broker VM Docker Containers (CVE-2025-0113)
CVE number = CVE-2025-0113 A problem with the network isolation mechanism of the Palo Alto Networks Cortex XDR Broker VM
Read More
NVIDIA Container Toolkit for Linux Time-of-Check Time-of-Use vulnerability (CVE-2025-23359)
CVE-2025-23359 – NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system.
Read More