ZDI-25-043: Ivanti Avalanche Faces ResourceManager Information Disclosure Vulnerability

Read Time:12 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-13180.

thunderbird-128.9.2-1.fc42

FEDORA-2025-013f8d6631 Packages in this update: thunderbird-128.9.2-1.fc42 Update description: Update to 128.9.2 https://www.thunderbird.net/en-US/thunderbird/128.9.0esr/releasenotes/ https://www.thunderbird.net/en-US/thunderbird/128.9.1esr/releasenotes/ https://www.thunderbird.net/en-US/thunderbird/128.9.2esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2025-24/ https://www.mozilla.org/en-US/security/advisories/mfsa2025-27/ Read More

April 29, 2025

Infostealers Harvest Over 30,000 Australian Banking Credentials

Applying Security Engineering to Prompt Injection Security

Zero-Day Exploitation Figure Surges 19% in Two Years

Europol Creates “Violence-as-a-Service” Taskforce

Windscribe Acquitted on Charges of Not Collecting Users’ Data

Uyghur Diaspora Group Targeted with Remote Surveillance Malware

Half of Mobile Devices Run Outdated Operating Systems

Researchers Note 16.7% Increase in Automated Scanning Activity

2025 Cyber Resilience Research Discovers Speed of AI Advancing Emerging Attack Types

ZDI-25-043: Ivanti Avalanche Faces ResourceManager Information Disclosure Vulnerability

thunderbird-128.9.2-1.fc42

USN-7455-5: Linux kernel (AWS) vulnerabilities

USN-7469-2: Apache Tomcat vulnerability

USN-7469-1: Apache Traffic Server vulnerability

USN-7468-1: Linux kernel (Azure, N-Series) vulnerabilities

USN-7459-2: Linux kernel (GCP) vulnerabilities