MongoDB: kritische Sicherheitslücke in NoSQL-Datenbank
Heise Security 25.12.2025 17:19
MongoDB warnt vor einer schwerwiegenden Sicherheitslücke, die neuere Versionen betrifft. Admins sollten umgehend patchen.
Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability
The Hacker News 25.12.2025 08:22
Fortinet on Wednesday said it observed "recent abuse" of a five-year-old security flaw in FortiOS SSL VPN in the wild under certain configurations.
The vulnerability in question is CVE-2020-12812 (CVSS score: 5.2), an improper authentication vulnerability in SSL VPN in FortiOS that could allow a user to log in successfully without being prompted for the second factor of authentication if the
CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution
The Hacker News 25.12.2025 08:07
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw impacting Digiever DS-2105 Pro network video recorders (NVRs) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerability, tracked as CVE-2023-52163 (CVSS score: 8.8), relates to a case of command injection that allows post-authentication remote code