Here are the CVE updates for the week of July 7th through the 13th.
Zero-Day Vulnerabilities
Microsoft SQL Server Information Disclosure Vulnerability | CVE-2025-49719
Description:
An input validation flaw affects Microsoft SQL Server, enabling unauthenticated attackers to retrieve sensitive memory content over the network. This vulnerability impacts multiple versions (2016–2022) and was disclosed publicly before Microsoft released a patch. It has been rated 7.5 on the CVSS 3.1 scale and classified as a zero-day.
Potential Impacts:
- Sensitive Data Exposure: Uninitialized memory may reveal confidential data.
- Wider Supply Chain Risk: Applications relying on SQL Server or OLE DB drivers might be indirectly impacted.
- Unrestricted Access: Exploitation requires no authentication or user interaction.
Mitigation Recommendations:
- Apply Patches Immediately: Update SQL Server to the latest supported version.
- Update OLE DB Drivers: Upgrade to version 18 or 19.
- Network Segmentation: Restrict SQL Server access to trusted environments.
- Monitor Logs: Actively review logs for suspicious queries or activity.
🔴 Critical Severity Vulnerabilities
PHPMailer Command Injection Vulnerability (CISA KEV) | CVE-2016-10033
Description:
PHPMailer versions prior to 5.2.18 contain a command injection flaw in the mailSend function using the isMail transport. The flaw results from insufficient sanitization of the Sender property. When attackers craft a field including a backslash-double-quote ("), it can be used to manipulate the mail() command and execute arbitrary code.
Potential Impacts:
- Remote Code Execution: Attackers may run arbitrary commands.
- System Compromise: Complete server takeover is possible.
- Data Breach: Sensitive files could be exposed.
- Persistence: Malicious scripts might be embedded for ongoing access.
Mitigation Recommendations:
- Upgrade PHPMailer: Use version 5.2.18 or newer.
- Input Validation: Sanitize fields such as
Sender,From, andReply-To. - Use Secure Transports: Prefer
isSMTP()overisMail(). - Monitor for Exploitation: Audit logs for anomalies.
Multi-Router Looking Glass (MRLG) Buffer Overflow Vulnerability (CISA KEV) | CVE-2014-3931
Description:
Versions of MRLG before 5.5.0 contain a flaw in fastping.c that permits arbitrary memory writes. Improper input handling makes the application vulnerable to memory corruption and unexpected behavior, which in turn might enable remote code execution.
Potential Impacts:
- Memory Corruption: Stability and functionality may degrade.
- Denial of Service (DoS): Application crashes could occur.
- Remote Code Execution: Under specific conditions, code execution is possible.
Mitigation Recommendations:
- Upgrade MRLG: Use version 5.5.0 or later.
- Network Segmentation: Restrict MRLG instance access.
- Input Validation: Enforce strict checks on user input.
- Monitor Logs: Watch for malformed requests targeting
fastping.
Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability (CISA KEV) | CVE-2025-5777
Description:
When configured as a Gateway or AAA virtual server, Citrix NetScaler may suffer from an out-of-bounds read issue. Improper input validation allows remote attackers to send crafted data, potentially triggering memory overread and exposing sensitive content.
Potential Impacts:
- Information Disclosure: Exposed memory could reveal credentials or system configurations.
- System Instability: Performance degradation or crashes may result.
- Security Bypass: Leaked data might facilitate further compromise.
Mitigation Recommendations:
- Apply Patches: Update to a secure version.
- Restrict Access: Permit access only from trusted IP ranges.
- Monitor Traffic: Employ IDS/IPS tools.
- Enable Logging and Alerts: Track anomalies in memory behavior.
🟠 High Severity Vulnerabilities
Server-Side Request Forgery (SSRF) in Zimbra Collaboration Suite ProxyServlet (CISA KEV) | CVE-2019-9621: Remote attackers can exploit a Server-Side Request Forgery (SSRF) flaw in ProxyServlet to make unauthorized internal requests. As a result, sensitive services and systems may become accessible through a publicly exposed interface.
Rails Ruby on Rails Path Traversal Vulnerability (CISA KEV) | CVE-2019-5418: Older versions of Ruby on Rails can leak server file contents due to a flaw in Action View. Crafted HTTP Accept headers can trigger path traversal, potentially exposing sensitive data from the server’s filesystem.
Privilege Escalation via Insecure File Permissions in Canonical Multipass on macOS | CVE-2025-5199: Incorrect file permissions in Canonical Multipass (≤ 1.15.1) allow local attackers to run arbitrary code during system startup. Exploited files executed by a Launch Daemon may lead to elevated privileges.
🟡 Medium Severity Vulnerabilities
SQL Injection Vulnerability in Modern Bag 1.0 | CVE-2025-7478: An SQL injection vulnerability exists in the idCate parameter of /admin/category-list.php. Due to a lack of input sanitization, remote attackers can manipulate database queries. A public exploit increases the threat level.A SQL injection flaw in idCate parameter on /admin/category-list.php in Modern Bag v1.0 enables remote manipulation of database queries. A public exploit is available.
Missing Authorization in Juniper Networks Security Director Web Interface | CVE-2025-52950: In version 24.4.1, Juniper Security Director’s web interface fails to enforce proper access controls. Unauthenticated users may access or alter restricted resources through exposed endpoints.
Reflected Cross-Site Scripting (XSS) in eGroupWare calendar/freebusy.php | CVE-2023-38329: Version 17.1.20190111 of eGroupWare is vulnerable to reflected XSS in the calendar/freebusy.php file. Because user input is not sanitized, attackers can inject JavaScript via the user parameter, affecting users who click malicious links.