{“lastseen”:”2025-11-15T02:05:07″,”description”:”\\n\\n**November \\”In the Trend of VM\\” (#21): vulnerabilities in Windows, SharePoint, Redis, XWiki, Zimbra Collaboration, and Linux. **The usual monthly roundup. After several months, here’s a big one. \\n\\n Post on Habr (rus) \\n Post on SecurityLab (rus) \\n Digest on the PT website (rus)\\n\\nA total of nine vulnerabilities:\\n\\n **RCE** – Windows Server Update Services (WSUS) (CVE-2025-59287) \\n **RCE** – Microsoft SharePoint \\”ToolShell\\” (CVE-2025-49704) \\n **RCE** – Windows LNK File (CVE-2025-9491) \\n **EoP** – Windows Remote Access Connection Manager (CVE-2025-59230) \\n **EoP** – Windows Agere Modem Driver (CVE-2025-24990) \\n **RCE** – Redis \\”RediShell\\” (CVE-2025-49844) \\n **RCE** – XWiki Platform (CVE-2025-24893) \\n **XSS** – Zimbra Collaboration (CVE-2025-27915) \\n **EoP** – Linux Kernel (CVE-2025-38001)\\n\\n Trending Vulnerabilities Portal\\n\\n\u041d\u0430 \u0440\u0443\u0441\u0441\u043a\u043e\u043c”,”published”:”2025-11-14T20:44:36″,”modified”:”2025-11-14T20:44:36″,”type”:”avleonov”,”title”:”November \u201cIn the Trend of VM\u201d (#21): vulnerabilities in Windows, SharePoint, Redis, XWiki, Zimbra Collaboration, and Linux”,”source”:””,”references”:””,”id”:”AVLEONOV:178C80F37386B03F6E013DEA46A4FC3B”,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[“CVE-2025-24893″,”CVE-2025-24990″,”CVE-2025-27915″,”CVE-2025-38001″,”CVE-2025-49704″,”CVE-2025-49844″,”CVE-2025-59230″,”CVE-2025-59287″,”CVE-2025-9491″],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:9.9,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:”3.0″,”vectorString”:”CVSS:3.0\/AV:L\/AC:H\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H”,”baseScore”:7,”baseSeverity”:”HIGH”,”attackVector”:”LOCAL”,”attackComplexity”:”HIGH”,”privilegesRequired”:”NONE”,”userInteraction”:”REQUIRED”,”scope”:”UNCHANGED”,”confidentialityImpact”:”HIGH”,”integrityImpact”:”HIGH”,”availabilityImpact”:”HIGH”}},”href”:”https:\/\/avleonov.com\/2025\/11\/14\/1607-november-in-the-trend-of-vm-21-vulnerabilities-in\/”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-11-15T02:05:07″,”description”:”\\n\\n**November \\”In the Trend of VM\\” (#21): vulnerabilities in…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[155,9,6,8,45,12,13,7,11,5],"class_list":["post-26358","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-avleonov","tag-critical","tag-cve","tag-cvss","tag-cvss-99","tag-exploit","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n