230

1. CVE-2025-36630｜Tenable Nessus
   • https://www.tenable.com/security/tns-2025-13
   • https://nvd.nist.gov/vuln/detail/CVE-2025-36630
   • ファイル上書き。Windowsのみ。権限昇格の可能性とかになるのかな？
2. CVE-2025-53103｜JUnit
   • https://github.com/junit-team/junit-framework/security/advisories/GHSA-m43g-m425-p68x
   • https://nvd.nist.gov/vuln/detail/CVE-2025-53103
   • Git認証情報が漏洩する可能性。
3. CVE-2025-34063｜OneLogin AD Connector
   • https://support.onelogin.com/product-notification/noti-00001768
   • https://nvd.nist.gov/vuln/detail/CVE-2025-34063
   • https://specterops.io/blog/2025/06/10/onelogin-many-issues-how-i-pivoted-from-a-trial-tenant-to-compromising-customer-signing-keys/
   • 暗号化認証バイパス。
4. CVE-2025-34060｜Monero
   • https://nvd.nist.gov/vuln/detail/CVE-2025-34060
   • https://swap.gs/posts/monero-forums/
   • PHPオブジェクトインジェクション。
5. CVE-2025-0038｜Zynq™ UltraScale+™ SoC Overwriting Protected Memory Regions Through PMU Firmware
   • https://docs.amd.com/r/en-US/000037628/000037628-Design-Advisory-for-Zynq-UltraScale-SoC-Overwriting-Protected-Memory-Regions-through-PMU-Firmware
   • アドレス検証不備？よくわからん。FPGA周りっぽい？