CVE-2025-23174 – Apache Apache Information Disclosure

April 21, 2025

CVE ID : CVE-2025-23174

Published : April 21, 2025, 5:15 p.m. | 1 hour, 47 minutes ago

Description : CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-28099 – Opencms Arbitrary File Read Vulnerability

Next Article CVE-2025-3857 – Amazon.IonDotnet Denial of Service Vulnerability

Highlights

CVE-2025-4018 – Novel-Plus Remote Authentication Bypass

April 28, 2025

CVE ID : CVE-2025-4018

Published : April 28, 2025, 12:15 p.m. | 2 hours, 50 minutes ago

Description : A vulnerability, which was classified as critical, has been found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This issue affects the function addCrawlSource of the file novel-crawl/src/main/java/com/java2nb/novel/controller/CrawlController.java. The manipulation leads to missing authentication. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Beyond the benchmarks: Understanding the coding personalities of different LLMs

Top 10 Use Cases of Vibe Coding in Large-Scale Node.js Applications

Building smarter interactions with MCP elicitation: From clunky tool calls to seamless user experiences

From Zero to MCP: Simplifying AI Integrations with xmcp

Distribution Release: Linux Mint 22.2

Coded Smorgasbord: Basically, a Smorgasbord

Drupal 11’s AI Features: What They Actually Mean for Your Team

Drupal 11’s AI Features: What They Actually Mean for Your Team

Why Data Governance Matters More Than Ever in 2025?

Perficient Included in the IDC Market Glance for Digital Business Professional Services, 3Q25

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

Distribution Release: Linux Mint 22.2

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

CVE-2025-23174 – Apache Apache Information Disclosure

Critical Linux UDisks Daemon Vulnerability (CVE-2025-8067) Exposes Privileged Data to Local Attackers

Google Slapped with $381 Million Fine in France Over Gmail Ads, Cookie Consent Missteps

CVE-2025-54946 – SUNNET Corporate Training Management System SQL Injection Vulnerability

CVE-2022-41871 – SEPPmail Root Command Injection Vulnerability

Urgent Veeam Update: Critical RCE CVE-2025-23121 (CVSS 9.9) & Two Other Flaws Threaten Backup Servers

How I lock and hide apps in a secret folder on my iPhone – and why

CVE-2025-4018 – Novel-Plus Remote Authentication Bypass

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

VESDA by Xtralis Smoke Detection Solutions Supplier in India

CVE-2025-3279 – GitLab GraphQL Denial of Service Vulnerability

CVE-2025-23174 – Apache Apache Information Disclosure

Related Posts