CVE-2024-30147 – “Oracle HCL Leap Client-Side Script Injection Vulnerability”

April 24, 2025

CVE ID : CVE-2024-30147

Published : April 24, 2025, 5:15 p.m. | 1 hour, 44 minutes ago

Description : Multiple vectors in HCL Leap allow client-side
script injection in the authoring environment and deployed applications.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-31324 – SAP NetWeaver Unauthenticated Remote Code Execution

Next Article CVE-2024-30113 – HCL Leap Cross-Site Scripting Vulnerability

Highlights

CVE-2025-37822 – RISC-V Linux Kernel Uprobes Fence Vulnerability

May 8, 2025

CVE ID : CVE-2025-37822

Published : May 8, 2025, 7:15 a.m. | 58 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

riscv: uprobes: Add missing fence.i after building the XOL buffer

The XOL (execute out-of-line) buffer is used to single-step the
replaced instruction(s) for uprobes. The RISC-V port was missing a
proper fence.i (i$ flushing) after constructing the XOL buffer, which
can result in incorrect execution of stale/broken instructions.

This was found running the BPF selftests “test_progs:
uprobe_autoattach, attach_probe” on the Spacemit K1/X60, where the
uprobes tests randomly blew up.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Low-Code vs No-Code Platforms for Node.js: What CTOs Must Know Before Investing

ServiceNow unveils Zurich AI platform

Integrating CSS Cascade Layers To An Existing Project

How React.js AI Code Generation Accelerates Digital Transformation Initiatives

GitHub Availability Report: August 2025

GitHub Copilot coding agent 101: Getting started with agentic workflows on GitHub

Compiling Multiple CSS Files into One

When Cells Collide: The Making of an Organic Particle Experiment with Rapier & Three.js

PHP 8.5.0 Beta 3 available for testing

PHP 8.5.0 Beta 3 available for testing

Stock Prediction using Python machine Learning (ML)

How to Successfully Upgrade Angular 16 to 17: Handling Legacy Angular Material Components

Pironman 5 Max Review: Best Raspberry Pi Case Money can Buy

Pironman 5 Max Review: Best Raspberry Pi Case Money can Buy

Distribution Release: Voyager Live 13

FOSS Weekly #25.37: Mint 22.2 Released, Official KDE Distro, Kazeta Linux for 90s Gaming, Ubuntu 25.10’s New Terminal and More Linux Stuff

CVE-2024-30147 – “Oracle HCL Leap Client-Side Script Injection Vulnerability”

AsyncRAT Exploits ConnectWise ScreenConnect to Steal Credentials and Crypto

Are cybercriminals hacking your systems – or just logging in?

How to Build Robust Networking Layers in Swift with OpenAPI

CVE-2025-7356 – CVE-2020-29461: Apache HTTP Server Remote Code Execution

bitHuman launches SDK for creating AI avatars

Contractor Financing: What You Need to Know

CVE-2025-37822 – RISC-V Linux Kernel Uprobes Fence Vulnerability

Are Forgotten AD Service Accounts Leaving You at Risk?

CVE-2025-2769 – Bdrive NetDrive OpenSSL Privilege Escalation Vulnerability

Don’t waste the LAST 24 hours of Amazon Prime Day sales buying a MacBook — buy this much better Windows laptop instead!

CVE-2024-30147 – “Oracle HCL Leap Client-Side Script Injection Vulnerability”

Related Posts