CVE-2025-4185 – Wangshen SecGate 3600 File Path Traversal Vulnerability

May 2, 2025

CVE ID : CVE-2025-4185

Published : May 2, 2025, 12:15 a.m. | 3 hours, 12 minutes ago

Description : A vulnerability, which was classified as critical, has been found in Wangshen SecGate 3600 2024. This issue affects some unknown processing of the file ?g=obj_area_export_save. The manipulation of the argument file_name leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-55909 – IBM Concert Software Archive File DoS

Next Article CVE-2025-4191 – PHPGurukul Employee Record Management System SQL Injection

Highlights

CVE-2025-38002 – Linux Kernel io_uring fdinfo Lock Bypass Vulnerability

June 6, 2025

CVE ID : CVE-2025-38002

Published : June 6, 2025, 2:15 p.m. | 1 hour, 21 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

io_uring/fdinfo: grab ctx->uring_lock around io_uring_show_fdinfo()

Not everything requires locking in there, which is why the ‘has_lock’
variable exists. But enough does that it’s a bit unwieldy to manage.
Wrap the whole thing in a ->uring_lock trylock, and just return
with no output if we fail to grab it. The existing trylock() will
already have greatly diminished utility/output for the failure case.

This fixes an issue with reading the SQE fields, if the ring is being
actively resized at the same time.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

It feels like Blizzard has abandoned Diablo 2: Resurrected — but there’s one way to keep it alive for years to come

Steam’s performance tracking tool is becoming more like the Steam Deck’s — you can try it out right now

Borderlands 4 is killing off a tired “FOMO” trend — I hope other developers follow suit

Dr. Axel’s JavaScript flashcards

Dr. Axel’s JavaScript flashcards

Syntax-Highlight – Custom Element For Syntax Highlighting Content

WelsonJS – Build a Windows app on the Windows built-in JavaScript engine

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

It feels like Blizzard has abandoned Diablo 2: Resurrected — but there’s one way to keep it alive for years to come

Steam’s performance tracking tool is becoming more like the Steam Deck’s — you can try it out right now

CVE-2025-4185 – Wangshen SecGate 3600 File Path Traversal Vulnerability

CVE-2025-49763: Apache Traffic Server Vulnerability Enables Memory Exhaustion Attacks

IBM QRadar SIEM Exposed by Trio of Security Flaws, Including Critical Command Execution Bug

Windows 10 KB5060533 adds Bing feature to Calendar UI on taskbar

CVE-2025-5628 – SourceCodester Food Menu Manager Cross Site Scripting (XSS)

CVE-2025-5649 – SourceCodester Student Result Management System Remote Access Control Bypass

Tunnel Run game in 170 lines of pure JS

CVE-2025-38002 – Linux Kernel io_uring fdinfo Lock Bypass Vulnerability

CVE-2025-47535 – Opal Woo Custom Product Variation Path Traversal

As game prices rise, this excellent Hall Effect controller just dropped in price

CVE-2025-6091 – H3C GR-3000AX Buffer Overflow Vulnerability

CVE-2025-4185 – Wangshen SecGate 3600 File Path Traversal Vulnerability

Related Posts