CVE-2025-3707 – Sunnet eHDR CTMS SQL Injection

May 2, 2025

CVE ID : CVE-2025-3707

Published : May 2, 2025, 4:15 a.m. | 3 hours, 5 minutes ago

Description : The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary SQL command to read database contents.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3748 – WordPress Taxonomy Chain Menu Stored Cross-Site Scripting

Next Article CVE-2025-3708 – Le-Yan Le-Show Medical SQL Injection Vulnerability

Highlights

CVE-2025-1948 – Jetty HTTP/2 Buffer Overflow

May 8, 2025

CVE ID : CVE-2025-1948

Published : May 8, 2025, 6:15 p.m. | 1 hour, 22 minutes ago

Description : In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.
The Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Error’d: You Talkin’ to Me?

The Psychology Of Trust In AI: A Guide To Measuring And Designing For User Confidence

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)

Report: The major factors driving employee disengagement in 2025

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

@ts-ignore is almost always the worst option

@ts-ignore is almost always the worst option

MutativeJS v1.3.0 is out with massive performance gains

Student Performance Prediction System using Python Machine Learning (ML)

DistroWatch Weekly, Issue 1140

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Hyprland Made Easy: Preconfigured Beautiful Distros

CVE-2025-3707 – Sunnet eHDR CTMS SQL Injection

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

GitHub Availability Report: June 2025

CVE-2025-49211 – Trend Micro Endpoint Encryption PolicyServer Privilege Escalation SQL Injection

Software architecture IS Conway’s Law

Microsoft launches new Copilot app on Windows 11 with o3 reasoning, screenshots tool

CVE-2025-1948 – Jetty HTTP/2 Buffer Overflow

Norma Kamali is transforming the future of fashion with AI

CVE-2025-51536 – AI OpenAtlas Hardcoded Administrator Password Vulnerability

CVE-2025-37987 – Linux PDS Core AdminQ Overflow/Stuck Condition Vulnerability

CVE-2025-3707 – Sunnet eHDR CTMS SQL Injection

Related Posts