CVE-2025-0649 – Google Tensorflow Serving JSON Deserialization Remote Crash

May 6, 2025

CVE ID : CVE-2025-0649

Published : May 6, 2025, 9:16 p.m. | 2 hours, 41 minutes ago

Description : Incorrect JSON input stringification in Google’s Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-44073 – SeaCMS SQL Injection Vulnerability

Next Article CVE-2025-47417 – Crestron Automate VX Sensitive Information Exposure

Highlights

CVE-2025-47780 – Asterisk CLI Permissions Bypass Vulnerability

May 22, 2025

CVE ID : CVE-2025-47780

Published : May 22, 2025, 5:15 p.m. | 1 hour, 36 minutes ago

Description : Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk, trying to disallow shell commands to be run via the Asterisk command line interface (CLI) by configuring `cli_permissions.conf` (e.g. with the config line `deny=!*`) does not work which could lead to a security risk. If an administrator running an Asterisk instance relies on the `cli_permissions.conf` file to work and expects it to deny all attempts to execute shell commands, then this could lead to a security vulnerability. Versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk fix the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Agent Mode for Gemini added to Android Studio

Google’s Agent2Agent protocol finds new home at the Linux Foundation

Decoding The SVG path Element: Curve And Arc Commands

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

Where to buy a Meta Quest 3S Xbox Edition — and why it’s a better bargain than the “normal” Meta Quest 3S

Vite 7.0 Is Out

Vite 7.0 Is Out

Exploring JavaScript ES2025 Edition

Mastering Mixed DML Operations in Apex

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

CVE-2025-0649 – Google Tensorflow Serving JSON Deserialization Remote Crash

Rogue WordPress Plugin Unmasked: Stealthy Malware Skims Credit Cards & Steals Credentials

Urgent Advantech Alert: Critical Flaws (CVSS 9.6) Expose Industrial Automation to Remote Takeover, PoC Releases

CVE-2025-2851 – GL.iNet RPC Handler Buffer Overflow

CVE-2025-45752 – SeedDMS PHP Code Execution Vulnerability

AirTag too quiet? This alternative is much louder and works with Android and iPhone

The Business Impact of AI-Powered Predictive Maintenance in 2025🔧

CVE-2025-47780 – Asterisk CLI Permissions Bypass Vulnerability

Microsoft confirms Windows 11 24H2 0x80240069 svchost.exe_wuauserv crashes

CVE-2025-47287 – Tornado Multipart Form Data Denial of Service Vulnerability

CVE-2025-2812 – Mydata Informatics Ticket Sales Automation SQL Injection

CVE-2025-0649 – Google Tensorflow Serving JSON Deserialization Remote Crash

Related Posts