CVE-2025-4536 – Gosuncn Technology Group Audio-Visual Integrated Management Platform Remote Information Disclosure

May 11, 2025

CVE ID : CVE-2025-4536

Published : May 11, 2025, 9:15 a.m. | 3 hours, 12 minutes ago

Description : A vulnerability has been found in Gosuncn Technology Group Audio-Visual Integrated Management Platform 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /sysmgr/user/listByPage. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4537 – RuoYi-Vue Cleartext Storage of Sensitive Information in Cookie

Next Article Grabber is an imageboard/booru downloader

Highlights

CVE-2025-54140 – pyLoad Path Traversal Remote Code Execution Vulnerability

July 22, 2025

CVE ID : CVE-2025-54140

Published : July 22, 2025, 10:15 p.m. | 2 hours, 20 minutes ago

Description : pyLoad is a free and open-source Download Manager written in pure Python. In version 0.5.0b3.dev89, an authenticated path traversal vulnerability exists in the /json/upload endpoint of pyLoad. By manipulating the filename of an uploaded file, an attacker can traverse out of the intended upload directory, allowing them to write arbitrary files to any location on the system accessible to the pyLoad process. This may lead to: Remote Code Execution (RCE), local privilege escalation, system-wide compromise, persistence, and backdoors. This is fixed in version 0.5.0b3.dev90.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Neptune 9.0

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Distribution Release: Neptune 9.0

Distribution Release: Neptune 9.0

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

CVE-2025-4536 – Gosuncn Technology Group Audio-Visual Integrated Management Platform Remote Information Disclosure

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

OpenAI to reportedly launch GPT-5 in August

16 Best Free and Open Source Linux Computer Algebra Systems

One of the best action games I’ve played on Xbox Game Pass just teased a sequel — the devs are “already drenched in the work”

CVE-2025-4598 – Systemd-coredump SUID Process Core Dump File Access Vulnerability

CVE-2025-54140 – pyLoad Path Traversal Remote Code Execution Vulnerability

CVE-2025-4230 – Palo Alto Networks PAN-OS Command Injection Vulnerability

UI automation: Why “try, try again”is your mantra

CVE-2021-4455 – “WordPress Smart Product Review Plugin File Upload Vulnerability”

CVE-2025-4536 – Gosuncn Technology Group Audio-Visual Integrated Management Platform Remote Information Disclosure

Related Posts