CVE-2025-4905 – Apache iop-apl-uw Basestation3 Deserialization Vulnerability

May 19, 2025

CVE ID : CVE-2025-4905

Published : May 19, 2025, 2:15 a.m. | 32 minutes ago

Description : A vulnerability was found in iop-apl-uw basestation3 up to 3.0.4 and classified as problematic. This issue affects the function load_qc_pickl of the file basestation3/QC.py. The manipulation of the argument qc_file leads to deserialization. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The code maintainer tagged the issue as closed. But there is no new commit nor release in the GitHub repository available so far.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-23164 – Unifi Protect Permanent Livestream Access Token Vulnerability

Next Article CVE-2025-23123 – UBTech UniFi Protect Camera Remote Code Execution Vulnerability

Highlights

CVE-2025-3826 – SourceCodester Web-based Pharmacy Product Management System Cross-Site Scripting Vulnerability

April 20, 2025

CVE ID : CVE-2025-3826

Published : April 20, 2025, 1:15 p.m. | 1 hour, 33 minutes ago

Description : A vulnerability, which was classified as problematic, was found in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part of the file add-supplier.php. The manipulation of the argument txtsupplier_name/txtaddress leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

Sunshine And March Vibes (2025 Wallpapers Edition)

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

My latest hands-on could be the best value AI laptop of the summer, but I still have questions

DOOM: The Dark Ages had the lowest Steam launch numbers in series history — Is it suffering from the ‘Game Pass Effect’?

Microsoft won’t be left exposed if something “catastrophic” happens to OpenAI — but may still be 3 to 6 months behind ChatGPT

Microsoft Copilot gets OpenAI’s GPT-4o image generation support — but maybe a day late and a dollar short for the hype?

ES6: Set Vs Array- What and When?

ES6: Set Vs Array- What and When?

Transform JSON into Typed Collections with Laravel’s AsCollection::of()

Deployer

My latest hands-on could be the best value AI laptop of the summer, but I still have questions

My latest hands-on could be the best value AI laptop of the summer, but I still have questions

DOOM: The Dark Ages had the lowest Steam launch numbers in series history — Is it suffering from the ‘Game Pass Effect’?

Microsoft won’t be left exposed if something “catastrophic” happens to OpenAI — but may still be 3 to 6 months behind ChatGPT

CVE-2025-4905 – Apache iop-apl-uw Basestation3 Deserialization Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-48259 – Juan Carlos WP Mapa Politico España CSRF

Playwright vs Selenium: The Ultimate Showdown

Automate Release Notes to Confluence with Bitbucket Pipelines

You can get this Dell XPS Desktop at just $1100

Enhancing Graph Classification with Edge-Node Attention-based Differentiable Pooling and Multi-Distance Graph Neural Networks GNNs

CVE-2025-3826 – SourceCodester Web-based Pharmacy Product Management System Cross-Site Scripting Vulnerability

Claude 3.5 Sonnet comes out on top in Galileoâ€™s Hallucination Index

Artisan – visual scope for coffee roasters

OpenBubbles is a cross-platform app ecosystem

CVE-2025-4905 – Apache iop-apl-uw Basestation3 Deserialization Vulnerability

Related Posts