CVE-2023-49137 – Cisco WebEx Meeting Server Cross-Site Scripting

May 28, 2025

CVE ID : CVE-2023-49137

Published : May 28, 2025, 10:15 p.m. | 2 hours, 46 minutes ago

Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2023-49604 – Apache HTTP Server Remote File Inclusion

Next Article CVE-2023-49139 – Apache HTTP Server SQL Injection

Highlights

CVE-2025-37787 – Linux Kernel – DSA MV88E6XXX Null Pointer Dereference Vulnerability

May 1, 2025

CVE ID : CVE-2025-37787

Published : May 1, 2025, 2:15 p.m. | 1 hour, 10 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered

Russell King reports that a system with mv88e6xxx dereferences a NULL
pointer when unbinding this driver:
https://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/

The crash seems to be in devlink_region_destroy(), which is not NULL
tolerant but is given a NULL devlink global region pointer.

At least on some chips, some devlink regions are conditionally registered
since the blamed commit, see mv88e6xxx_setup_devlink_regions_global():

if (cond && !cond(chip))
continue;

These are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip
does not have an STU or PVT, it should crash like this.

To fix the issue, avoid unregistering those regions which are NULL, i.e.
were skipped at mv88e6xxx_setup_devlink_regions_global() time.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

In-House vs. Outsource Node.js Development Teams: 9 Key Differences for the C-Suite (2025)

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

DistroWatch Weekly, Issue 1131

I ditched my Bluetooth speakers for this slick turntable – and it’s more practical than I thought

This split keyboard offers deep customization – if you’re willing to go all in

I spoke with an AI version of myself, thanks to Hume’s free tool – how to try it

The details of TC39’s last meeting

The details of TC39’s last meeting

Simple wrapper for Chrome’s built-in local LLM (Gemini Nano)

Online Examination System using PHP and MySQL

Windows 11 tests “shared audio” to play music via multiple devices, new taskbar animations

Windows 11 tests “shared audio” to play music via multiple devices, new taskbar animations

WhatsApp for Windows 11 is switching back to Chromium web wrapper from UWP/native

DistroWatch Weekly, Issue 1131

CVE-2023-49137 – Cisco WebEx Meeting Server Cross-Site Scripting

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

Dune: Awakening is the Spice of life and exactly what I’ve been waiting years to play

Turn Siloed Metrics into Business-Driven Insights with Tx-Insights

4 Fun Free and Open Source Meme Generation Tools

CVE-2023-53129 – Linux Kernel – ext4 Directory Rename Deadlock Vulnerability

CVE-2025-37787 – Linux Kernel – DSA MV88E6XXX Null Pointer Dereference Vulnerability

Modernizing your hybrid team means more than buying new tech gear – 3 tips for success

CVE-2025-32310 – ThemeMove QuickCal CSRF Privilege Escalation

6 registry tweaks every tech-savvy user must apply on Windows 11

CVE-2023-49137 – Cisco WebEx Meeting Server Cross-Site Scripting

Related Posts