CVE-2025-3768 – Devolutions Server Tor Network Bypass Vulnerability

June 5, 2025

CVE ID : CVE-2025-3768

Published : June 5, 2025, 2:15 p.m. | 53 minutes ago

Description : Improper access control in Tor network blocking feature in Devolutions Server 2025.1.10.0 and earlier allows an authenticated user to bypass the tor blocking feature when the Devolutions hosted endpoint is not reachable.

Severity: 5.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47827 – IGEL OS Boot Signature Verification Bypass

Next Article CVE-2025-30084 – Joomla RSMail! Stored XSS

Highlights

CVE-2025-46732 – OpenCTI IDOR Notification Manipulation

July 18, 2025

CVE ID : CVE-2025-46732

Published : July 18, 2025, 3:15 p.m. | 2 hours, 3 minutes ago

Description : OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.6.6, an IDOR vulnerability in the GrapQL `NotificationLineNotificationMarkReadMutation` and `NotificationLineNotificationDeleteMutation` mutations of OpenCTI allows an authenticated user to change the read status of a notification or delete a notification of another user in case he has knowledge of the UUID of the notification. When changing the read status of a notification, the user also receives the content of the notification they changed the read status of. Authenticated Users in OpenCTI can read, modify and delete notification of other users if they know the UUID of the notification. Version 6.6.6 fixes the issue.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

DOOM: The Dark Ages review and Metacritic score roundup — Does Xbox have its GOTY contender with this long-awaited shooter?

May 10, 2025

CVE-2025-5129 – Sangfor aTrust Directory Traversal Vulnerability

May 24, 2025

CVE-2025-4524 – Madara WordPress Theme Local File Inclusion Vulnerability

May 21, 2025

AI and its impact on the developer experience, or ‘where is the joy?’

Google launches OSS Rebuild tool to improve trust in open source packages

AI-enabled software development: Risk of skill erosion or catalyst for growth?

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Power bank slapped with a recall? Stop using it now – here’s why

I recommend these budget earbuds over pricier Bose and Sony models – here’s why

Microsoft’s big AI update for Windows 11 is here – what’s new

Slow internet speed on Linux? This 30-second fix makes all the difference

Singleton and Scoped Container Attributes in Laravel 12.21

Singleton and Scoped Container Attributes in Laravel 12.21

wulfheart/laravel-actions-ide-helper

lanos/laravel-cashier-stripe-connect

‘Wuchang: Fallen Feathers’ came close to fully breaking me multiple times — a soulslike as brutal and as beautiful as it gets

‘Wuchang: Fallen Feathers’ came close to fully breaking me multiple times — a soulslike as brutal and as beautiful as it gets

Sam Altman is “terrified” of voice ID fraudsters embracing AI — and threats of US bioweapon attacks keep him up at night

NVIDIA boasts a staggering $111 million in market value per employee — since it became the world’s first $4 trillion company

CVE-2025-3768 – Devolutions Server Tor Network Bypass Vulnerability

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Why is your data worth so much? | Unlocked 403 cybersecurity podcast (S2E4)

CVE-2025-5644 – Radare2 Use After Free Vulnerability in r_cons_flush Function

CVE-2024-11922 – Fortra GoAnywhere Email Injection Vulnerability

https://www.wrappixel.com/free-nextjs-landing-page-templates/

Report: Microsoft set to slash thousands more jobs in July — sales teams in the crosshairs

CVE-2025-46732 – OpenCTI IDOR Notification Manipulation

DOOM: The Dark Ages review and Metacritic score roundup — Does Xbox have its GOTY contender with this long-awaited shooter?

CVE-2025-5129 – Sangfor aTrust Directory Traversal Vulnerability

CVE-2025-4524 – Madara WordPress Theme Local File Inclusion Vulnerability

CVE-2025-3768 – Devolutions Server Tor Network Bypass Vulnerability

Related Posts