CVE-2025-47712 – “nbdkit Blocksize Filter Denial of Service Vulnerability”

June 9, 2025

CVE ID : CVE-2025-47712

Published : June 9, 2025, 6:15 a.m. | 3 hours, 23 minutes ago

Description : A flaw exists in the nbdkit “blocksize” filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4652 – Broadstreet WordPress Reflected Cross-Site Scripting Vulnerability

Next Article CVE-2025-3582 – WordPress Newsletter Stored Cross-Site Scripting Vulnerability

Highlights

CVE-2025-48888 – Deno Deny-Read Allow-Read Permission Confusion

June 4, 2025

CVE ID : CVE-2025-48888

Published : June 4, 2025, 8:15 p.m. | 3 hours, 22 minutes ago

Description : Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.41.3 and prior to versions 2.1.13, 2.2.13, and 2.3.2, `deno run –allow-read –deny-read main.ts` results in allowed, even though ‘deny’ should be stronger. The result is the same with all global unary permissions given as `–allow-* –deny-*`. This only affects a nonsensical combination of flags, so there shouldn’t be a real impact on the userbase. Users may upgrade to version 2.1.13, 2.2.13, or 2.3.2 to receive a patch.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Value-Driven AI Roadmap

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

‘Job Hugging’ Trend Emerges as Workers Confront AI Uncertainty

Distribution Release: MocaccinoOS 25.09

Composition in CSS

DataCrunch raises €55M to boost EU AI sovereignty with green cloud infrastructure

Finally, safe array methods in JavaScript

Finally, safe array methods in JavaScript

Perficient Interviewed for Forrester Report on AI’s Transformative Role in DXPs

Perficient’s “What If? So What?” Podcast Wins Gold Stevie® Award for Technology Podcast

Distribution Release: MocaccinoOS 25.09

Distribution Release: MocaccinoOS 25.09

Speed Isn’t Everything When Buying SSDs – Here’s What Really Matters!

14 Themes for Beautifying Your Ghostty Terminal

CVE-2025-47712 – “nbdkit Blocksize Filter Denial of Service Vulnerability”

Qantas Airways Slashes CEO Bonus After Cyberattack Exposes 5.7 Million Customers

UAE Cyber Security Council Flags 70% Smart Home Devices as Vulnerable

CVE-2025-8169 – D-Link DIR-513 HTTP POST Request Handler Buffer Overflow

Shadow AI Discovery: A Critical Part of Enterprise AI Governance

How logic can help AI models tell more truth, according to AWS

OIN marks 20 years of defending Linux and open source from patent trolls

CVE-2025-48888 – Deno Deny-Read Allow-Read Permission Confusion

“Pretty” is in the eye of the beholder

KL-001-2025-006: Schneider Electric EcoStruxure IT Data Center Expert XML External Entities Injection

CVE-2025-0853 – WordPress PGS Core Plugin SQL Injection Vulnerability

CVE-2025-47712 – “nbdkit Blocksize Filter Denial of Service Vulnerability”

Related Posts