CVE-2025-3116 – Apache HTTP Server SSL/TLS Denial of Service Vulnerability

June 10, 2025

CVE ID : CVE-2025-3116

Published : June 10, 2025, 9:15 a.m. | 29 minutes ago

Description : CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an
authenticated malicious user sends special malformed HTTPS request containing improper formatted body
data to the controller.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3898 – Apache Webserver Denial of Service Vulnerability

Next Article CVE-2025-3117 – Apache Configuration File Cross-site Scripting (XSS)

Highlights

CVE-2025-46655 – CodiMD AWS S3 SVG XSS Bypass

April 26, 2025

CVE ID : CVE-2025-46655

Published : April 26, 2025, 9:15 p.m. | 1 hour, 48 minutes ago

Description : CodiMD through 2.5.4 has a CSP-based protection mechanism against XSS through uploaded SVG documents containing JavaScript, but it can be bypassed in certain cases of different-origin file storage, such as AWS S3. NOTE: it can be considered a user error if AWS is employed for hosting untrusted JavaScript content, but the selected architecture within AWS does not have components that are able to insert Content-Security-Policy headers.

Severity: 4.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Prevent WordPress SQL Injection Attacks

This week in AI dev tools: Apple’s Foundations Model framework, Mistral’s first reasoning model, and more (June 13, 2025)

Open Talent platforms emerging to match skilled workers to needs, study finds

Java never goes out of style: Celebrating 30 years of the language

OneDrive for Mac will soon give you more flexible storage options

From The Editor’s Desk — new Windows Central community features, we’d like to hear from you!

New code strings attached to Xbox Game Pass suggests a price increase may be imminent

This could be the versatile laptop accessory I’ve been waiting for — Here’s why it stands out from other portable monitors

Worker Threads in Node.js: A Complete Guide for Multithreading in JavaScript

Worker Threads in Node.js: A Complete Guide for Multithreading in JavaScript

Everybody’s gone lintin’

QAQ-QQ-AI-QUEST

OneDrive for Mac will soon give you more flexible storage options

OneDrive for Mac will soon give you more flexible storage options

From The Editor’s Desk — new Windows Central community features, we’d like to hear from you!

New code strings attached to Xbox Game Pass suggests a price increase may be imminent

CVE-2025-3116 – Apache HTTP Server SSL/TLS Denial of Service Vulnerability

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

Grafana Alert: Medium-Severity Flaw (CVE-2025-3415) Exposes DingDing API Keys

Google DeepMind’s latest research at ICML 2023

Copilot Vision just launched — and Microsoft already added new features

CVE-2025-48951 – Auth0-PHP Insecure Cookie Deserialization Vulnerability

CVE-2025-4819 – Y_Project RuoYi Remote Improper Authorization Vulnerability

CVE-2025-46655 – CodiMD AWS S3 SVG XSS Bypass

CVE-2025-5374 – PHPGurukul Online Birth Certificate System SQL Injection Vulnerability

Russian Hackers Breach 20+ NGOs Using Evilginx Phishing via Fake Microsoft Entra Pages

CVE-2025-5690 – PostgreSQL Anonymizer Mask Data Read Bypass

CVE-2025-3116 – Apache HTTP Server SSL/TLS Denial of Service Vulnerability

Related Posts