CVE-2025-5141 – Fortra Core Privileged Access Manager BoKS Server Agent Information Disclosure Vulnerability

June 17, 2025

CVE ID : CVE-2025-5141

Published : June 17, 2025, 8:15 p.m. | 15 minutes ago

Description : A binary in the BoKS Server Agent component of Fortra’s Core Privileged Access Manager (BoKS) on versions 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1) and also legacy tar installs of BoKS 7.2 without hotfix #0474 on Linux, AIX, and Solaris allows low privilege local users to dump data from the cache.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleMicrosoft’s New CLI Text Editor Works Great on Ubuntu

Next Article CVE-2025-49847 – LLama Buffer Overflow Vulnerability

Highlights

CVE-2025-53890 – Pyload CAPTCHA JavaScript Evaluation Remote Code Execution

July 15, 2025

CVE ID : CVE-2025-53890

Published : July 15, 2025, 12:15 a.m. | 2 hours, 14 minutes ago

Description : pyload is an open-source Download Manager written in pure Python. An unsafe JavaScript evaluation vulnerability in pyLoad’s CAPTCHA processing code allows unauthenticated remote attackers to execute arbitrary code in the client browser and potentially the backend server. Exploitation requires no user interaction or authentication and can result in session hijacking, credential theft, and full system remote code execution. Commit 909e5c97885237530d1264cfceb5555870eb9546, the patch for the issue, is included in version 0.5.0b3.dev89.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Qwen Researchers Proposes QwenLong-L1: A Reinforcement Learning Framework for Long-Context Reasoning in Large Language Models

May 27, 2025

CVE-2025-4986 – “3DEXPERIENCE Product Manager Stored XSS”

May 30, 2025

The best iOS 26 features that will make updating your iPhone worthwhile

June 9, 2025

React.js for SaaS Platforms: How Top Development Teams Help Startups Launch Faster

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

Is Agile dead in the age of AI?

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

Unplugging these 7 common household devices helped reduce my electricity bills

DistroWatch Weekly, Issue 1133

Anthropic beats OpenAI as the top LLM provider for business – and it’s not even close

I bought Samsung’s Galaxy Watch Ultra 2025 – here’s why I have buyer’s remorse

The details of TC39’s last meeting

The details of TC39’s last meeting

Enhancing Laravel Queries with Reusable Scope Patterns

Everything We Know About Livewire 4

DistroWatch Weekly, Issue 1133

DistroWatch Weekly, Issue 1133

Newelle, a ‘Virtual Assistant’ for GNOME, Hits Version 1.0

Bustle – visualize D-Bus activity

CVE-2025-5141 – Fortra Core Privileged Access Manager BoKS Server Agent Information Disclosure Vulnerability

CVE-2025-6754 – “WordPress SEO Metrics Privilege Escalation”

CVE-2025-7710 – “Brave Conversion Engine WordPress Facebook Authentication Bypass”

How cron and Task Scheduler work in Laravel

Yandex Releases Yambda: The World’s Largest Event Dataset to Accelerate Recommender Systems

CVE-2025-6457 – Code-Projects Online Hotel Reservation System SQL Injection Vulnerability

CVE-2025-22882 – Delta Electronics ISPSoft Buffer Overflow

CVE-2025-53890 – Pyload CAPTCHA JavaScript Evaluation Remote Code Execution

Qwen Researchers Proposes QwenLong-L1: A Reinforcement Learning Framework for Long-Context Reasoning in Large Language Models

CVE-2025-4986 – “3DEXPERIENCE Product Manager Stored XSS”

The best iOS 26 features that will make updating your iPhone worthwhile

CVE-2025-5141 – Fortra Core Privileged Access Manager BoKS Server Agent Information Disclosure Vulnerability

Related Posts