CVE-2025-49153 – MICROSENS NMP Web+ Remote Code Execution

June 25, 2025

CVE ID : CVE-2025-49153

Published : June 25, 2025, 5:15 p.m. | 1 hour, 44 minutes ago

Description : MICROSENS NMP Web+

could allow an unauthenticated attacker to overwrite files and execute arbitrary code.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-52890 – Incus ARP Spoofing Vulnerability

Next Article CVE-2025-49151 – MICROSENS NMP Web+ JWT Token Forgery

Highlights

CVE-2025-38151 – Linux Kernel RDMA cma: Work Queue Corruption Vulnerability

July 3, 2025

CVE ID : CVE-2025-38151

Published : July 3, 2025, 9:15 a.m. | 2 hours, 14 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work

The cited commit fixed a crash when cma_netevent_callback was called for
a cma_id while work on that id from a previous call had not yet started.
The work item was re-initialized in the second call, which corrupted the
work item currently in the work queue.

However, it left a problem when queue_work fails (because the item is
still pending in the work queue from a previous call). In this case,
cma_id_put (which is called in the work handler) is therefore not
called. This results in a userspace process hang (zombie process).

Fix this by calling cma_id_put() if queue_work fails.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-5700 – WordPress Simple Logo Carousel Stored Cross-Site Scripting Vulnerability

June 17, 2025

CVE-2025-40569 – Siemens SCALANCE Web Interface Load Configuration Remote Authentication Bypass Vulnerability

June 10, 2025

Sam Altman is secretly developing an X-like social media app to rival Elon Musk and Meta: “If Facebook tries to come at us and we just uno reverse them, it would be so funny”

April 15, 2025

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Neptune 9.0

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Distribution Release: Neptune 9.0

Distribution Release: Neptune 9.0

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

CVE-2025-49153 – MICROSENS NMP Web+ Remote Code Execution

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-44892 – Fortinet Wireless Access Point Stack Overflow Vulnerability

Microsoft Engineer Unveils Mystery Behind Windows’ Blank Shutdown Blocker

CVE-2025-5884 – Konica Minolta bizhub Cross-Site Scripting Vulnerability

CVE-2025-4238 – PCMan FTP Server MGET Command Handler Buffer Overflow

CVE-2025-38151 – Linux Kernel RDMA cma: Work Queue Corruption Vulnerability

CVE-2025-5700 – WordPress Simple Logo Carousel Stored Cross-Site Scripting Vulnerability

CVE-2025-40569 – Siemens SCALANCE Web Interface Load Configuration Remote Authentication Bypass Vulnerability

Sam Altman is secretly developing an X-like social media app to rival Elon Musk and Meta: “If Facebook tries to come at us and we just uno reverse them, it would be so funny”

CVE-2025-49153 – MICROSENS NMP Web+ Remote Code Execution

Related Posts