CVE-2015-20112 – Fortinet SSL/TLS CTR Stream Collision Vulnerability

June 29, 2025

CVE ID : CVE-2015-20112

Published : June 29, 2025, 9:15 p.m. | 1 hour, 9 minutes ago

Description : RLPx 5 has two CTR streams based on the same key, IV, and nonce. This can facilitate decryption on a private network.

Severity: 3.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6871 – SourceCodester Simple Company Website SQL Injection

Next Article CVE-2025-6870 – SourceCodester Simple Company Website Unrestricted File Upload Vulnerability

Highlights

CVE-2025-6173 – Webkul QloApps SQL Injection

June 17, 2025

CVE ID : CVE-2025-6173

Published : June 17, 2025, 7:15 a.m. | 3 hours, 10 minutes ago

Description : A vulnerability classified as critical was found in Webkul QloApps 1.6.1. Affected by this vulnerability is an unknown functionality of the file /admin/ajax_products_list.php. The manipulation of the argument packItself leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor confirms the existence of this flaw but considers it a low-level issue due to admin privilege pre-requisites. Still, a fix is planned for a future release.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

SteelSeries’ latest wireless mouse is cheap and colorful — but is this the one to spend your money on?

DistroWatch Weekly, Issue 1128

Your Slack app is getting a big upgrade – here’s how to try the new AI features

How Code Feedback MCP Enhances AI-Generated Code Quality

How Code Feedback MCP Enhances AI-Generated Code Quality

PRSS Site Creator – Create Blogs and Websites from Your Desktop

Say hello to ECMAScript 2025

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

SteelSeries’ latest wireless mouse is cheap and colorful — but is this the one to spend your money on?

Microsoft confirms Windows 11 25H2, might make Windows more stable

CVE-2015-20112 – Fortinet SSL/TLS CTR Stream Collision Vulnerability

Synology ABM Flaw (CVE-2025-4679) Leaks Global Client Secret, Exposing ALL Microsoft 365 Tenants

D-Link DIR-816 Router Alert: 6 Critical Flaws (CVSS 9.8) Allow Remote Code Execution, NO PATCHES

Microsoft Recall Returns: Security Improves but Issues Remain

CVE-2024-48907 – Sematell ReplyOne 7.4.3.0 allows SSRF via the appl

CVE-2025-47891 – Apache Struts Command Injection

The big VPN choice: System-wide or just in the browser? How to decide

CVE-2025-6173 – Webkul QloApps SQL Injection

CVE-2025-45240 – Foxcms SQL Injection

Microsoft Urges TPM 2.0 for Windows 11 Upgrade as Win 10 Support Nears End

ChatGPT’s subscribers and revenue soar in 2025 – here’s why

CVE-2015-20112 – Fortinet SSL/TLS CTR Stream Collision Vulnerability

Related Posts