CVE-2025-53908 – RomM Path Traversal Vulnerability

July 16, 2025

CVE ID : CVE-2025-53908

Published : July 16, 2025, 8:15 p.m. | 6 hours, 47 minutes ago

Description : RomM is a self-hosted rom manager and player. Versions prior to 3.10.3 and 4.0.0-beta.3 have an authenticated path traversal vulnerability in the `/api/raw` endpoint. Anyone running the latest version of RomM and has multiple users, even unprivileged users, such as the kiosk user in the official implementation, may be affected. This allows the leakage of passwords and users that may be stored on the system. Versions 3.10.3 and 4.0.0-beta.3 contain a patch.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6982 – TP-Link Archer C50 Hard-coded Credentials Vulnerability

Next Article CVE-2024-9408 – Eclipse GlassFish Server Side Request Forgery Vulnerability

Highlights

CVE-2025-4440 – H3C GR-1800AX Buffer Overflow Vulnerability

May 8, 2025

CVE ID : CVE-2025-4440

Published : May 8, 2025, 11:15 p.m. | 22 minutes ago

Description : A vulnerability was found in H3C GR-1800AX up to 100R008 and classified as critical. Affected by this issue is the function EnableIpv6 of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used.

Severity: 8.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Report: 71% of tech leaders won’t hire devs without AI skills

Slack’s AI search now works across an organization’s entire knowledge base

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

Steam takes down tons of porn games, cracks down on “certain kinds of adult-only content” — here’s why, and its new policy

Oblivion Remastered and Metal Gear Solid Delta co-developer Virtuos faces layoffs — with 270 workers cut

The details of TC39’s last meeting

The details of TC39’s last meeting

Notes Android App Using SQLite

How to Get Security Patches for Legacy Unsupported Node.js Versions

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

Steam takes down tons of porn games, cracks down on “certain kinds of adult-only content” — here’s why, and its new policy

CVE-2025-53908 – RomM Path Traversal Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

New ModSecurity WAF Vulnerability Let Attackers Crash the System

Denmark Follows Germany in Ditching Microsoft for Open-Source Tools

U.S. Sanctions Funnull for $200M Romance Baiting Scams Tied to Crypto Fraud

How to Build a Custom Visual Testing Tool with Selenium: A Practical Guide

CVE-2025-4440 – H3C GR-1800AX Buffer Overflow Vulnerability

I switched to a high-end dumbphone for a week, and it put E Ink (and my iPhone) to shame

Worker Threads in Node.js: A Complete Guide for Multithreading in JavaScript

CVE-2024-42209 – HCL Connections Information Disclosure Vulnerability

CVE-2025-53908 – RomM Path Traversal Vulnerability

Related Posts