CVE-2025-6704 – An arbitrary file writing vulnerability in the Sec

July 21, 2025

CVE ID : CVE-2025-6704

Published : July 21, 2025, 2:15 p.m. | 9 hours, 59 minutes ago

Description : An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to pre-auth remote code execution, if a specific configuration of SPX is enabled in combination with the firewall running in High Availability (HA) mode.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46116 – An issue was discovered in CommScope Ruckus Unleas

Next Article CVE-2025-7624 – An SQL injection vulnerability in the legacy (tran

Highlights

CVE-2025-49595 – n8n Denial of Service (DoS) Vulnerability

July 3, 2025

CVE ID : CVE-2025-49595

Published : July 3, 2025, 1:15 p.m. | 1 hour, 41 minutes ago

Description : n8n is a workflow automation platform. Prior to version 1.99.0, there is a denial of Service vulnerability in /rest/binary-data endpoint when processing empty filesystem URIs (filesystem:// or filesystem-v2://). This allows authenticated attackers to cause service unavailability through malformed filesystem URI requests, effecting the /rest/binary-data endpoint and n8n.cloud instances (confirmed HTTP/2 524 timeout responses). Attackers can exploit this by sending GET requests with empty filesystem URIs (filesystem:// or filesystem-v2://) to the /rest/binary-data endpoint, causing resource exhaustion and service disruption. This issue has been patched in version 1.99.0.

Severity: 4.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Warhammer 40,000: Darktide unleashes a violent gameplay reveal for the new upcoming Arbites Class

June 10, 2025

Understanding CSS Perspective: Bringing Depth to Your Designs

April 28, 2025

Sam Altman claims Meta is trying to poach OpenAI staffers with $100 million bonuses, but “none of our best people have decided to take them up on that”

June 18, 2025

AI and its impact on the developer experience, or ‘where is the joy?’

Google launches OSS Rebuild tool to improve trust in open source packages

AI-enabled software development: Risk of skill erosion or catalyst for growth?

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Power bank slapped with a recall? Stop using it now – here’s why

I recommend these budget earbuds over pricier Bose and Sony models – here’s why

Microsoft’s big AI update for Windows 11 is here – what’s new

Slow internet speed on Linux? This 30-second fix makes all the difference

Singleton and Scoped Container Attributes in Laravel 12.21

Singleton and Scoped Container Attributes in Laravel 12.21

wulfheart/laravel-actions-ide-helper

lanos/laravel-cashier-stripe-connect

‘Wuchang: Fallen Feathers’ came close to fully breaking me multiple times — a soulslike as brutal and as beautiful as it gets

‘Wuchang: Fallen Feathers’ came close to fully breaking me multiple times — a soulslike as brutal and as beautiful as it gets

Sam Altman is “terrified” of voice ID fraudsters embracing AI — and threats of US bioweapon attacks keep him up at night

NVIDIA boasts a staggering $111 million in market value per employee — since it became the world’s first $4 trillion company

CVE-2025-6704 – An arbitrary file writing vulnerability in the Sec

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Why is your data worth so much? | Unlocked 403 cybersecurity podcast (S2E4)

CVE-2025-4936 – “Projectworlds Online Food Ordering System SQL Injection Vulnerability”

CVE-2025-4767 – Defog-ai Introspect Code Injection Vulnerability

How Microfrontends Work: From iframes to Module Federation

Why Denmark is breaking up with Microsoft

CVE-2025-49595 – n8n Denial of Service (DoS) Vulnerability

Warhammer 40,000: Darktide unleashes a violent gameplay reveal for the new upcoming Arbites Class

Understanding CSS Perspective: Bringing Depth to Your Designs

Sam Altman claims Meta is trying to poach OpenAI staffers with $100 million bonuses, but “none of our best people have decided to take them up on that”

CVE-2025-6704 – An arbitrary file writing vulnerability in the Sec

Related Posts