CVE ID : CVE-2025-43490
Published : Aug. 15, 2025, 7:15 p.m. | 6 hours, 6 minutes ago
Description : A potential security vulnerability has been identified in the HPAudioAnalytics service included in the HP Hotkey Support software, which might allow escalation of privilege. HP is releasing software updates to mitigate the potential vulnerability.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-36088
Published : Aug. 15, 2025, 8:15 p.m. | 5 hours, 6 minutes ago
Description : IBM TS4500 1.11.0.0-D00, 1.11.0.1-C00, 1.11.0.2-C00, and 1.10.00-F00 web GUI is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-44201
Published : Aug. 15, 2025, 9:15 p.m. | 4 hours, 6 minutes ago
Description : Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-8959
Published : Aug. 15, 2025, 9:15 p.m. | 4 hours, 6 minutes ago
Description : HashiCorp’s go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-43201
Published : Aug. 15, 2025, 10:15 p.m. | 3 hours, 6 minutes ago
Description : This issue was addressed with improved checks. This issue is fixed in Apple Music Classical 2.3 for Android. An app may be able to unexpectedly leak a user’s credentials.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52621
Published : Aug. 15, 2025, 11:15 p.m. | 2 hours, 6 minutes ago
Description : HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. The BigFix SaaS’s HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52618
Published : Aug. 15, 2025, 11:15 p.m. | 2 hours, 6 minutes ago
Description : HCL BigFix SaaS Authentication Service is affected by a SQL injection vulnerability. The vulnerability allows potential attackers to manipulate SQL queries.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52619
Published : Aug. 15, 2025, 11:15 p.m. | 2 hours, 6 minutes ago
Description : HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. Under certain conditions, error messages disclose sensitive version information about the underlying platform.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52620
Published : Aug. 15, 2025, 11:15 p.m. | 2 hours, 6 minutes ago
Description : HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting (XSS) vulnerability. The image upload functionality inadequately validated the submitted image format.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2017-20199
Published : Aug. 16, 2025, 12:15 a.m. | 1 hour, 6 minutes ago
Description : A vulnerability was found in Buttercup buttercup-browser-extension up to 0.14.2. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper access controls. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.1 is able to address this issue. The identifier of the patch is 89. It is recommended to upgrade the affected component. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Tiny Crate is a cute little precision platformer with puzzle elements! It’s released into the public domain. The post Tiny…
Emblem generates projects avatars for your Matrix rooms and git forges from a symbolic icon. The post Emblem – generate…
The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. The development team behind LibreELEC, a multi-platform Linux distribution featuring the Kodi media centre, have released a new update, version 12.2.0. This is a minor update that improves support for Intel hardware and upgrades Kodi to version 21.2: “LibreELEC 12.2 with Kodi 21.2 ‘Omega’ is released. The main….
For this article in the series I’m looking at the power consumption of the ASRock Industrial NUC BOX-255H. The post…
rqlite combines the simplicity of SQLite with a fault-tolerant, highly available system. The post rqlite – distributed database built on…
A new version of the nifty Floating Mini Panel GNOME Shell extension is available, and adds the sought-after ability to…
A peek into the creative world of Clarisse Michard, a Toulouse-based web designer crafting playful, custom digital experiences with Okey…
Filing this in the “Missed First Time Around” category. It popped up in the Firefox 139 release notes and I…
The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. Barry Kauler has announced the release of EasyOS 7.0, a major new version of the experimental distribution that changes several pieces of technology behind the scenes. “Compared with prior releases of EasyOS, the Excalibur-series is a ‘whole new ball game’. All prior EasyOSs were built with woofQ; Easy….
I love “re-learning” things I thought I knew. HTML is full of those opportunities (case in point, like today) since…