CVE ID : CVE-2025-48954

Published : June 25, 2025, 2:15 p.m. | 14 minutes ago

Description : Discourse is an open-source discussion platform. Versions prior to 3.5.0.beta6 are vulnerable to cross-site scripting when the content security policy isn’t enabled when using social logins. Version 3.5.0.beta6 patches the issue. As a workaround, have the content security policy enabled.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

This is a bit of a general question. I’m trying to practice my testing skills and perhaps get some better experience with manual testing mature applications. In particular, I’m interested in desktop applications. One good place to do this is with open source projects, particularly those in need of dedicated/semi-dedicated testers. While I know every open source project has its own culture around it, with differing levels of maturity, are there any general tips for OSS testing?

Critical Kaleris Navis N4 Flaw (CVE-2025-2566, CVSS 9.8): Supply Chain Infrastructure at Risk!

Two newly disclosed vulnerabilities in the Kaleris Navis N4 terminal operating system could allow attackers to remotely compromise container terminal infrastructure, according to a security advisory r …
Read more

Published Date:
Jun 25, 2025 (3 hours, 45 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-5087

CVE-2025-2566

CVE-2024-12378

TeamViewer for Windows Vulnerability Let Attackers Delete Files Using SYSTEM Privileges

A significant security vulnerability in the TeamViewer Remote Management solution for Windows that could allow attackers with local access to delete arbitrary files with SYSTEM privileges, potentially …
Read more

Published Date:
Jun 25, 2025 (3 hours, 29 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-36537

Adversarial AI Digest — June, 2025

Adversarial AI Digest — June, 2025A digest of AI security research, insights, reports, upcoming events, and tools & resources. Follow AI Security community on Twitter and LinkedIn group for additional …
Read more

Published Date:
Jun 25, 2025 (2 hours, 47 minutes ago)

Vulnerabilities has been mentioned in this article.

NVIDIA Megatron LM Vulnerability Let Attackers Inject Malicious Code

Critical security vulnerabilities in NVIDIA Megatron LM large language model framework that could allow attackers to inject malicious code and gain unauthorized system access.
The company released eme …
Read more

Published Date:
Jun 25, 2025 (2 hours, 11 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-23265

CVE-2025-23264