CVE ID : CVE-2025-8737

Published : Aug. 8, 2025, 8:15 p.m. | 5 hours, 9 minutes ago

Description : A vulnerability, which was classified as problematic, was found in zlt2000 microservices-platform up to 6.0.0. This affects the function onLogoutSuccess of the file src/main/java/com/central/oauth/handler/OauthLogoutSuccessHandler.java. The manipulation of the argument redirect_url leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-8738

Published : Aug. 8, 2025, 8:15 p.m. | 5 hours, 9 minutes ago

Description : A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-55188

Published : Aug. 8, 2025, 9:15 p.m. | 4 hours, 9 minutes ago

Description : 7-Zip before 25.01 does not always properly handle symbolic links during extraction.

Severity: 2.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-8739

Published : Aug. 8, 2025, 9:15 p.m. | 4 hours, 9 minutes ago

Description : A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /admin/tags/save. The manipulation of the argument tagName leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-8740

Published : Aug. 8, 2025, 9:15 p.m. | 4 hours, 9 minutes ago

Description : A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0. It has been classified as problematic. Affected is an unknown function of the file /admin/categories/save of the component Category Handler. The manipulation of the argument categoryName leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-8741

Published : Aug. 8, 2025, 10:16 p.m. | 3 hours, 8 minutes ago

Description : A vulnerability was found in macrozheng mall up to 1.0.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/login. The manipulation leads to cleartext transmission of sensitive information. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 3.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-8742

Published : Aug. 8, 2025, 10:16 p.m. | 3 hours, 8 minutes ago

Description : A vulnerability was found in macrozheng mall 1.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Admin Login. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 3.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-8743

Published : Aug. 8, 2025, 11:15 p.m. | 2 hours, 9 minutes ago

Description : A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. This affects an unknown part of the file /data_source_edit.shtm of the component Virtual Data Source Property Handler. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-46709

Published : Aug. 9, 2025, 12:15 a.m. | 1 hour, 9 minutes ago

Description : Possible memory leak or kernel exceptions caused by reading kernel heap data after free or NULL pointer dereference kernel exception.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-6573

Published : Aug. 9, 2025, 12:15 a.m. | 1 hour, 9 minutes ago

Description : Kernel software installed and running inside an untrusted/rich execution environment (REE) could leak information from the trusted execution environment (TEE).

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-8744

Published : Aug. 9, 2025, 12:15 a.m. | 1 hour, 9 minutes ago

Description : A vulnerability classified as critical was found in CesiumLab Web up to 4.0. This vulnerability affects unknown code of the file /lodmodels/. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Buffer provides a minimal editing space for all those things that don’t need keeping. It’s written in Rust. The post…

empress is a simple command-line abstraction over the D-Bus MPRIS specification which allows for querying and controlling media players. The…

Since I joined GitHub as a software engineer on the billing team almost three years ago, I’ve had a front…

WebRTC is real-time communication for the web, enabling video, voice, and data transfer between peers using an open standard. The…

If you landed on this article, chances are you might have a front-end interview coming up, perhaps one with a…

The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. The Tails project, which builds a Debian-based live Linux distribution with focus on online anonymity, has announced the availability of the initial release candidate for Tails 7.0. The new version is based on the upcoming Debian 13 and ships with GNOME 48: “We are very excited to present….

Redocly CLI is an all-in-one OpenAPI utility. It builds, manages, improves, and quality-checks your OpenAPI descriptions The post Redocly CLI…

Gnoppix è una distribuzione GNU/Linux open source che dal 2002 si distingue per il suo focus su privacy, sicurezza e…

Calibre è un software open source per la gestione completa di libri elettronici (eBook), noto per la sua versatilità, potenza…