CVE ID : CVE-2025-36056

Published : July 1, 2025, 1:15 a.m. | 24 minutes ago

Description : IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-6937

Published : July 1, 2025, 1:15 a.m. | 24 minutes ago

Description : A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /large.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-53095

Published : July 1, 2025, 2:15 a.m. | 1 hour, 17 minutes ago

Description : Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.628.4510, the web UI of Sunshine lacks protection against Cross-Site Request Forgery (CSRF) attacks. This vulnerability allows an attacker to craft a malicious web page that, when visited by an authenticated user, can trigger unintended actions within the Sunshine application on behalf of that user. Specifically, since the application does OS command execution by design, this issue can be exploited to abuse the “Command Preparations” feature, enabling an attacker to inject arbitrary commands that will be executed with Administrator privileges when an application is launched. This issue has been patched in version 2025.628.4510.

Severity: 9.6 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-6939

Published : July 1, 2025, 3:15 a.m. | 17 minutes ago

Description : A vulnerability classified as critical has been found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formWlSiteSurvey of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-6940

Published : July 1, 2025, 3:15 a.m. | 17 minutes ago

Description : A vulnerability classified as critical was found in TOTOLINK A702R 4.0.0-B20230721.1521. Affected by this vulnerability is an unknown functionality of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

A practical guide to the top MySQL challenges Laravel developers face — and how to solve them with automation and…

Google’s Agent2Agent protocol finds new home at the Linux Foundation At the Open Source Summit North America, it was announced…

Platform engineering can be a valuable asset to an organization, but there are a number of strategies teams need to…

Gartner recently revealed a new report where it predicted that by the end of 2027, over 40% of agentic AI…

Retro techs are no longer stranger things. Just like vinyl records and vintage fashion, retro computing has captured our collective…

Europol on Monday announced the takedown of a cryptocurrency investment fraud ring that laundered €460 million ($540 million) from more…

U.S. cybersecurity and intelligence agencies have issued a joint advisory warning of potential cyber-attacks from Iranian state-sponsored or affiliated threat…

A product catalog does more than list what you sell, it can also help shape how people see your brand.…

The Müller-Lyer illusion, pictured below, makes you think that, of two lines, one is longer than the other when in…

When you hear “whiteboard,” the first thing that probably comes to mind is a classic brainstorming session filled with sticky…

What if you could design and build on the same canvas? Here’s how we created code layers to bring design…

But that was AI, before APIs that bill you for every little thing, before people subscribed to tools they don’t…

New research backs up what gamers have thought for years: video games can be an antidote to stress and anxiety.…

“These questions feel really personal”; ”This is going to be too controversial”; “You should stick to programming surveys”. Source: Read…

Post Content Source: Read More