CVE ID : CVE-2025-3116
Published : June 10, 2025, 9:15 a.m. | 29 minutes ago
Description : CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an
authenticated malicious user sends special malformed HTTPS request containing improper formatted body
data to the controller.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3898
Published : June 10, 2025, 9:15 a.m. | 29 minutes ago
Description : CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an
authenticated malicious user sends HTTPS request containing invalid data type to the webserver.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3899
Published : June 10, 2025, 9:15 a.m. | 29 minutes ago
Description : CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability
exists in Certificates page on Webserver that could cause an unvalidated data injected by authenticated
malicious user leading to modify or read data in a victim’s browser.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3905
Published : June 10, 2025, 9:15 a.m. | 29 minutes ago
Description : CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability
exists impacting PLC system variables that could cause an unvalidated data injected by authenticated
malicious user leading to modify or read data in a victim’s browser.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4680
Published : June 10, 2025, 9:15 a.m. | 29 minutes ago
Description : Improper Input Validation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects upKeeper Instant Privilege Access: before 1.4.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4681
Published : June 10, 2025, 9:15 a.m. | 29 minutes ago
Description : Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Privilege Abuse.This issue affects upKeeper Instant Privilege Access: before 1.4.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5740
Published : June 10, 2025, 9:15 a.m. | 29 minutes ago
Description : CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists that
could cause arbitrary file writes when an unauthenticated user on the web server manipulates file path.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5741
Published : June 10, 2025, 9:15 a.m. | 29 minutes ago
Description : CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists that
could cause arbitrary file reads from the charging station. The exploitation of this vulnerability does require an
authenticated session of the web server.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5743
Published : June 10, 2025, 9:15 a.m. | 29 minutes ago
Description : CWE-78: I Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’)
vulnerability exists that could cause remote control over the charging station when an authenticated user
modifies configuration parameters on the web server.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5742
Published : June 10, 2025, 9:15 a.m. | 29 minutes ago
Description : CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
vulnerability exists when an authenticated user modifies configuration parameters on the web server
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Negli ultimi mesi, il panorama dei sistemi operativi per computer personali sta attraversando una trasformazione profonda. GNU/Linux, da sempre protagonista…
HoloMem, a cold storage data deeptech, has been awarded a £550,000 Smart Grant by Innovate UK for its HoloDrive project,…
My findings on the UPERFECT 15.6″ VESA portable monitor 1080P display. The post UPERFECT Unify B5 Portable Monitor 1080P Display…
Let’s Get Terraform Ready, Infra Coders! Hey there, Infra coders! In our last discussion, we learned what Terraform is and…
We’ve talked about ASP .Net WebForms in the past. In this style of development, everything was event driven: click a…
CVE-2025-48757: Lovable’s Row-Level Security Breakdown Exposes Sensitive Data Across Hundreds of Projects
Security researcher Matt Palmer has uncovered a critical vulnerability in the Lovable low-code platform, now tracked as CVE-2025-48757, that allows unauthenticated access and data modification due to …
Read more
Published Date:
Jun 10, 2025 (5 hours, 8 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-48757
CVE-2024-8940
Chinese Cyberespionage Groups Probe SentinelOne in Sophisticated ShadowPad and PurpleHaze Campaigns
SentinelLABS has unveiled an extensive report detailing a wave of cyber-espionage activity that directly targeted SentinelOne and over 70 other organizations worldwide. Tracked as part of two intercon …
Read more
Published Date:
Jun 10, 2025 (5 hours, 1 minute ago)
Vulnerabilities has been mentioned in this article.
CVE-2024-8963
CVE-2024-8190
CISA Flags Active Exploits in Erlang/OTP SSH and Roundcube Webmail: Critical RCE and XSS Flaws Under Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, citing confirmed evidence of in-the-wild exploi …
Read more
Published Date:
Jun 10, 2025 (3 hours, 46 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-4601: Flaw Exposes 33,000+ RealHomes WordPress Sites to Admin Takeover
A critical Privilege Escalation vulnerability has been disclosed in the RealHomes WordPress theme, a popular real estate template with over 33,000 sales on ThemeForest. Tracked as CVE-2025-4601 and ca …
Read more
Published Date:
Jun 10, 2025 (3 hours, 36 minutes ago)
Vulnerabilities has been mentioned in this article.
Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain → Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Full Disclosure
mailing list archives
From: josephgoyd via Fulldisclosure
Date: Mon, 09 Jun 2025 05:22:35 +0000
Hello Full Disclosure,
This is a strategic public discl …
Read more
Published Date:
Jun 10, 2025 (3 hours, 3 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-31201
CVE-2025-31200