CVE ID : CVE-2025-20665

Published : May 5, 2025, 3:15 a.m. | 17 minutes ago

Description : In devinfo, there is a possible information disclosure due to a missing SELinux policy. This could lead to local information disclosure of device identifier with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09555228; Issue ID: MSV-2760.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-20666

Published : May 5, 2025, 3:15 a.m. | 17 minutes ago

Description : In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00650610; Issue ID: MSV-2933.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-20667

Published : May 5, 2025, 3:15 a.m. | 17 minutes ago

Description : In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01513293; Issue ID: MSV-2741.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-20668

Published : May 5, 2025, 3:15 a.m. | 17 minutes ago

Description : In scp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09625562; Issue ID: MSV-3027.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-20670

Published : May 5, 2025, 3:15 a.m. | 17 minutes ago

Description : In Modem, there is a possible permission bypass due to improper certificate validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with User execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01334347; Issue ID: MSV-2772.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-20671

Published : May 5, 2025, 3:15 a.m. | 17 minutes ago

Description : In thermal, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09698599; Issue ID: MSV-3228.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4259

Published : May 5, 2025, 3:15 a.m. | 17 minutes ago

Description : A vulnerability has been found in newbee-mall 1.0 and classified as critical. Affected by this vulnerability is the function Upload of the file ltd/newbee/mall/controller/common/UploadController.java. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4260

Published : May 5, 2025, 3:15 a.m. | 17 minutes ago

Description : A vulnerability was found in zhangyanbo2007 youkefu up to 4.2.0 and classified as problematic. Affected by this issue is the function impsave of the file mwebhandleradminsystemTemplateController.java. The manipulation of the argument dataFile leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

bmk is a command-line bookmark manager, designed to store and retrieve bookmarks without relying on a web-browser. The post bmk…

The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. This week in DistroWatch Weekly:
Review: CachyOS 250330
News: Kali updates project’s repository key, Trinity desktop receives update, UBports testing home directory encryption, Gentoo and other projects face losing their infrastructure
Questions and answers: What it means when an operating system breaks
Released last week: 4MLinux 48.0, AnduinOS 1.3.0, Mabox Linux….

Cybersecurity Weekly Newsletter: Key Attacks and Vulnerabilities From Last Week

In our fast-paced, interconnected world, the dangers of cyberattacks are becoming more frequent and complex. That’s why it’s more important than ever to stay updated and aware of the risks. Every week …
Read more

Published Date:
May 04, 2025 (5 hours, 56 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE ID : CVE-2025-4251

Published : May 4, 2025, 10:15 p.m. | 1 hour, 17 minutes ago

Description : A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. This issue affects some unknown processing of the component RMDIR Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4252

Published : May 4, 2025, 11:15 p.m. | 17 minutes ago

Description : A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. Affected is an unknown function of the component APPEND Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4253

Published : May 4, 2025, 11:15 p.m. | 17 minutes ago

Description : A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component HASH Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Revenge of the Savage Planet leads a bunch of new Xbox games launching this week, from May 5 through May…

In this tutorial, we will learn how to create a CRUD Operation using Laravel 11. Step 1: Install Laravel composer…

Based on three FCC (Federal Communications Commission) certifications spotted by Windows Latest, Microsoft plans to launch a new Surface Laptop…

Windows 11 version 24H2 will now show up for “download and install” automatically if you go to Settings > Windows…

Post Content Source: Read More 

LLMs have shown impressive promise in conducting diagnostic conversations, particularly through text-based interactions. However, their evaluation and application have largely…