CVE ID : CVE-2025-0885

Published : July 3, 2025, 10:15 a.m. | 1 hour, 14 minutes ago

Description : Incorrect Authorization vulnerability in OpenText™ GroupWise allows Exploiting Incorrectly Configured Access Control Security Levels.

The vulnerability could allow unauthorized access to calendar items marked private.

This issue affects GroupWise versions 7 through 17.5, 23.4, 24.1, 24.2, 24.3, 24.4.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-6587

Published : July 3, 2025, 10:15 a.m. | 1 hour, 14 minutes ago

Description : System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information such as api keys, passwords, etc. 
A malicious actor with read access to these logs could obtain secrets and further use them to gain unauthorized access to other systems. Starting with version 4.43.0 Docker Desktop no longer logs system environment variables as part of diagnostics log collection.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Hash Calculator is a console tool that can calculate about 50 cryptographic hashes of strings and files. The post Hash…

Thunderbird è un client di posta elettronica desktop libero e open source, sviluppato dalla comunità Mozilla. È noto per la…

openSUSE Tumbleweed è una distribuzione GNU/Linux di tipo “rolling release“, il che significa che riceve aggiornamenti continui senza versioni fisse.…

Arch Linux è una distribuzione GNU/Linux avanzata e leggera, progettata per utenti con conoscenze tecniche avanzate che desiderano un controllo…

This is a review of the Luckfox 15.6″ Portable Monitor. It’s an IPS screen with 1920×1080 resolution, 100% sRGB, and…

Keep your data safe. There are many different useful tools that offer disk encryption. We recommend the best free and…

TUXEDO Computers è un’azienda tedesca specializzata nella produzione di hardware ottimizzato per GNU/Linux. Fondata con l’obiettivo di fornire soluzioni informatiche…

Actively Exploited Google Chrome Zero-Day (CVE-2025-6554) Added to CISA’s KEV Catalog, PoC Available

🔐 Access to This Vulnerability Report Requires Support
This article is available to verified supporters only – contribute to read the full report
Contribute with Google
Or choose another support optio …
Read more

Published Date:
Jul 03, 2025 (5 hours, 6 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-6554

CVE-2025-20309 affects Cisco Unified CM

Skip to content🔎 Vulnerability OverviewCVE ID: CVE-2025-20309Severity: Critical (CVSS v3.1 Score: 10.0)Discovered in: Cisco Unified Communications Manager (Unified CM) and Session Management Edition ( …
Read more

Published Date:
Jul 03, 2025 (5 hours, 2 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-20309

CVE-2025-6554

CVE-2025-20156

Burn It With Fire: How to Eliminate an Industry-Wide Supply Chain Vulnerability

🔥 The supply chain bug that couldn’t be ignored — so I torched itIntroduction: A Typo That Could Compromise the JVMIn 2019, while debugging one of my own builds, I noticed something odd. The build was …
Read more

Published Date:
Jul 03, 2025 (2 hours, 50 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE ID : CVE-2025-5944

Published : July 3, 2025, 5:15 a.m. | 2 hours, 3 minutes ago

Description : The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-caption’ attribute in all versions up to, and including, 8.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Deepin Font Manager is a tool to install and uninstall font easily, supports batch installation, font information recognition, etc The…

AssetCool, a UK-based deeptech company pioneering advanced robotics and coatings for power lines, raised a £10 million Series A funding…

Sometimes, you see some code which is perfectly harmless, but illustrates an incredibly dangerous person behind them. The code isn’t…

And we achieved the goal of 75 new lifetime members. Thank you for that 🙏🙏 I think I have activated…

Cisco scores a perfect 10 – sadly for a critical flaw in its comms platform

If you’re running the Engineering-Special (ES) builds of Cisco Unified Communications Manager or its Session Management Edition, you need to apply Cisco’s urgent patch after someone at Switchzilla mad …
Read more

Published Date:
Jul 02, 2025 (5 hours, 15 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-20309

Linux Servers Hijacked: Attackers Install Legitimate Proxy Software for Covert Operations

The AhnLab SEcurity intelligence Center (ASEC) has uncovered a series of attacks on poorly secured Linux servers, where instead of deploying classic malware, attackers quietly install legitimate proxy …
Read more

Published Date:
Jul 03, 2025 (3 hours, 35 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2023-49606

CVE-2025-20309 (CVSS 10): Cisco Patches Critical Static SSH Root Credential Flaw in Unified CM

Cisco has disclosed a critical vulnerability in its Unified Communications Manager (Unified CM) and Session Management Edition (SME) platforms. Tracked as CVE-2025-20309 and rated CVSS 10, the flaw ex …
Read more

Published Date:
Jul 03, 2025 (2 hours, 9 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-20309

CVE-2025-20282

CVE-2025-20281

CVE-2025-36560

CVE-2025-31103