CVE ID : CVE-2025-4095

Published : April 29, 2025, 6:15 p.m. | 52 minutes ago

Description : Registry Access Management (RAM) is a security feature allowing administrators to restrict access for their developers to only allowed registries. When a MacOS configuration profile is used to enforce organization sign-in, the RAM policies are not being applied, which would allow Docker Desktop users to pull down unapproved, and potentially malicious images from any registry.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4077

Published : April 29, 2025, 6:15 p.m. | 52 minutes ago

Description : A vulnerability classified as critical was found in code-projects School Billing System 1.0. This vulnerability affects the function searchrec. The manipulation of the argument Name leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

This roundup showcases a few command-line tools which let you generate memes in your terminal. The post 4 Fun Free…

New GPAUF Technique to Root Qualcomm-Based Android Phones

Rooting is a technique that lets users or attackers achieve privileged control over the operating system, circumventing manufacturer and carrier constraints.
Senior mobile security researchers Pan Zhe …
Read more

Published Date:
Apr 29, 2025 (5 hours, 23 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2024-23380

CVE-2024-23373

Hackers Actively Attacking Git Configuration Files From 4,800+ IP’s

A notable increase in malicious scanning for exposed Git configuration files has been observed, posing significant risks of codebase theft and credential exposure for organizations around the globe.
S …
Read more

Published Date:
Apr 29, 2025 (5 hours, 5 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2021-23263

CISA warns about actively exploited Broadcom, Commvault vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has added three new flaws to its Known Exploited Vulnerabilities catalog on Monday, affecting Commvault (CVE-2025-3928), Active! Mail (CVE-2 …
Read more

Published Date:
Apr 29, 2025 (4 hours, 13 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-3928

CVE-2025-1976

CVE-2025-34028

CVE-2025-42599

Google Warns of 75 Zero-Day Vulnerabilities Exploited in the Wild

Google’s Threat Intelligence Group (GTIG) has revealed that 75 zero-day vulnerabilities were exploited in the wild during 2024, highlighting both evolving attacker tactics and shifting targets in the …
Read more

Published Date:
Apr 29, 2025 (3 hours, 16 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2024-44309

CVE-2024-44308

CVE-2024-49039

CVE-2024-9680

Google Chrome Vulnerability Let Attackers Escape Payload from Sandbox – Technical Details Disclosed

A critical vulnerability in Google Chrome has recently been discovered that allows malicious actors to break out of the browser’s protective sandbox environment, potentially giving attackers access to …
Read more

Published Date:
Apr 29, 2025 (3 hours, 7 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-2783

AirPlay Zero-Click RCE Vulnerability Enables Remote Device Takeover via Wi-Fi

A critical vulnerability in Apple’s AirPlay protocol, dubbed AirBorne, has exposed over 2.35 billion active Apple devices and tens of millions of third-party gadgets to remote code execution (RCE) att …
Read more

Published Date:
Apr 29, 2025 (2 hours, 32 minutes ago)

Vulnerabilities has been mentioned in this article.

CISA tags Broadcom Fabric OS, CommVault flaws as exploited in attacks

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of Broadcom Brocade Fabric OS, Commvault web servers, and Qualitia Active! Mail clients vulnerabilities that are actively expl …
Read more

Published Date:
Apr 29, 2025 (2 hours, 31 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-3928

CVE-2025-1976

CVE-2025-42599

CISA Adds Broadcom Brocade Fabric OS Vulnerability to Known Exploited Vulnerabilities Catalog

CISA officially added a significant security flaw affecting Broadcom’s Brocade Fabric OS to its authoritative Known Exploited Vulnerabilities (KEV) Catalog, underscoring the urgent need for remediatio …
Read more

Published Date:
Apr 29, 2025 (2 hours, 23 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-1976

NVIDIA Riva Vulnerabilities Exposes Enable Authorized Access to Cloud Environments

A critical security flaw in NVIDIA’s Riva framework, an AI-powered speech and translation service, has left cloud environments vulnerable to unauthorized access and exploitation.
Trend Micro researche …
Read more

Published Date:
Apr 29, 2025 (1 hour, 57 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-23243

CVE-2025-23242

CVE ID : CVE-2025-1551

Published : April 29, 2025, 4:15 p.m. | 31 minutes ago

Description : IBM Operational Decision Manager 8.11.0.1, 8.11.1.0, 8.12.0.1, and 9.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-23179

Published : April 29, 2025, 4:15 p.m. | 31 minutes ago

Description : CWE-798: Use of Hard-coded Credentials

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-25403

Published : April 29, 2025, 4:15 p.m. | 31 minutes ago

Description : Slims (Senayan Library Management Systems) 9 Bulian V9.6.1 is vulnerable to SQL Injection in admin/modules/master_file/coll_type.php.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-23178

Published : April 29, 2025, 4:15 p.m. | 31 minutes ago

Description : CWE-923: Improper Restriction of Communication Channel to Intended Endpoints

Severity: 7.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-25962

Published : April 29, 2025, 4:15 p.m. | 31 minutes ago

Description : An issue in Coresmartcontracts Uniswap v.3.0 and fixed in v.4.0 allows a remote attacker to escalate privileges via the _modifyPosition function

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-23177

Published : April 29, 2025, 4:15 p.m. | 31 minutes ago

Description : CWE-427: Uncontrolled Search Path Element

Severity: 7.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-32354

Published : April 29, 2025, 4:15 p.m. | 31 minutes ago

Description : In Zimbra Collaboration (ZCS) 9.0 through 10.1, a Cross-Site Request Forgery (CSRF) vulnerability exists in the GraphQL endpoint (/service/extension/graphql) of Zimbra webmail due to a lack of CSRF token validation. This allows attackers to perform unauthorized GraphQL operations, such as modifying contacts, changing account settings, and accessing sensitive user data when an authenticated user visits a malicious website.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

StarRocks is a query engine for sub-second, ad-hoc analytics both on and off the data lakehouse. It eliminates the need…