CVE ID : CVE-2025-4015

Published : April 28, 2025, 10:15 a.m. | 2 hours, 14 minutes ago

Description : A vulnerability was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. It has been rated as critical. Affected by this issue is the function list of the file novel-system/src/main/java/com/java2nb/system/controller/SessionController.java. The manipulation leads to missing authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4016

Published : April 28, 2025, 11:15 a.m. | 1 hour, 14 minutes ago

Description : A vulnerability classified as critical has been found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This affects the function deleteIndex of the file novel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4017

Published : April 28, 2025, 11:15 a.m. | 1 hour, 14 minutes ago

Description : A vulnerability classified as problematic was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This vulnerability affects the function list of the file nnovel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

A playful exploration of animating repeated image frames along a path, inspired by Joana Correia’s motion design reel. Source: Read…

Quando si pensa al mondo GNU/Linux, spesso vengono in mente distribuzioni come Ubuntu, Fedora o Debian. Tuttavia, l’ecosistema GNU/Linux è…

Ubuntu amplia il suo supporto hardware abbracciando la nuova OrangePi RV2, una scheda a singola scheda (SBC, Single Board Computer)…

A React component that creates a scroll-driven 3D coverflow effect with CSS animations and image prefetching. The post React Coverflow…

A React Native component for creating animated multi-step flows in bottom sheet modals with navigation controls and smooth transitions. The…

Activepieces is business automation software that’s AI-first, no-code and open-source. It can be self-hosted with a simple Docker command. The…

Arch Linux, una delle distribuzioni GNU/Linux più celebri e apprezzate per la sua filosofia minimalista e la gestione avanzata del…

DebLight OS is a lightweight and fast Linux distribution, particularly well-suited for older 32-bit PCs and 64-bit PCs. The post…

Rack::Static Vulnerability Exposes Ruby Servers to Data Breaches!

Hold onto your keyboards, Ruby developers! 😱 A critical security flaw in the Rack::Static middleware has been uncovered, potentially leaving Ruby-based web servers vulnerable to data breaches. Dubbed …
Read more

Published Date:
Apr 28, 2025 (2 hours, 53 minutes ago)

Vulnerabilities has been mentioned in this article.

Windows 11 25H2 Update: Minor Changes Expected in October 2025

Microsoft now schedules major version updates for Windows 11 every October, with the upcoming release set for October 2025—namely, Windows 11 version 25H2. References to this version have already begu …
Read more

Published Date:
Apr 28, 2025 (2 hours, 24 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-32432

CVE-2023-34063

Linux Considers Dropping Support for Ancient i486 and i586 CPUs

The Intel 486, the fourth generation of Intel’s x86 processor line, was initially released in 1989, marking the x86 architecture’s transition from 16-bit to a mature 32-bit era. The Intel 586, unveile …
Read more

Published Date:
Apr 28, 2025 (2 hours, 20 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2023-28461

New iOS Critical Vulnerability That Could Brick iPhones With a Single Line of Code

A critical vulnerability in iOS could allow malicious applications to disable iPhones with just a single line of code permanently.
The vulnerability, assigned CVE-2025-24091, leverages the operating s …
Read more

Published Date:
Apr 28, 2025 (2 hours, 8 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-32818 impacts SonicOS SSLVPN

CVE-2025-32818 is a critical vulnerability affecting the SonicOS SSLVPN Virtual Office interface. This flaw allows remote, unauthenticated attackers to exploit a Null Pointer Dereference, causing the …
Read more

Published Date:
Apr 28, 2025 (1 hour, 38 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-32818

CVE-2025-21293

CVE-2024-40766

CVE ID : CVE-2025-3996

Published : April 28, 2025, 3:15 a.m. | 5 hours, 13 minutes ago

Description : A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /home.htm of the component MAC Filtering Page. The manipulation of the argument Comment leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-3706

Published : April 28, 2025, 3:15 a.m. | 5 hours, 13 minutes ago

Description : The eHRMS from 104 Corporation has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user’s browser through phishing attacks.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-3997

Published : April 28, 2025, 3:15 a.m. | 5 hours, 13 minutes ago

Description : A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-profile-ajax-1 of the component Personal Information Page. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-3998

Published : April 28, 2025, 4:15 a.m. | 4 hours, 13 minutes ago

Description : A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0. This vulnerability affects unknown code of the file renew.php?id=6. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…