Development

CVE ID : CVE-2025-48013

Published : June 11, 2025, 3:15 p.m. | 46 minutes ago

Description : Missing Authorization vulnerability in Drupal Quick Node Block allows Forceful Browsing.This issue affects Quick Node Block: from 0.0.0 before 2.0.0.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-48444

Published : June 11, 2025, 3:15 p.m. | 46 minutes ago

Description : Missing Authorization vulnerability in Drupal Quick Node Block allows Forceful Browsing.This issue affects Quick Node Block: from 0.0.0 before 2.0.0.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-48446

Published : June 11, 2025, 3:15 p.m. | 2 hours, 14 minutes ago

Description : Incorrect Authorization vulnerability in Drupal Commerce Alphabank Redirect allows Functionality Misuse.This issue affects Commerce Alphabank Redirect: from 0.0.0 before 1.0.3.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49146

Published : June 11, 2025, 3:15 p.m. | 2 hours, 14 minutes ago

Description : pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding set to required (default value is prefer), the driver would incorrectly allow connections to proceed with authentication methods that do not support channel binding (such as password, MD5, GSS, or SSPI authentication). This could allow a man-in-the-middle attacker to intercept connections that users believed were protected by channel binding requirements. This vulnerability is fixed in 42.7.7.

Severity: 8.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-48445

Published : June 11, 2025, 3:15 p.m. | 2 hours, 14 minutes ago

Description : Incorrect Authorization vulnerability in Drupal Commerce Eurobank (Redirect) allows Functionality Misuse.This issue affects Commerce Eurobank (Redirect): from 0.0.0 before 2.1.1.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-48447

Published : June 11, 2025, 3:15 p.m. | 46 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Drupal Lightgallery allows Cross-Site Scripting (XSS).This issue affects Lightgallery: from 0.0.0 before 1.6.0.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-48448

Published : June 11, 2025, 3:15 p.m. | 46 minutes ago

Description : Allocation of Resources Without Limits or Throttling vulnerability in Drupal Admin Audit Trail allows Excessive Allocation.This issue affects Admin Audit Trail: from 0.0.0 before 1.0.5.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49148

Published : June 11, 2025, 3:15 p.m. | 46 minutes ago

Description : ClipShare is a lightweight and cross-platform tool for clipboard sharing. Prior to 3.8.5, ClipShare Server for Windows uses the default Windows DLL search order and loads system libraries like CRYPTBASE.dll and WindowsCodecs.dll from its own directory before the system path. A local, non-privileged user who can write to the folder containing clip_share.exe can place malicious DLLs there, leading to arbitrary code execution in the context of the server, and, if launched by an Administrator (or another elevated user), it results in a reliable local privilege escalation. This vulnerability is fixed in 3.8.5.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Windows Remote Desktop Services Vulnerability Allows Remote Code Execution

A critical security vulnerability in Windows Remote Desktop Services, designated as CVE-2025-32710, which allows unauthorized attackers to execute arbitrary code remotely without authentication.
Relea …
Read more

Published Date:
Jun 11, 2025 (5 hours, 6 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-32710

Firefox Patches Multiple Vulnerabilities That Could Lead to Browser Crash

Mozilla has released Firefox 139.0.4 to address critical security vulnerabilities that could potentially cause browser crashes and compromise user security.
These high-impact vulnerabilities CVE-2025- …
Read more

Published Date:
Jun 11, 2025 (4 hours, 19 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-33053: RCE in WebDAV | Kaspersky official blog

vulnerabilities
Internet Explorer sends its regards: a vulnerability in the HTTP protocol extension allows attackers to run malicious code — even on a modern operating system.
June 11, 2025
On June 10 …
Read more

Published Date:
Jun 11, 2025 (3 hours, 13 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-33053

CVE-2025-2783

CVE-2025-22224

Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053)

For June 2025 Patch Tuesday, Microsoft has fixed 66 new CVEs, including a zero-day exploited in the wild (CVE-2025-33053).
Also, Adobe Commerce and Magento Open Source users are urged to update quickl …
Read more

Published Date:
Jun 11, 2025 (2 hours, 47 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-32717

CVE-2025-3052

CVE-2025-47167

CVE-2025-47164

CVE-2025-47162

CVE-2025-33073

CVE-2025-33071

CVE-2025-33070

CVE-2025-33053

CVE-2025-24016

HPE Aruba Network Vulnerability Exposes Sensitive Information to Hackers

A high-severity security vulnerability in Hewlett Packard Enterprise (HPE) Aruba Networking Private 5G Core platform that could allow unauthorized actors to access and download sensitive system files. …
Read more

Published Date:
Jun 11, 2025 (1 hour, 57 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-37100

Salesforce Industry Cloud Hit by 20 Vulnerabilities Including 0days

A recent investigation by security research firm AppOmni has brought to light more than twenty security weaknesses within Salesforce‘s Industry Cloud products. These findings, shared with Hackread.com …
Read more

Published Date:
Jun 11, 2025 (1 hour, 41 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-43701

CVE-2025-43700

CVE-2025-43699

CVE-2025-43698

CVE-2025-43697

CVE-2022-43698

Microsoft fixes Windows Server auth issues caused by April updates

Microsoft has fixed a known issue causing authentication problems on Windows Server domain controllers after installing the April 2025 security updates.
Platforms affected by these problems include Wi …
Read more

Published Date:
Jun 11, 2025 (1 hour, 26 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-26647

CVE ID : CVE-2025-33112

Published : June 10, 2025, 5:23 p.m. | 18 hours, 51 minutes ago

Description : IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary code due to improper neutralization of pathname input.

Severity: 8.4 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-47162

Published : June 10, 2025, 5:23 p.m. | 18 hours, 51 minutes ago

Description : Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Severity: 8.4 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-47163

Published : June 10, 2025, 5:23 p.m. | 18 hours, 51 minutes ago

Description : Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-47164

Published : June 10, 2025, 5:23 p.m. | 18 hours, 51 minutes ago

Description : Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Severity: 8.4 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-47166

Published : June 10, 2025, 5:23 p.m. | 18 hours, 51 minutes ago

Description : Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…