CVE ID : CVE-2025-5683
Published : June 5, 2025, 6:15 a.m. | 42 minutes ago
Description : When loading a specifically crafted ICNS format image file in QImage then it will trigger a crash. This issue affects Qt from versions 6.3.0 through 6.5.9, from 6.6.0 through 6.8.4, 6.9.0. This is fixed in 6.5.10, 6.8.5 and 6.9.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5640
Published : June 5, 2025, 6:15 a.m. | 42 minutes ago
Description : A vulnerability was found in PX4-Autopilot 1.12.3. It has been classified as problematic. This affects the function MavlinkReceiver::handle_message_trajectory_representation_waypoints of the file mavlink_receiver.cpp of the component TRAJECTORY_REPRESENTATION_WAYPOINTS Message Handler. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
The Bitter End: Unraveling Eight Years of Espionage Antics—Part One
June 04, 2025
Nick Attfield and Konstantin Klinger in collaboration with Threatray’s Abdallah Elshinbary and Jonas Wagner
This is a two-part blog series, detailing research undertaken in collaboration …
Read more
Published Date:
Jun 04, 2025 (12 hours, 54 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2024-43572
Play ransomware crims exploit SimpleHelp flaw in double-extortion schemes
Groups linked with the Play ransomware have exploited more than 900 organizations, the FBI said Wednesday, and have developed a number of new techniques in their double-extortion campaigns – including …
Read more
Published Date:
Jun 04, 2025 (3 hours, 52 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2024-57727
CVE-2022-41082
CVE-2022-41040
CVE-2020-12812
CVE-2018-13379
Multiple Stored XSS Vulnerabilities Discovered in VMware NSX — Patch Now
Broadcom has released important updates addressing three newly disclosed vulnerabilities in VMware NSX, all of which expose users to Stored Cross-Site Scripting (XSS) attacks. These flaws—tracked as C …
Read more
Published Date:
Jun 04, 2025 (3 hours, 46 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-22245
CVE-2025-22244
CVE-2025-22243
CVE-2025-22231
Critical ABB EIBPORT Flaw: Update Now to Prevent Building Automation Hijacks!
ABB has issued a Cyber Security Advisory addressing a critical session management vulnerability affecting its EIBPORT V3 products used in building automation systems. The flaw, tracked as CVE-2024-139 …
Read more
Published Date:
Jun 05, 2025 (3 hours, 31 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2024-13967
CVE-2024-51547
CVE-2024-56529
Critical Cisco ISE Cloud Vulnerability (CVSS 9.9) with PoC Exploit Threatens AWS, Azure, OCI
Cisco has patched a critical vulnerability (CVE-2025-20286, CVSS 9.9) that affects cloud-based deployments of its Identity Services Engine (ISE) across AWS, Microsoft Azure, and Oracle Cloud Infrastru …
Read more
Published Date:
Jun 05, 2025 (3 hours, 26 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-20286
CVE-2025-20125
CVE-2025-20124
CVE-2024-20469
CVE-2025-48947: Session Cookies at Risk in Auth0 Next.js SDK
A serious vulnerability has been uncovered in the widely-used Auth0 Next.js SDK—a library that helps developers implement authentication in their Next.js apps. Tracked as CVE-2025-48947 and rated CVSS …
Read more
Published Date:
Jun 05, 2025 (3 hours, 14 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-48947
CVE-2025-29927
CVE-2024-56332
CVE-2024-51479
CVE-2024-46982
Sophos Unmasks Sakura RAT: Hackers Hacking Hackers with Backdoored Malware!
In a recent deep dive, Sophos X-Ops uncovered a sophisticated campaign that’s not targeting enterprises or governments, but instead other hackers and game cheaters. And it all starts with a backdoored …
Read more
Published Date:
Jun 05, 2025 (3 hours, 3 minutes ago)
Vulnerabilities has been mentioned in this article.
Cisco Warns of High-Severity SSH Security Flaws in UCS IMC and NDFC Systems
Cisco has issued security advisories for two high-severity vulnerabilities—one in the Cisco Integrated Management Controller (IMC) and the other in the Nexus Dashboard Fabric Controller (NDFC)—both po …
Read more
Published Date:
Jun 05, 2025 (2 hours, 57 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-20261
CVE-2025-20163
CVE-2024-20536
CVE-2024-20432
CVE-2025-48951: Critical Deserialization Flaw in Auth0 PHP SDK Threatens Millions of Applications
A newly disclosed vulnerability in the Auth0 PHP SDK—a widely-used authentication toolkit with over 16 million downloads—poses a critical threat to web applications that rely on social and enterprise …
Read more
Published Date:
Jun 05, 2025 (2 hours ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-48947
CVE-2025-48951
CVE ID : CVE-2025-5621
Published : June 5, 2025, 12:15 a.m. | 3 hours, 23 minutes ago
Description : A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this vulnerability is the function qosClassifier of the file /goform/qosClassifier. The manipulation of the argument dip_address/sip_address leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5622
Published : June 5, 2025, 12:15 a.m. | 3 hours, 23 minutes ago
Description : A vulnerability was found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this issue is the function wirelessApcli_5g of the file /goform/wirelessApcli_5g. The manipulation of the argument apcli_mode_5g/apcli_enc_5g/apcli_default_key_5g leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5620
Published : June 5, 2025, 12:15 a.m. | 3 hours, 23 minutes ago
Description : A vulnerability, which was classified as critical, was found in D-Link DIR-816 1.10CNB05. Affected is the function setipsec_config of the file /goform/setipsec_config. The manipulation of the argument localIP/remoteIP leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5623
Published : June 5, 2025, 12:15 a.m. | 1 hour, 59 minutes ago
Description : A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been classified as critical. This affects the function qosClassifier of the file /goform/qosClassifier. The manipulation of the argument dip_address/sip_address leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5624
Published : June 5, 2025, 1:15 a.m. | 59 minutes ago
Description : A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been declared as critical. This vulnerability affects the function QoSPortSetup of the file /goform/QoSPortSetup. The manipulation of the argument port0_group/port0_remarker/ssid0_group/ssid0_remarker leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-49008
Published : June 5, 2025, 1:15 a.m. | 2 hours, 23 minutes ago
Description : Atheos is a self-hosted browser-based cloud integrated development environment. Prior to version 6.0.4, improper use of `escapeshellcmd()` in `/components/codegit/traits/execute.php` allows argument injection, leading to arbitrary command execution. Atheos administrators and users of vulnerable versions are at risk of data breaches or server compromise. Version 6.0.4 introduces a `Common::safe_execute` function that sanitizes all arguments using `escapeshellarg()` prior to execution and migrated all components potentially vulnerable to similar exploits to use this new templated execution system.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5625
Published : June 5, 2025, 1:15 a.m. | 2 hours, 23 minutes ago
Description : A vulnerability was found in Campcodes Online Teacher Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /search-teacher.php. The manipulation of the argument searchteacher leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5626
Published : June 5, 2025, 1:15 a.m. | 2 hours, 23 minutes ago
Description : A vulnerability classified as critical has been found in Campcodes Online Teacher Record Management System 1.0. Affected is an unknown function of the file /admin/edit-subjects-detail.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5627
Published : June 5, 2025, 1:15 a.m. | 2 hours, 23 minutes ago
Description : A vulnerability classified as critical was found in code-projects Patient Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /sputum_form.php. The manipulation of the argument itr_no leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…