CVE ID : CVE-2025-24508
Published : July 7, 2025, 5:15 a.m. | 1 hour, 7 minutes ago
Description : Extraction of Account Connectivity Credentials (ACCs) from the IT Management Agent secure storage
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-48501
Published : July 7, 2025, 5:15 a.m. | 1 hour, 7 minutes ago
Description : An OS command injection issue exists in Nimesa Backup and Recovery v2.3 and v2.4. If this vulnerability is exploited, an arbitrary OS commands may be executed on the server where the product is running.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-53473
Published : July 7, 2025, 5:15 a.m. | 1 hour, 7 minutes ago
Description : Server-side request forgery (SSRF) vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, unintended requests may be sent to internal servers.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7111
Published : July 7, 2025, 5:15 a.m. | 1 hour, 7 minutes ago
Description : A vulnerability has been found in Portabilis i-Educar 2.9.0 and classified as problematic. This vulnerability affects unknown code of the file /intranet/educar_curso_det.php?cod_curso=ID of the component Course Module. The manipulation of the argument Curso leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7112
Published : July 7, 2025, 5:15 a.m. | 1 hour, 7 minutes ago
Description : A vulnerability was found in Portabilis i-Educar 2.9.0 and classified as problematic. This issue affects some unknown processing of the file /intranet/educar_funcao_det.php?cod_funcao=COD&ref_cod_instituicao=COD of the component Function Management Module. The manipulation of the argument Função leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7113
Published : July 7, 2025, 5:15 a.m. | 1 hour, 7 minutes ago
Description : A vulnerability was found in Portabilis i-Educar 2.9.0. It has been classified as problematic. Affected is an unknown function of the file /module/ComponenteCurricular/edit?id=ID of the component Curricular Components Module. The manipulation of the argument Nome leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
The Movie Speeds Past $300M—Apple’s First True Box Office Breakthrough
The Apple Original Films production F1: The Movie has amassed nearly $300 million at the global box office in less than two weeks since its theatrical debut. This milestone not only surpasses the prev …
Read more
Published Date:
Jul 06, 2025 (22 hours, 30 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2023-32434
Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited Chrome
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463)
If you haven’t …
Read more
Published Date:
Jul 06, 2025 (22 hours, 21 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-20309
CVE-2025-6554
CVE-2025-32463
CVE-2025-32462
CVE-2025-6543
CVE-2025-5777
CVE-2025-5349
Stalkerware firm gets scooped by SQL-slinging security snoop
Infosec In Brief A security researcher looking at samples of stalkerware discovered an SQL vulnerability that allowed him to steal a database of 62,000 user accounts.
Eric Daigle published a blog post …
Read more
Published Date:
Jul 06, 2025 (10 hours, 11 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-6554
CVE-2024-45347
Linux Privilege Escalation (CVE-2025-6019): Root Access Via udisksd & libblockdev, PoC Available
Security researchers from SecureLayer7 published the technical details and a proof-of-concept exploit for a security vulnerability, CVE-2025-6019, affecting Linux distributions that rely on the udisks …
Read more
Published Date:
Jul 07, 2025 (6 hours, 21 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-6019
CVE-2025-23222
PoC Released for Linux Privilege Escalation Vulnerability via udisksd and libblockdev
A proof-of-concept exploit for a critical local privilege escalation vulnerability affecting major Linux distributions, including Fedora and SUSE environments.
The vulnerability, designated CVE-2025-6 …
Read more
Published Date:
Jul 07, 2025 (3 hours, 35 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-6019
ScriptCase Flaws (CVE-2025-47227/47228): Pre-Auth RCE & Admin Takeover Risk for Web Servers, PoC Published
In a recent security advisory, researchers from Synacktiv revealed two chained vulnerabilities in ScriptCase’s Production Environment module—known as the “prod console”—that can lead to pre-authentica …
Read more
Published Date:
Jul 07, 2025 (3 hours, 32 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-47228
CVE-2025-47227
CVE-2024-43468
CVE-2024-8940
CVE-2023-35001
CVE-2023-22809
Redis DoS Flaw (CVE-2025-48367): Authenticated Clients Can Disrupt Service
Redis, the popular in-memory data store used for caching, message brokering, and real-time analytics, has issued a security advisory highlighting a denial-of-service (DoS) issue tracked as CVE-2025-48 …
Read more
Published Date:
Jul 07, 2025 (2 hours, 55 minutes ago)
Vulnerabilities has been mentioned in this article.
Vulnerability in SUR-FBD CMMS software
CVE ID
CVE-2025-3920
Publication date
07 July 2025
Vendor
SUR-FBD CMMS
Product
SUR-FBD CMMS
Vulnerable versions
All through 2025.03.27
Vulnerability type (CWE)
Use of Hard-coded Password (CWE-259)
Rep …
Read more
Published Date:
Jul 07, 2025 (0 minutes ago)
Vulnerabilities has been mentioned in this article.
A hacking group with ties other than Pakistan has been found targeting Indian government organizations with a modified variant of…
The Token System is a web-based application developed using PHP and MySQL, designed to automate the process of issuing service tokens…
Comments Source: Read MoreÂ
CVE ID : CVE-2025-1317
Published : July 5, 2025, 11:15 p.m. | 2 hours, 53 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-1318
Published : July 5, 2025, 11:15 p.m. | 2 hours, 53 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-1569
Published : July 5, 2025, 11:15 p.m. | 2 hours, 53 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…