Development

CVE ID : CVE-2025-20666

Published : May 5, 2025, 3:15 a.m. | 17 minutes ago

Description : In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00650610; Issue ID: MSV-2933.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-20667

Published : May 5, 2025, 3:15 a.m. | 17 minutes ago

Description : In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01513293; Issue ID: MSV-2741.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-20668

Published : May 5, 2025, 3:15 a.m. | 17 minutes ago

Description : In scp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09625562; Issue ID: MSV-3027.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-20670

Published : May 5, 2025, 3:15 a.m. | 17 minutes ago

Description : In Modem, there is a possible permission bypass due to improper certificate validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with User execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01334347; Issue ID: MSV-2772.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-20671

Published : May 5, 2025, 3:15 a.m. | 17 minutes ago

Description : In thermal, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09698599; Issue ID: MSV-3228.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4259

Published : May 5, 2025, 3:15 a.m. | 17 minutes ago

Description : A vulnerability has been found in newbee-mall 1.0 and classified as critical. Affected by this vulnerability is the function Upload of the file ltd/newbee/mall/controller/common/UploadController.java. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4260

Published : May 5, 2025, 3:15 a.m. | 17 minutes ago

Description : A vulnerability was found in zhangyanbo2007 youkefu up to 4.2.0 and classified as problematic. Affected by this issue is the function impsave of the file mwebhandleradminsystemTemplateController.java. The manipulation of the argument dataFile leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Cybersecurity Weekly Newsletter: Key Attacks and Vulnerabilities From Last Week

In our fast-paced, interconnected world, the dangers of cyberattacks are becoming more frequent and complex. That’s why it’s more important than ever to stay updated and aware of the risks. Every week …
Read more

Published Date:
May 04, 2025 (5 hours, 56 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE ID : CVE-2025-4251

Published : May 4, 2025, 10:15 p.m. | 1 hour, 17 minutes ago

Description : A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. This issue affects some unknown processing of the component RMDIR Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4252

Published : May 4, 2025, 11:15 p.m. | 17 minutes ago

Description : A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. Affected is an unknown function of the component APPEND Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4253

Published : May 4, 2025, 11:15 p.m. | 17 minutes ago

Description : A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component HASH Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

In this tutorial, we will learn how to create a CRUD Operation using Laravel 11. Step 1: Install Laravel composer…

LLMs have shown impressive promise in conducting diagnostic conversations, particularly through text-based interactions. However, their evaluation and application have largely…

In today’s fast-paced financial landscape, leveraging specialized AI agents to handle discrete aspects of analysis is key to delivering timely,…

Week in review: Critical SAP NetWeaver flaw exploited, RSAC 2025 Conference

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
RSAC 2025 Conference
RSAC 2025 Conference took place at the Moscone Center in San Francisco. Check out …
Read more

Published Date:
May 04, 2025 (3 hours, 45 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-3928

CVE-2025-31324

CVE-2025-1976

CVE-2025-42599

CVE-2024-38475

CVE-2023-44221

CVE ID : CVE-2025-4247

Published : May 4, 2025, 5:15 a.m. | 6 hours, 12 minutes ago

Description : A vulnerability, which was classified as critical, was found in SourceCodester Simple To-Do List System 1.0. Affected is an unknown function of the file /delete_task.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4248

Published : May 4, 2025, 6:15 a.m. | 5 hours, 12 minutes ago

Description : A vulnerability has been found in SourceCodester Simple To-Do List System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /complete_task.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4249

Published : May 4, 2025, 7:15 a.m. | 4 hours, 12 minutes ago

Description : A vulnerability was found in PHPGurukul e-Diary Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /manage-categories.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4250

Published : May 4, 2025, 9:17 a.m. | 2 hours, 10 minutes ago

Description : A vulnerability was found in code-projects Nero Social Networking Site 1.0. It has been classified as critical. This affects an unknown part of the file /index.php. The manipulation of the argument fname/lname/login/password2/cpassword/address/cnumber/email/gender/propic/month leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

In this hands-on tutorial, we’ll learn how to seamlessly connect Claude Desktop to real-time web search and content-extraction capabilities using…