CVE ID : CVE-2025-40658
Published : June 10, 2025, 10:15 a.m. | 1 hour, 52 minutes ago
Description : An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelection.asp.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-40657
Published : June 10, 2025, 10:15 a.m. | 1 hour, 52 minutes ago
Description : A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the codform parameter in /modules/forms/collectform.asp.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-40659
Published : June 10, 2025, 10:15 a.m. | 1 hour, 52 minutes ago
Description : An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelectionNetworks.asp.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-40660
Published : June 10, 2025, 10:15 a.m. | 1 hour, 52 minutes ago
Description : An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/select node/data.asp?mode=catalogue&id1=1&id2=1session=&cod=1&networks=0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two critical security flaws impacting Erlang/Open Telecom Platform (OTP)…
CVE ID : CVE-2025-40661
Published : June 10, 2025, 10:15 a.m. | 1 hour, 52 minutes ago
Description : An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/selection.asp.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-40662
Published : June 10, 2025, 10:15 a.m. | 1 hour, 52 minutes ago
Description : Absolute path disclosure vulnerability in DM Corporative CMS. This vulnerability allows an attacker to view the contents of webroot/file, if navigating to a non-existent file.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2024-13090
Published : June 10, 2025, 11:15 a.m. | 52 minutes ago
Description : A privilege escalation vulnerability may enable a service account to elevate its privileges.
The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as that account.
It is important to note that no such vector has been identified in this instance.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2024-13089
Published : June 10, 2025, 11:15 a.m. | 52 minutes ago
Description : An OS command injection vulnerability within the update functionality may allow an authenticated administrator to execute unauthorized arbitrary OS commands.
Users with administrative privileges may upload update packages to upgrade the versions of Nozomi Networks Guardian and CMC.
While these updates are signed and their signatures are validated prior to installation, an improper signature validation check has been identified.
This issue could potentially enable users to execute commands remotely on the appliance, thereby impacting confidentiality, integrity, and availability.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-41657
Published : June 10, 2025, 11:15 a.m. | 52 minutes ago
Description : Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
The threat actor known as Rare Werewolf (formerly Rare Wolf) has been linked to a series of cyber attacks targeting…
CVE ID : CVE-2025-49454
Published : June 10, 2025, 1:15 p.m. | 31 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in LoftOcean TinySalt allows PHP Local File Inclusion.This issue affects TinySalt: from n/a before 3.10.0.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-49455
Published : June 10, 2025, 1:15 p.m. | 31 minutes ago
Description : Deserialization of Untrusted Data vulnerability in LoftOcean TinySalt allows Object Injection.This issue affects TinySalt: from n/a before 3.10.0.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-49507
Published : June 10, 2025, 1:15 p.m. | 31 minutes ago
Description : Deserialization of Untrusted Data vulnerability in LoftOcean CozyStay allows Object Injection.This issue affects CozyStay: from n/a before 1.7.1.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Google has stepped in to address a security flaw that could have made it possible to brute-force an account’s recovery…
Modern enterprise networks are highly complex environments that rely on hundreds of apps and infrastructure services. These systems need to…
Bridging Perception and Action in Robotics Multimodal Large Language Models (MLLMs) hold promise for enabling machines, such as robotic arms…
Early large language models (LLMs) excelled at generating coherent text; however, they struggled with tasks that required precise operations, such…
In this tutorial, we’ll learn how to harness the power of Google’s Gemini models alongside the flexibility of Pandas. We…
As AI-first development redefines how software is built, “vibe coding” has emerged as a paradigm-shifting approach where developers simply say…