Development

CVE ID : CVE-2025-41657

Published : June 10, 2025, 11:15 a.m. | 52 minutes ago

Description : Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49454

Published : June 10, 2025, 1:15 p.m. | 31 minutes ago

Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in LoftOcean TinySalt allows PHP Local File Inclusion.This issue affects TinySalt: from n/a before 3.10.0.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49455

Published : June 10, 2025, 1:15 p.m. | 31 minutes ago

Description : Deserialization of Untrusted Data vulnerability in LoftOcean TinySalt allows Object Injection.This issue affects TinySalt: from n/a before 3.10.0.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Microsoft Edge Rolls Out AI-Powered History Search with Privacy Focus

Microsoft is currently rolling out an AI-powered history search feature to users of the Microsoft Edge browser. This functionality enables fuzzy search capabilities, allowing users to locate previousl …
Read more

Published Date:
Jun 10, 2025 (5 hours, 1 minute ago)

Vulnerabilities has been mentioned in this article.

CVE-2023-36735

SAP Patch Fixes Critical CVSS 9.6 Flaw in NetWeaver: Privilege Escalation and System Integrity at Risk

SAP’s June 2025 Security Patch Day addressed a total of 14 new vulnerabilities, including a critical issue and several high-severity flaws that demand immediate attention from enterprises relying on S …
Read more

Published Date:
Jun 10, 2025 (3 hours, 16 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-42989

CVE-2025-42983

CVE-2025-42982

CVE-2025-23192

CVE-2025-31324

85.000 RoundCube-mailservers bevatten actief misbruikt RCE-lek

Wereldwijd zijn er ruim 85.000 RoundCube-mailservers die een actief misbruikte kwetsbaarheid bevatten die remote code execution (RCE) mogelijk maakt, waarvan meer dan zeventienhonderd in Nederland. Da …
Read more

Published Date:
Jun 10, 2025 (2 hours, 26 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-49113

SAP June 2025 Patch Day – 14 Vulnerabilities Patched Across Multiple Products

SAP released its monthly Security Patch Day update addressing 14 critical vulnerabilities across multiple enterprise products.
The comprehensive security update includes patches addressing critical au …
Read more

Published Date:
Jun 10, 2025 (1 hour, 41 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-42998

CVE-2025-42993

CVE-2025-42990

CVE-2025-42989

CVE-2025-42988

CVE-2025-42987

CVE-2025-42984

CVE-2025-42983

CVE-2025-42982

CVE-2025-31325

VS meldt actief misbruik van kritiek lek in Erlang Erlang/OTP SSH Server

Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in Erlang Erlang/OTP SSH Server, zo waarschuwt het Cybersecurity and Infrastructure Security Agency (CISA) van het Amerikaanse ministeri …
Read more

Published Date:
Jun 10, 2025 (1 hour, 35 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-32433

84,000+ Roundcube Webmail Installation Vulnerable to Remote Code Execution Attacks

A critical security vulnerability affecting Roundcube webmail installations has exposed over 84,000 systems worldwide to remote code execution attacks.
The vulnerability, tracked as CVE-2025-49113, al …
Read more

Published Date:
Jun 10, 2025 (46 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-49113

ManageEngine Exchange Reporter Plus Vulnerability Allows Remote Code Execution

A severe security vulnerability has been identified in ManageEngine Exchange Reporter Plus that could allow attackers to execute arbitrary commands on target servers.
Designated as CVE-2025-3835, this …
Read more

Published Date:
Jun 10, 2025 (43 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-3835

CVE ID : CVE-2025-1041

Published : June 10, 2025, 6:15 a.m. | 2 hours, 59 minutes ago

Description : An improper input validation discovered in

Avaya Call Management System
could allow an unauthorized

remote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0.

Severity: 9.9 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4840

Published : June 10, 2025, 6:15 a.m. | 3 hours, 29 minutes ago

Description : The inprosysmedia-likes-dislikes-post WordPress plugin through 1.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…