Development

CVE ID : CVE-2025-5408

Published : June 1, 2025, 10:15 p.m. | 5 hours, 5 minutes ago

Description : A vulnerability was found in WAVLINK QUANTUM D2G, QUANTUM D3G, WL-WN530G3A, WL-WN530HG3, WL-WN532A3 and WL-WN576K1 up to V1410_240222 and classified as critical. Affected by this issue is the function sys_login of the file /cgi-bin/login.cgi of the component HTTP POST Request Handler. The manipulation of the argument login_page leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5409

Published : June 1, 2025, 10:15 p.m. | 5 hours, 5 minutes ago

Description : A vulnerability was found in Mist Community Edition up to 4.7.1. It has been classified as critical. This affects the function create_token of the file src/mist/api/auth/views.py of the component API Token Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.7.2 is able to address this issue. The identifier of the patch is db10ecb62ac832c1ed4924556d167efb9bc07fad. It is recommended to upgrade the affected component.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5410

Published : June 1, 2025, 11:15 p.m. | 4 hours, 5 minutes ago

Description : A vulnerability was found in Mist Community Edition up to 4.7.1. It has been declared as problematic. This vulnerability affects the function session_start_response of the file src/mist/api/auth/middleware.py. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.7.2 is able to address this issue. The patch is identified as db10ecb62ac832c1ed4924556d167efb9bc07fad. It is recommended to upgrade the affected component.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5411

Published : June 1, 2025, 11:15 p.m. | 4 hours, 5 minutes ago

Description : A vulnerability was found in Mist Community Edition up to 4.7.1. It has been rated as problematic. This issue affects the function tag_resources of the file src/mist/api/tag/views.py. The manipulation of the argument tag leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.7.2 is able to address this issue. The patch is named db10ecb62ac832c1ed4924556d167efb9bc07fad. It is recommended to upgrade the affected component.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5412

Published : June 2, 2025, 12:15 a.m. | 3 hours, 5 minutes ago

Description : A vulnerability classified as problematic has been found in Mist Community Edition up to 4.7.1. Affected is the function Login of the file src/mist/api/views.py of the component Authentication Endpoint. The manipulation of the argument return_to leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.7.2 is able to address this issue. The name of the patch is db10ecb62ac832c1ed4924556d167efb9bc07fad. It is recommended to upgrade the affected component.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5420

Published : June 2, 2025, 12:15 a.m. | 3 hours, 5 minutes ago

Description : A vulnerability classified as problematic was found in juzaweb CMS up to 3.4.2. Affected by this vulnerability is an unknown functionality of the file /admin-cp/file-manager/upload of the component Profile Page. The manipulation of the argument Upload leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5421

Published : June 2, 2025, 1:15 a.m. | 2 hours, 5 minutes ago

Description : A vulnerability, which was classified as critical, has been found in juzaweb CMS up to 3.4.2. Affected by this issue is some unknown functionality of the file /admin-cp/plugin/editor of the component Plugin Editor Page. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5422

Published : June 2, 2025, 1:15 a.m. | 2 hours, 5 minutes ago

Description : A vulnerability, which was classified as problematic, was found in juzaweb CMS up to 3.4.2. This affects an unknown part of the file /admin-cp/logs/email of the component Email Logs Page. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5423

Published : June 2, 2025, 2:15 a.m. | 1 hour, 5 minutes ago

Description : A vulnerability has been found in juzaweb CMS up to 3.4.2 and classified as critical. This vulnerability affects unknown code of the file /admin-cp/setting/system/general of the component General Setting Page. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Large Reasoning Models (LRMs), trained from LLMs using reinforcement learning (RL), demonstrated great performance in complex reasoning tasks, including mathematics,…

How Deepfakes Are Created Generative AI models enable the creation of highly realistic fake media. Most deepfakes today are produced…

The Desktop Commander MCP Server is a powerful tool that brings all your development operations into one chat interface. Built…

Reinforcement Learning from Human Feedback (RLHF) is a popular technique used to align AI systems with human preferences by training…

In this tutorial, we demonstrate how to build an intelligent AI assistant by integrating LangChain, Gemini 2.0 Flash, and Jina…

The Student Records Management System is an Android-based mobile application designed to facilitate the efficient handling of student information. It…

Comments Source: Read More 

If you install Laravel 12, you are immediately prompted to choose the starter kit. What if you don’t know much…

BOND’s latest report on Trends – Artificial Intelligence (May 2025) presents a comprehensive data-driven snapshot of the current state and…

Exploit details for max severity Cisco IOS XE flaw now public

Technical details about a maximum-severity Cisco IOS XE WLC arbitrary file upload flaw tracked as CVE-2025-20188 have been made publicly available, bringing us closer to a working exploit.
The write-u …
Read more

Published Date:
May 31, 2025 (16 hours, 22 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-20188

Hitachi Energy’s Asset Suite Hit by Multiple Critical Vulnerabilities

Hitachi Energy has issued a cybersecurity advisory warning of multiple vulnerabilities impacting its Asset Suite product—a widely used Enterprise Asset Management (EAM) solution in the power generatio …
Read more

Published Date:
Jun 01, 2025 (6 hours, 2 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-2500

CVE-2025-1484

CVE-2024-10205

CVE-2019-9429

CVE-2019-9290

CVE-2019-9262

CVE-2019-9256