Development

CVE ID : CVE-2025-4015

Published : April 28, 2025, 10:15 a.m. | 2 hours, 14 minutes ago

Description : A vulnerability was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. It has been rated as critical. Affected by this issue is the function list of the file novel-system/src/main/java/com/java2nb/system/controller/SessionController.java. The manipulation leads to missing authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4016

Published : April 28, 2025, 11:15 a.m. | 1 hour, 14 minutes ago

Description : A vulnerability classified as critical has been found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This affects the function deleteIndex of the file novel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4017

Published : April 28, 2025, 11:15 a.m. | 1 hour, 14 minutes ago

Description : A vulnerability classified as problematic was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This vulnerability affects the function list of the file nnovel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

A React component that creates a scroll-driven 3D coverflow effect with CSS animations and image prefetching. The post React Coverflow…

A React Native component for creating animated multi-step flows in bottom sheet modals with navigation controls and smooth transitions. The…

Rack::Static Vulnerability Exposes Ruby Servers to Data Breaches!

Hold onto your keyboards, Ruby developers! 😱 A critical security flaw in the Rack::Static middleware has been uncovered, potentially leaving Ruby-based web servers vulnerable to data breaches. Dubbed …
Read more

Published Date:
Apr 28, 2025 (2 hours, 53 minutes ago)

Vulnerabilities has been mentioned in this article.

Windows 11 25H2 Update: Minor Changes Expected in October 2025

Microsoft now schedules major version updates for Windows 11 every October, with the upcoming release set for October 2025—namely, Windows 11 version 25H2. References to this version have already begu …
Read more

Published Date:
Apr 28, 2025 (2 hours, 24 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-32432

CVE-2023-34063

Linux Considers Dropping Support for Ancient i486 and i586 CPUs

The Intel 486, the fourth generation of Intel’s x86 processor line, was initially released in 1989, marking the x86 architecture’s transition from 16-bit to a mature 32-bit era. The Intel 586, unveile …
Read more

Published Date:
Apr 28, 2025 (2 hours, 20 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2023-28461

New iOS Critical Vulnerability That Could Brick iPhones With a Single Line of Code

A critical vulnerability in iOS could allow malicious applications to disable iPhones with just a single line of code permanently.
The vulnerability, assigned CVE-2025-24091, leverages the operating s …
Read more

Published Date:
Apr 28, 2025 (2 hours, 8 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-32818 impacts SonicOS SSLVPN

CVE-2025-32818 is a critical vulnerability affecting the SonicOS SSLVPN Virtual Office interface. This flaw allows remote, unauthenticated attackers to exploit a Null Pointer Dereference, causing the …
Read more

Published Date:
Apr 28, 2025 (1 hour, 38 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-32818

CVE-2025-21293

CVE-2024-40766

CVE ID : CVE-2025-3996

Published : April 28, 2025, 3:15 a.m. | 5 hours, 13 minutes ago

Description : A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /home.htm of the component MAC Filtering Page. The manipulation of the argument Comment leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-3706

Published : April 28, 2025, 3:15 a.m. | 5 hours, 13 minutes ago

Description : The eHRMS from 104 Corporation has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user’s browser through phishing attacks.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-3997

Published : April 28, 2025, 3:15 a.m. | 5 hours, 13 minutes ago

Description : A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-profile-ajax-1 of the component Personal Information Page. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-3998

Published : April 28, 2025, 4:15 a.m. | 4 hours, 13 minutes ago

Description : A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0. This vulnerability affects unknown code of the file renew.php?id=6. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-3999

Published : April 28, 2025, 4:15 a.m. | 4 hours, 13 minutes ago

Description : A vulnerability, which was classified as problematic, has been found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. This issue affects some unknown processing of the file seeyonoptSeeyonA8ApacheJetspeedwebappsseeyoncommonjsaddDatedate.jsp of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4000

Published : April 28, 2025, 4:15 a.m. | 4 hours, 13 minutes ago

Description : A vulnerability, which was classified as problematic, was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. Affected is an unknown function of the file seeyonoptSeeyonA8ApacheJetspeedwebappsseeyonssoproxyjspssoproxy.jsp. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4001

Published : April 28, 2025, 5:15 a.m. | 3 hours, 13 minutes ago

Description : A vulnerability has been found in scipopt scip up to 9.2.1 and classified as problematic. Affected by this vulnerability is the function main of the file examples/LOP/src/genRandomLOPInstance.c of the component File Descriptor Handler. The manipulation of the argument File leads to uncontrolled file descriptor consumption. Local access is required to approach this attack. Upgrading to version 9.2.2 is able to address this issue. The identifier of the patch is d6da63b941216d75fbc1aefea9abf1de6712a2d0. It is recommended to upgrade the affected component.

Severity: 3.3 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4002

Published : April 28, 2025, 5:15 a.m. | 3 hours, 13 minutes ago

Description : A vulnerability was found in RefindPlusRepo RefindPlus 0.14.2.AB and classified as problematic. Affected by this issue is the function GetDebugLogFile of the file Library/MemLogLib/BootLog.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The patch is identified as d2143a1e2deefddd9b105fb7160763c4f8d47ea2. It is recommended to apply a patch to fix this issue.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-13688

Published : April 28, 2025, 6:15 a.m. | 2 hours, 13 minutes ago

Description : The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 uses a hardcoded password in its Password Protection feature, allowing attacker to bypass the protection offered via a crafted request

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-9771

Published : April 28, 2025, 6:15 a.m. | 2 hours, 13 minutes ago

Description : The WP-Recall WordPress plugin before 16.26.12 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…