Security

Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign

Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign

In a major revelation, the Threat Intelligence Department of the Positive Technologies Expert Security Center (PT ESC) has attributed a sophisticated phishing and malware campaign to the APT group Tea …
Read more

Published Date:
Jun 17, 2025 (5 hours, 47 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-2857

CVE-2025-2783

High-Severity Flaw Exposes ASUS Armoury Crate to Authentication Bypass

High-Severity Flaw Exposes ASUS Armoury Crate to Authentication Bypass

Gamers and PC enthusiasts relying on ASUS Armoury Crate to manage their high-performance systems are urged to update immediately following the discovery of a serious security vulnerability. Tracked as …
Read more

Published Date:
Jun 17, 2025 (5 hours, 45 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-3464

CVE-2025-2492

CVE-2025-2783

CVE-2024-54085

CVE-2024-13062

CVE-2024-12912

CVE-2023-5716

Hackers Actively Exploiting Langflow RCE Vulnerability to Deploy Flodrix Botnet

Hackers Actively Exploiting Langflow RCE Vulnerability to Deploy Flodrix Botnet

Security researchers have uncovered an active cyberattack campaign targeting Langflow servers through CVE-2025-3248, a critical remote code execution vulnerability that allows threat actors to deploy …
Read more

Published Date:
Jun 17, 2025 (4 hours, 13 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-3248

Windows Hello Update: Microsoft Disables Facial Recognition in the Dark Due to Security Flaw

Windows Hello Update: Microsoft Disables Facial Recognition in the Dark Due to Security Flaw

Facial recognition technology is increasingly prevalent across a variety of scenarios; however, cases of identity fraud continue to surface, highlighting that even facial recognition is not infallible …
Read more

Published Date:
Jun 17, 2025 (4 hours, 12 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-26644

CISA Adds Apple and TP-Link Vulnerabilities to KEV Catalog

CISA Adds Apple and TP-Link Vulnerabilities to KEV Catalog

On June 16, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) expanded its Known Exploited Vulnerabilities (KEV) Catalog by adding two high-risk vulnerabilities — one affecting Apple d …
Read more

Published Date:
Jun 17, 2025 (3 hours, 34 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-43200

CVE-2025-26685

CVE-2025-21298

CVE-2023-33538

CVE-2025-49823 – Anaconda Constructor Command Injection Vulnerability

CVE ID : CVE-2025-49823

Published : June 17, 2025, 3:15 a.m. | 3 hours, 9 minutes ago

Description : (conda) Constructor is a tool which allows constructing an installer for a collection of conda packages. Prior to version 3.11.3, shell installer scripts process the installation prefix (user_prefix) using an eval statement, which executes unsanitized user input as shell code. Although the script runs with user privileges (not root), an attacker could exploit this by injecting arbitrary commands through a malicious path during installation. Exploitation requires explicit user action. This issue has been patched in version 3.11.3.

Severity: 0.0 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-45069 – Apache HTTP Server Remote Code Execution

CVE ID : CVE-2024-45069

Published : June 17, 2025, 3:15 a.m. | 3 hours, 9 minutes ago

Description : Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2024.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-52438 – Adobe Flash Remote Code Execution

CVE ID : CVE-2025-52438

Published : June 17, 2025, 3:15 a.m. | 3 hours, 9 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-52442 – Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-52442

Published : June 17, 2025, 3:15 a.m. | 3 hours, 9 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-52441 – Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-52441

Published : June 17, 2025, 3:15 a.m. | 3 hours, 9 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-52443 – Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-52443

Published : June 17, 2025, 3:15 a.m. | 3 hours, 9 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-52444 – Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-52444

Published : June 17, 2025, 3:15 a.m. | 3 hours, 9 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-52445 – Apache Struts Remote Code Execution

CVE ID : CVE-2025-52445

Published : June 17, 2025, 3:15 a.m. | 3 hours, 9 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-6154 – PHPGurukul Hostel Management System SQL Injection

CVE ID : CVE-2025-6154

Published : June 17, 2025, 3:15 a.m. | 3 hours, 9 minutes ago

Description : A vulnerability was found in PHPGurukul Hostel Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /includes/login.inc.php. The manipulation of the argument student_roll_no leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-6153 – PHPGurukul Hostel Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6153

Published : June 17, 2025, 3:15 a.m. | 3 hours, 9 minutes ago

Description : A vulnerability has been found in PHPGurukul Hostel Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/students.php. The manipulation of the argument search_box leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-6157 – PHPGurukul Nipah Virus SQL Injection Vulnerability

CVE ID : CVE-2025-6157

Published : June 17, 2025, 3:15 a.m. | 3 hours, 9 minutes ago

Description : A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registered-user-testing.php. The manipulation of the argument testtype leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…