CVE ID : CVE-2025-5996
Published : June 12, 2025, 10:16 a.m. | 3 hours, 43 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 2.1.0 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. A lack of input validation in HTTP responses could allow an authenticated user to cause denial of service.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-0673
Published : June 12, 2025, 11:15 a.m. | 2 hours, 44 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2, allow an attacker to trigger an infinite redirect loop, potentially leading to a denial of service condition.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5195
Published : June 12, 2025, 11:15 a.m. | 2 hours, 44 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. It was possible for authenticated users to access arbitrary compliance frameworks, leading to unauthorized data disclosure.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-6021
Published : June 12, 2025, 1:15 p.m. | 44 minutes ago
Description : A flaw was found in libxml2’s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Google on Monday released out-of-band fixes to address three security issues in its Chrome browser, including one that it said…
What do a sleazy nightclub carpet, Google’s gaping privacy hole, and an international student conned by fake ICE agents have…
Cybersecurity researchers have uncovered a new account takeover (ATO) campaign that leverages an open-source penetration testing framework called TeamFiltration to…
The spate of cyber attacks impacting the retail industry continues, with the latest victim being United Natural Foods (UNFI), which…
Human identities management and control is pretty well done with its set of dedicated tools, frameworks, and best practices. This…
AI is changing everything — from how we code, to how we sell, to how we secure. But while most…
Urgent: CVE-2025–47273 Exposes Python SetupTools — Here’s How to Stay Secure
On a bright of morning in a small town, the sound of birds concert in the air. The cool of the wind also increase this atmosphere more comfort for this cozy day.When I tried to up rollout my first pro …
Read more
Published Date:
Jun 12, 2025 (3 hours, 52 minutes ago)
Vulnerabilities has been mentioned in this article.
Google Pixel 10 to Embrace Qi2 Wireless Charging with New “Pixelsnap” Accessories
Image: Google
At CES 2023, the Wireless Power Consortium (WPC) unveiled the Qi2 wireless charging standard, incorporating Apple’s MagSafe magnetic alignment technology. According to recent reports, Go …
Read more
Published Date:
Jun 12, 2025 (2 hours, 56 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2024-39343
Google Warns Pixel 6a Users: Mandatory Update to Limit Battery Charging & Capacity Due to Overheating Risk
Following multiple reports of battery overheating and fire hazards, Google has issued a warning to Pixel 6a users regarding potential battery temperature risks. As a precautionary measure, the company …
Read more
Published Date:
Jun 12, 2025 (2 hours, 50 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2024-32896
Microsoft Outlook gaat meer bij aanvallen gebruikte bestandstypes blokkeren
Microsoft zal vanaf volgende maand meer bij aanvallen gebruikte bestandstypes standaard in Outlook Web en de nieuwe Outlook voor Windows blokkeren, zo heeft het techbedrijf via het Microsoft 365 Messa …
Read more
Published Date:
Jun 12, 2025 (2 hours, 26 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2022-30190
Urgent Firefox Alert: Critical Memory Corruption Flaws (CVSS 9.8) Allow Remote Code Execution
The Mozilla Foundation has issued an urgent security update for the Firefox web browser, addressing two critical vulnerabilities that could lead to memory corruption and remote code execution. Althoug …
Read more
Published Date:
Jun 12, 2025 (1 hour, 52 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-49710
CVE-2025-49709
CISA Releases Guide to Protect Network Edge Devices From Hackers
CISA and international cybersecurity partners have released a comprehensive suite of guidance documents aimed at protecting critical network edge devices from increasingly sophisticated cyberattacks.
…
Read more
Published Date:
Jun 12, 2025 (1 hour, 37 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2024-21762
CVE-2022-42475
CVE ID : CVE-2025-5012
Published : June 12, 2025, 6:15 a.m. | 3 hours, 14 minutes ago
Description : The Workreap plugin for WordPress, used by the Workreap – Freelance Marketplace WordPress Theme, is vulnerable to arbitrary file uploads due to missing file type validation in the ‘workreap_temp_upload_to_media’ function in all versions up to, and including, 3.3.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site’s server which may make remote code execution possible.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4973
Published : June 12, 2025, 6:15 a.m. | 3 hours, 14 minutes ago
Description : The Workreap plugin for WordPress, used by the Workreap – Freelance Marketplace WordPress Theme, is vulnerable to authentication bypass in all versions up to, and including, 3.3.1. This is due to the plugin not properly verifying a user’s identity prior to logging them in when verifying an account with an email address. This makes it possible for unauthenticated attackers to log in as registered users, including administrators, if they know user’s email address. This is only exploitable fi the user’s confirmation_key has not already been set by the plugin.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-35978
Published : June 12, 2025, 6:15 a.m. | 3 hours, 43 minutes ago
Description : Improper restriction of communication channel to intended endpoints issue exists in UpdateNavi V1.4 L10 to L33 and UpdateNaviInstallService Service 1.2.0091 to 1.2.0125. If a local authenticated attacker send malicious data, an arbitrary registry value may be modified or arbitrary code may be executed.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-40592
Published : June 12, 2025, 8:15 a.m. | 1 hour, 43 minutes ago
Description : A vulnerability has been identified in Mendix Studio Pro 10 (All versions
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…