Security

ConnectWise to Rotate Code-Signing Certificates

ConnectWise to Rotate Code-Signing Certificates

Source: Stu Gray via Alamy Stock PhotoConnectWise this Friday will rotate all code-signing certificates for ScreenConnect, ConnectWise Automate, and ConnectWise RMM. While the software company recentl …
Read more

Published Date:
Jun 11, 2025 (4 hours, 18 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-3935

CISA Warns of Remote Control Flaws in SinoTrack GPS Trackers

CISA Warns of Remote Control Flaws in SinoTrack GPS Trackers

Owners of SinoTrack GPS devices should be aware of significant security weaknesses that could allow unauthorized individuals to track vehicles or even cut off their fuel remotely. These vulnerabilitie …
Read more

Published Date:
Jun 11, 2025 (4 hours, 18 minutes ago)

Vulnerabilities has been mentioned in this article.

TPM 2.0 Flaw (CVE-2025-2884) Exposes Sensitive Data & Disrupts Trusted Computing!

TPM 2.0 Flaw (CVE-2025-2884) Exposes Sensitive Data & Disrupts Trusted Computing!

A vulnerability in the Trusted Platform Module (TPM) 2.0 reference implementation has been disclosed, potentially allowing attackers to access sensitive memory contents or disrupt trusted computing op …
Read more

Published Date:
Jun 12, 2025 (1 hour, 20 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-2884

CVE-2023-1017

CVE-2023-1018

IGEL OS 10 Flaw (CVE-2025-47827): Full Secure Boot Bypass Allows Untrusted Kernel & Rootkits, PoC Available

IGEL OS 10 Flaw (CVE-2025-47827): Full Secure Boot Bypass Allows Untrusted Kernel & Rootkits, PoC Available

Researcher Zack Didcott has disclosed a critical vulnerability affecting IGEL OS 10. Tracked as CVE-2025-47827, the flaw enables a full Secure Boot bypass, allowing attackers to load arbitrary, unsign …
Read more

Published Date:
Jun 12, 2025 (56 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-47827

CVE-2025-30085 – RSForm!pro Joomla Remote Code Execution Vulnerability

CVE ID : CVE-2025-30085

Published : June 11, 2025, 8:15 p.m. | 5 hours, 19 minutes ago

Description : Remote code execution vulnerability in RSForm!pro component 3.0.0 – 3.3.14 for Joomla was discovered. The issue occurs within the submission export feature and requires administrative access to the export feature.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-32466 – RSMediaGallery Joomla SQL Injection Vulnerability

CVE ID : CVE-2025-32466

Published : June 11, 2025, 8:15 p.m. | 5 hours, 19 minutes ago

Description : A SQL injection vulnerability in RSMediaGallery! component 1.7.4 – 2.1.7 for Joomla was discovered. The issue occurs within the dashboard component, where user-supplied input is not properly sanitized before being stored and rendered. An attacker can inject malicious JavaScript code into text fields or other input points, which is subsequently executed in the browser of any user who clicks on the crafted text in the dashboard.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-32465 – Joomla RSTickets! Stored XSS Vulnerability

CVE ID : CVE-2025-32465

Published : June 11, 2025, 8:15 p.m. | 5 hours, 19 minutes ago

Description : A stored XSS vulnerability in RSTickets! component 1.9.12 – 3.3.0 for Joomla was discovered. It allows attackers to perform cross-site scripting (XSS) attacks via sending crafted payload.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2022-4976 – InfoZip ZIP Library Multiple Vulnerabilities (Unzip)

CVE ID : CVE-2022-4976

Published : June 12, 2025, 1:15 a.m. | 19 minutes ago

Description : Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains a bundled InfoZip library that is affected by several vulnerabilities.

The bundled library is affected by CVE-2014-8139, CVE-2014-8140 and CVE-2014-8141.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default Passwords

SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default Passwords

IoT Security / Vulnerability
Two security vulnerabilities have been disclosed in SinoTrack GPS devices that could be exploited to control certain remote functions on connected vehicles and even track …
Read more

Published Date:
Jun 11, 2025 (11 hours, 35 minutes ago)

Vulnerabilities has been mentioned in this article.

Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot

Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot

A new attack dubbed ‘EchoLeak’ is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive data from Microsoft 365 Copilot from a user’s context without interaction.

Read more

Published Date:
Jun 11, 2025 (4 hours, 14 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-32711

Salesforce tags 5 CVEs after SaaS security probe uncovers misconfig risks

Salesforce tags 5 CVEs after SaaS security probe uncovers misconfig risks

Salesforce has assigned five CVE identifiers following a security report that uncovered more than 20 configuration weaknesses, some of which exposed customers to unauthorized access and session hijack …
Read more

Published Date:
Jun 11, 2025 (4 hours ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-43701

CVE-2025-43700

CVE-2025-43699

CVE-2025-43698

CVE-2025-43697

CVE-2025-26383 – Apache iSTAR Memory Information Disclosure

CVE ID : CVE-2025-26383

Published : June 11, 2025, 4:15 p.m. | 4 hours, 13 minutes ago

Description : The iSTAR Configuration Utility (ICU) tool leaks memory, which could result in the unintended exposure of unauthorized data from the Windows PC that ICU is running on.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-1698 – “Xperia Fingerprint Sensor Null Pointer Denial of Service”

CVE ID : CVE-2025-1698

Published : June 11, 2025, 5:15 p.m. | 3 hours, 13 minutes ago

Description : Null pointer exception vulnerabilities were reported in the fingerprint sensor service that could allow a local attacker to cause a denial of service.

Severity: 2.8 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-1699 – MotoSignature Unauthorized Access Permission Vulnerability

CVE ID : CVE-2025-1699

Published : June 11, 2025, 5:15 p.m. | 3 hours, 13 minutes ago

Description : An incorrect default permissions vulnerability was reported in the MotoSignature application that could result in unauthorized access.

Severity: 2.8 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…