Security

CVE ID : CVE-2025-6952

Published : July 1, 2025, 12:15 p.m. | 3 hours, 20 minutes ago

Description : A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.5. This issue affects the function amf_state_operational of the file src/amf/amf-sm.c of the component AMF Service. The manipulation leads to reachable assertion. It is possible to launch the attack on the local host. The identifier of the patch is 53e9e059ed96b940f7ddcd9a2b68cb512524d5db. It is recommended to apply a patch to fix this issue.

Severity: 3.3 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-36582

Published : July 1, 2025, 2:15 p.m. | 1 hour, 20 minutes ago

Description : Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm During Negotiation (‘Algorithm Downgrade’) vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

Severity: 4.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-45872

Published : July 1, 2025, 2:15 p.m. | 1 hour, 20 minutes ago

Description : zrlog v3.1.5 was discovered to contain a Server-Side Request Forgery (SSRF) via the downloadUrl parameter.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-37097

Published : July 1, 2025, 2:15 p.m. | 1 hour, 20 minutes ago

Description : A vulnerability in HPE Insight Remote Support (IRS) prior to v7.15.0.646 may allow an unauthenticated denial of service

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49029

Published : July 1, 2025, 2:15 p.m. | 1 hour, 20 minutes ago

Description : Improper Control of Generation of Code (‘Code Injection’) vulnerability in bitto.Kazi Custom Login And Signup Widget allows Code Injection.This issue affects Custom Login And Signup Widget: from n/a through 1.0.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-6920

Published : July 1, 2025, 2:15 p.m. | 1 hour, 20 minutes ago

Description : A flaw was found in the authentication enforcement mechanism of a model inference API in ai-inference-server. All /v1/* endpoints are expected to enforce API key validation. However, the POST /invocations endpoint failed to do so, resulting in an authentication bypass. This vulnerability allows unauthorized users to access the same inference features available on protected endpoints, potentially exposing sensitive functionality or allowing unintended access to backend resources.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-6955

Published : July 1, 2025, 2:15 p.m. | 1 hour, 20 minutes ago

Description : A vulnerability was found in Campcodes Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /process/aprocess.php. The manipulation of the argument mailuid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-6953

Published : July 1, 2025, 2:15 p.m. | 14 minutes ago

Description : A vulnerability, which was classified as critical, was found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-6954

Published : July 1, 2025, 2:15 p.m. | 1 hour, 20 minutes ago

Description : A vulnerability has been found in Campcodes Employee Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /applyleave.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-6956

Published : July 1, 2025, 2:15 p.m. | 1 hour, 20 minutes ago

Description : A vulnerability was found in Campcodes Employee Management System 1.0. It has been classified as critical. This affects an unknown part of the file /changepassemp.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Not every risk looks like an attack. Some problems start as small glitches, strange logs, or quiet delays that don’t…

Microsoft has said that it’s ending support for passwords in its Authenticator app starting August 1, 2025. Microsoft’s move is…

The U.S. Department of Justice (DoJ) on Monday announced sweeping actions targeting the North Korean information technology (IT) worker scheme,…

Despite years of investment in Zero Trust, SSE, and endpoint protection, many enterprises are still leaving one critical layer exposed:…

French police have arrested a business student interning at the bank Société Générale who is accused of helping SIM-swapping scammers…

Google waarschuwt voor actief misbruik van V8-kwetsbaarheid in Chrome

Aanvallers maken actief misbruik van een kwetsbaarheid in de V8-engine van Google Chrome voor het aanvallen van gebruikers van de browser, zo heeft het techbedrijf aangekondigd. Er zijn updates uitgeb …
Read more

Published Date:
Jul 01, 2025 (4 hours, 21 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-6554

Linux Kernel 6.16-rc4 Released: Focus on Filesystem Fixes, Driver Improvements, & Hardware Support

The fourth release candidate (rc4) of Linux Kernel 6.16 has officially been published. With a total of seven to eight release candidates expected, the final version of Linux Kernel 6.16 is anticipated …
Read more

Published Date:
Jul 01, 2025 (3 hours, 47 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2023-42753

Apple Loses Dismissal Bid: Judge Forces iPhone Antitrust Lawsuit to Proceed

In response to the recent antitrust lawsuit filed by the U.S. Department of Justice, Apple had submitted a motion to dismiss the case. However, Judge Julien Neals of the U.S. District Court in New Jer …
Read more

Published Date:
Jul 01, 2025 (3 hours, 33 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2024-23222

Fedora Linux Delays 32-bit Support End: Community Backlash Saves Gaming & Legacy Hardware

Previously, developers of Fedora Linux proposed discontinuing support for the 32-bit version, citing the widespread adoption of 64-bit architectures across modern hardware, which rendered the continue …
Read more

Published Date:
Jul 01, 2025 (3 hours, 27 minutes ago)

Vulnerabilities has been mentioned in this article.

CISA Warns of Citrix NetScaler ADC and Gateway Vulnerability Actively Exploited in Attacks

CISA has issued an urgent warning regarding a critical buffer overflow vulnerability in Citrix NetScaler ADC and Gateway products, designated as CVE-2025-6543.
Added to CISA’s Known Exploited Vulnerab …
Read more

Published Date:
Jul 01, 2025 (2 hours, 49 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-6543