CVE ID : CVE-2025-49790
Published : June 11, 2025, 3:15 a.m. | 2 hours, 36 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Security
CVE ID : CVE-2025-49792
Published : June 11, 2025, 3:15 a.m. | 2 hours, 36 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4666
Published : June 11, 2025, 4:15 a.m. | 1 hour, 36 minutes ago
Description : The Zotpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘nickname’ parameter in all versions up to, and including, 7.3.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4798
Published : June 11, 2025, 4:15 a.m. | 1 hour, 36 minutes ago
Description : The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator can select for storing downloads. This makes it possible for authenticated attackers, with Administrator-level access and above, to download and read any file on the server, including system and configuration files.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4799
Published : June 11, 2025, 4:15 a.m. | 1 hour, 36 minutes ago
Description : The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on the directory a file can be deleted from in all versions up to, and including, 1.68.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This vulnerability can be paired with CVE-2025-4798 to delete any file within the WordPress root directory.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Two Mirai Botnets, Lzrd and Resgod Spotted Exploiting Wazuh Flaw
Cybersecurity experts at Akamai have uncovered a new threat: two separate botnets are actively exploiting a critical flaw in Wazuh security software, open source XDR and SIEM solution, to spread the M …
Read more
Published Date:
Jun 10, 2025 (4 hours, 22 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-24016
CVE-2023-1389
CVE-2017-18368
CVE-2017-17215
PoC Code Escalates Roundcube Vuln Threat
Source: Mircea Maties via ShutterstockThe threat associated with a critical decade-old remote code execution vulnerability in Roundcube webmail has increased sharply in recent days, with proof-of-conc …
Read more
Published Date:
Jun 10, 2025 (4 hours, 11 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-49113
CVE-2024-42009
CVE-2024-37383
CVE-2023-5631
CVE-2023-43770
Stealth Falcon APT Exploits Microsoft RCE Zero-Day in Mideast
Source: Edo Schmidt via Alamy Stock PhotoNation-state adversaries have been exploiting a zero-day security vulnerability in Microsoft’s Web Distributed Authoring and Versioning (WEBDAV), allowing one- …
Read more
Published Date:
Jun 10, 2025 (3 hours, 7 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-47953
CVE-2025-47172
CVE-2025-47167
CVE-2025-47164
CVE-2025-47162
CVE-2025-33073
CVE-2025-33053
CVE-2025-32713
CVE-2025-29824
Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched!
Microsoft’s June 2025 Patch Tuesday rollout has addressed a substantial 69 vulnerabilities, including 10 critical and 57 important rated issues across Windows and enterprise services. Among these, two …
Read more
Published Date:
Jun 10, 2025 (2 hours, 59 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-47172
CVE-2025-47162
CVE-2025-33073
CVE-2025-33071
CVE-2025-33053
CVE-2025-32710
CVE-2025-29828
CVE-2024-38213
Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign
A new cyberespionage campaign attributed to the notorious APT group Stealth Falcon has been uncovered by Check Point Research (CPR), highlighting the weaponization of a zero-day vulnerability (CVE-202 …
Read more
Published Date:
Jun 10, 2025 (2 hours, 46 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-3052
CVE-2025-33053
CVE-2025-1146
June 2025 Patch Tuesday: Microsoft Fixes 66 Bugs, Including Active 0-Day
Microsoft’s June Patch Tuesday update has landed, bringing security fixes for 66 vulnerabilities across its product line. Among the patched flaws is one that was already being exploited in real-world …
Read more
Published Date:
Jun 10, 2025 (2 hours, 39 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-33053
CVE-2025-32706
CVE-2025-32701
CVE-2025-32756
CVE-2025-29824
UEFI Secure Boot Bypass: Critical Flaw (CVE-2025-3052) Exposes Millions of Devices!
A new high-severity vulnerability discovered by BINARLY REsearch has reignited concerns about the integrity of the UEFI Secure Boot mechanism, a foundational security feature in modern computing. Trac …
Read more
Published Date:
Jun 10, 2025 (2 hours, 26 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-3052
CVE-2025-33053
CVE-2023-40238
Microsoft warns of 66 flaws to fix for this Patch Tuesday, and two are under active attack
Patch Tuesday It’s Patch Tuesday time again, and Microsoft is warning that there are a bunch of critical fixes to sort out – and two actively exploited bugs.
Redmond reported 66 flaws to be fixed in i …
Read more
Published Date:
Jun 10, 2025 (1 hour, 25 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-47953
CVE-2025-47172
CVE-2025-47167
CVE-2025-47164
CVE-2025-47162
CVE-2025-33073
CVE-2025-33071
CVE-2025-33070
CVE-2025-33053
CVE-2025-32710
CVE-2025-29828
CVE-2025-42989
CVE-2025-47966
CVE-2025-5419
CVE-2023-42788
CoreDNS DoS Flaw: Unauthenticated Attackers Can Crash Servers via DNS-over-QUIC
A critical denial-of-service (DoS) vulnerability has been identified in CoreDNS, the modular DNS server widely deployed across cloud-native and containerized environments. Tracked as CVE-2025-47950, t …
Read more
Published Date:
Jun 11, 2025 (54 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-47950
Patch Tuesday, June 2025 Edition
Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that …
Read more
Published Date:
Jun 11, 2025 (53 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-33073
CVE-2025-33053
CVE-2025-5419
CVE-2025-4664
CVSS 9.8: Backend.AI Critical Flaw Allows Account Takeover via PoC, No Patch Available
Image: HiddenLayer
Security researchers at HiddenLayer have disclosed a critical privilege escalation vulnerability in Backend.AI, a widely used container-based cluster platform that powers machine le …
Read more
Published Date:
Jun 11, 2025 (45 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-49653
Chrome Update Alert: Two High-Severity Flaws Patched – Update Now to Stay Safe!
Google has released a Stable Channel update for Chrome Desktop, rolling out version 137.0.7151.103/.104 for Windows and macOS, and 137.0.7151.103 for Linux. This update brings important security fixes …
Read more
Published Date:
Jun 11, 2025 (41 minutes ago)
Vulnerabilities has been mentioned in this article.
Salesforce OmniStudio Flaws Expose Encrypted Data
Security research partner AppOmni disclosed five critical vulnerabilities in Salesforce’s powerful OmniStudio platform that could expose encrypted and sensitive customer data. These flaws, discovered …
Read more
Published Date:
Jun 11, 2025 (28 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE ID : CVE-2025-33053
Published : June 10, 2025, 5:22 p.m. | 6 hours, 37 minutes ago
Description : External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-33064
Published : June 10, 2025, 5:22 p.m. | 6 hours, 37 minutes ago
Description : Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…