CVE ID : CVE-2025-44895
Published : May 21, 2025, 2:15 p.m. | 35 minutes ago
Description : FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ipv4Aclkey parameter in the web_acl_ipv4BasedAceAdd function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Starting May 15, the Netherlands has introduced a new law that broadens the definition of espionage and introduces stricter penalties…
Two high-severity security flaws have been identified in Multer, a popular middleware used in Node.js applications for handling file uploads.…
Google has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically change a user’s…
Cybersecurity researchers have discovered a new campaign that employs malicious JavaScript injections to redirect site visitors on mobile devices to…
Indian Ministry of Home Affairs (MHA) has introduced the e-Zero FIR system, a digital-forward solution to ensure justice for victims…
Kettering Health, a major healthcare provider in Ohio, is currently facing a widespread technology outage due to a cybersecurity incident…
It takes just one email to compromise an entire system. A single well-crafted message can bypass filters, trick employees, and…
Continuous Integration and Continuous Delivery/Deployment (CI/CD) refers to practices that automate how code is developed and released to different environments.…
Counterfeit Facebook pages and sponsored ads on the social media platform are being employed to direct users to fake websites…
Russian organizations have become the target of a phishing campaign that distributes malware called PureRAT, according to new findings from…
CVE ID : CVE-2025-5011
Published : May 21, 2025, 12:15 a.m. | 4 hours, 23 minutes ago
Description : A vulnerability classified as problematic was found in moonlightL hexo-boot 4.3.0. This vulnerability affects unknown code of the file /admin/home/index.html of the component Dynamic List Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5010
Published : May 21, 2025, 12:15 a.m. | 4 hours, 23 minutes ago
Description : A vulnerability classified as problematic has been found in moonlightL hexo-boot 4.3.0. This affects an unknown part of the file /admin/home/index.html of the component Blog Backend. The manipulation of the argument Description leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
In episode 51 of The AI Fix, a Greek man’s marriage is destroyed after ChatGPT reads his coffee, a woman…
An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as…
A threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including Amazon S3…
Researchers from the U.S. National Institute of Standards and Technology (NIST) and the Cybersecurity and Infrastructure Security Agency (CISA) have…
CVE ID : CVE-2025-44898
Published : May 20, 2025, 9:15 p.m. | 2 hours, 18 minutes ago
Description : FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the theauthName parameter in the web_aaa_loginAuthlistEdit function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4998
Published : May 20, 2025, 9:15 p.m. | 2 hours, 18 minutes ago
Description : A vulnerability has been found in H3C Magic R200G up to 100R002 and classified as problematic. Affected by this vulnerability is the function Edit_BasicSSID/Edit_BasicSSID_5G/SetAPWifiorLedInfoById/SetMobileAPInfoById/Asp_SetTimingtimeWifiAndLed/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList of the file /goform/aspForm of the component HTTP POST Request Handler. The manipulation of the argument param leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-44880
Published : May 20, 2025, 9:15 p.m. | 2 hours, 18 minutes ago
Description : A command injection vulnerability in the component /cgi-bin/adm.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…