CVE ID : CVE-2024-6648
Published : May 8, 2025, 1:15 p.m. | 2 hours, 21 minutes ago
Description : Absolute Path Traversal vulnerability in AP Page Builder versions prior to 4.0.0 could allow an unauthenticated remote user to modify the ‘product_item_path’ within the ‘config’ JSON file, allowing them to read any file on the system.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-47729
Published : May 8, 2025, 2:15 p.m. | 1 hour, 22 minutes ago
Description : The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL (aka Archive Signal) app users, which is different functionality than described in the TeleMessage “End-to-End encryption from the mobile phone through to the corporate archive” documentation, as exploited in the wild in May 2025.
Severity: 1.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-47730
Published : May 8, 2025, 2:15 p.m. | 1 hour, 22 minutes ago
Description : The TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an authentication token) from the TM SGNL (aka Archive Signal) app with the credentials of logfile for the user and enRR8UVVywXYbFkqU#QDPRkO for the password.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-45818
Published : May 8, 2025, 3:15 p.m. | 21 minutes ago
Description : Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is vulnerable to SQL Injection in admin/modules/master_file/item_status.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-45820
Published : May 8, 2025, 3:15 p.m. | 21 minutes ago
Description : Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is vulnerable to SQL Injection in admin/modules/bibliography/pop_author_edit.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-45819
Published : May 8, 2025, 3:15 p.m. | 21 minutes ago
Description : Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is vulnerable to SQL Injection in admin/modules/master_file/author.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4207
Published : May 8, 2025, 3:15 p.m. | 21 minutes ago
Description : Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Google has revealed that it observed 75 zero-day vulnerabilities exploited in the wild in 2024, down from 98 in 2023…
Have you received a text message about an unpaid road toll? Make sure you’re not the next victim of a…
When we get the call, it’s our legal responsibility to attend jury service. But sometimes that call won’t come from…
The UK’s National Cyber Security Centre (NCSC) has warned the IT helpdesks of retailers to be on their guard against…
Europol has announced the takedown of distributed denial of service (DDoS)-for-hire services that were used to launch thousands of cyber-attacks…
Unsophisticated hackers are increasingly targeting industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems in the energy…
In a coordinated international operation dubbed “PowerOFF,” law enforcement agencies from Poland, the United States, Europol, and several other countries…
Brits face empty shelves and suspended meal deals as cybercriminals hit major high street retailers, and a terminated Disney employee…
Imagine you’re checking the Bitcoin price first thing in the morning, feeling good about your growing portfolio, when suddenly—bam! You…
The Russia-linked threat actor known as COLDRIVER has been observed distributing a new malware called LOSTKEYS as part of an…
In a warning that could not be more direct, Europol — the European Union’s law enforcement agency — has urged…
Cisco has rolled out software patches to address a severe security vulnerability, tracked as CVE-2025-20188, in its IOS XE Wireless…
The nation-state threat actor known as MirrorFace has been observed deploying malware dubbed ROAMINGMOUSE as part of a cyber espionage…