Security

CVE ID : CVE-2025-4341

Published : May 6, 2025, 9:15 a.m. | 1 hour, 12 minutes ago

Description : A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. Affected by this vulnerability is the function sub_16570 of the file /htdocs/ssdpcgi of the component Request Header Handler. The manipulation of the argument HTTP_ST/REMOTE_ADDR/REMOTE_PORT/SERVER_ID leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4342

Published : May 6, 2025, 9:15 a.m. | 1 hour, 44 minutes ago

Description : A vulnerability, which was classified as critical, has been found in D-Link DIR-600L up to 2.07B01. Affected by this issue is the function formEasySetupWizard3. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4344

Published : May 6, 2025, 10:15 a.m. | 44 minutes ago

Description : A vulnerability, which was classified as critical, was found in D-Link DIR-600L up to 2.07B01. This affects the function formLogin. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. This vulnerability only affects products that are no longer supported by the maintainer.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4346

Published : May 6, 2025, 10:15 a.m. | 44 minutes ago

Description : A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been classified as critical. Affected is the function formSetWAN_Wizard534. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. This vulnerability only affects products that are no longer supported by the maintainer.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4345

Published : May 6, 2025, 10:15 a.m. | 44 minutes ago

Description : A vulnerability was found in D-Link DIR-600L up to 2.07B01 and classified as critical. This issue affects the function formSetLog. The manipulation of the argument host leads to buffer overflow. The attack may be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-2905 (CVSS 9.1): Critical XXE Vulnerability Found in WSO2 API Manager

A critical security vulnerability has been identified in WSO2 API Manager 2.0.0 and earlier, posing a significant risk to affected deployments. The vulnerability, tracked as CVE-2025-2905 (CVSS 9.1), …
Read more

Published Date:
May 06, 2025 (7 hours, 13 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-2905

CVE-2025-2605

CVE-2024-40896

CVE-2024-55875

CVE-2022-39135

CVE-2022-35741

Apple Appeals App Store Ruling in Epic Games Case

Following a court ruling that found Apple had willfully violated market competition laws and granted Epic Games’ recent motion to enforce an injunction, Apple has been compelled to revise its App Stor …
Read more

Published Date:
May 06, 2025 (5 hours, 12 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2024-44309

CVE-2024-44308

CVE-2025-27007: Critical OttoKit WordPress Plugin Flaw Exploited After Disclosure, 100K+ Sites at Risk

A newly disclosed critical vulnerability in the popular OttoKit WordPress plugin—with over 100,000 active installations—has placed countless websites at risk of full compromise. Discovered by Denver J …
Read more

Published Date:
May 06, 2025 (4 hours, 40 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-27007

Google komt met Android-updates voor aangevallen FreeType-lek

Google heeft Android-updates uitgebracht voor een actief aangevallen kwetsbaarheid in FreeType die remote code execution mogelijkt. Begin maart waarschuwde Facebook al voor het probleem. FreeType is e …
Read more

Published Date:
May 06, 2025 (2 hours, 29 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-27363

CVE ID : CVE-2025-47298

Published : May 6, 2025, 4:16 a.m. | 3 hours, 31 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-47299

Published : May 6, 2025, 4:16 a.m. | 3 hours, 31 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-47301

Published : May 6, 2025, 4:16 a.m. | 3 hours, 31 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-47302

Published : May 6, 2025, 4:16 a.m. | 3 hours, 31 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-47303

Published : May 6, 2025, 4:16 a.m. | 3 hours, 31 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4309

Published : May 6, 2025, 4:16 a.m. | 3 hours, 31 minutes ago

Description : A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add-art-type.php. The manipulation of the argument arttype leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…