CVE ID : CVE-2025-46224
Published : April 23, 2025, 3:15 a.m. | 3 hours, 40 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Security
CVE ID : CVE-2025-0926
Published : April 23, 2025, 6:15 a.m. | 39 minutes ago
Description : Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for a non-admin user to remove system files causing a boot loop by redirecting a file deletion when recording video.
Axis has released a patched version for the highlighted flaw. Please
refer to the Axis security advisory for more information and solution.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-1056
Published : April 23, 2025, 6:15 a.m. | 39 minutes ago
Description : Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a specific file that the server is using. A non-admin user can modify this file to either create files or change the content of files in an admin-protected location.
Axis has released a patched version for the highlighted flaw. Please
refer to the Axis security advisory for more information and solution.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Active! Mail RCE flaw exploited in attacks on Japanese orgs
An Active! Mail zero-day remote code execution vulnerability is actively exploited in attacks on large organizations in Japan.
Active! mail is a web-based email client developed initially by TransWARE …
Read more
Published Date:
Apr 22, 2025 (4 hours, 36 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-42599
“ConfusedComposer”: GCP Composer Vulnerability Allows Privilege Escalation
Tenable Research has identified a now-patched privilege-escalation vulnerability in Google Cloud Platform (GCP) dubbed “Confused Composer”. The vulnerability existed within Cloud Composer and could ha …
Read more
Published Date:
Apr 23, 2025 (1 hour, 35 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2024-48510
Zyxel Patches High-Severity Security Flaws in USG FLEX H Firewalls
Zyxel has released patches to address security vulnerabilities in its USG FLEX H series firewalls, urging users to install them for optimal protection. The vulnerabilities involve incorrect permission …
Read more
Published Date:
Apr 23, 2025 (1 hour, 16 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-1732
CVE-2025-1731
CVE-2022-46414
Two Critical RCE Flaws Expose Yi IOT Smart Cameras to Full Device Takeover
Security researcher Yassine Damiri has uncovered two critical vulnerabilities in the Yi IOT XY-3820 smart camera, posing significant security risks. Both flaws, rated CVSS 9.8, allow unauthenticated a …
Read more
Published Date:
Apr 23, 2025 (1 hour, 2 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-29660
CVE-2025-29659
CVE-2025-25427
Stored XSS Flaw in TP-Link WR841N Routers Could Expose Admin Credentials (CVE-2025-25427)
A security vulnerability has been identified in TP-Link WR841N routers, posing a risk to users. The vulnerability is a stored cross-site scripting (XSS) flaw found in the “upnp.htm” page of the web in …
Read more
Published Date:
Apr 23, 2025 (55 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-25427
CVE-2024-57040
CVE-2024-42815
CVE-2023-1389
IBM HMC Vulnerable to Privilege Escalation Attacks
Two security vulnerabilities have been disclosed in the IBM Hardware Management Console (HMC) for Power Systems, both of which could allow a local user to gain elevated privileges.
CVE-2025-1950: Impr …
Read more
Published Date:
Apr 23, 2025 (52 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-1951
CVE-2025-1950
CVE-2025-25427
CVE-2024-0114
CVE ID : CVE-2025-3441
Published : April 22, 2025, 11:15 p.m. | 3 hours, 38 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
What practical AI attacks exist today? “More than zero” is the answer – and they’re getting better. Source: Read More
“Stop, look, and listen” is the standard advice we should allow follow when crossing the road – but pedestrians in…
In episode 47 of The AI Fix, o3 becomes the best competitive programmer in the world, hacked California crosswalks speak…
The UK communications regulator Ofcom has banned leasing of “Global Titles,” a special phone number type used in mobile network…
CVE ID : CVE-2024-53569
Published : April 22, 2025, 7:15 p.m. | 3 hours, 34 minutes ago
Description : A stored cross-site scripting (XSS) vulnerability in the New Goal Creation section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the description parameter.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2024-53568
Published : April 22, 2025, 7:15 p.m. | 3 hours, 34 minutes ago
Description : A stored cross-site scripting (XSS) vulnerability in the Image Upload section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the tag parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-23253
Published : April 22, 2025, 7:15 p.m. | 3 hours, 34 minutes ago
Description : NVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could exploit a hard-coded constant issue by copying a malicious DLL in a hard-coded path. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-29621
Published : April 22, 2025, 7:15 p.m. | 3 hours, 34 minutes ago
Description : Francois Jacquet RosarioSIS v12.0.0 was discovered to contain a content spoofing vulnerability in the Theme configuration under the My Preferences module. This vulnerability allows attackers to manipulate application settings.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-31327
Published : April 22, 2025, 7:15 p.m. | 3 hours, 34 minutes ago
Description : SAP Field Logistics Manage Logistics application OData meta-data property is vulnerable to data tampering, due to which certain fields could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability are not impacted.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-31328
Published : April 22, 2025, 7:15 p.m. | 3 hours, 34 minutes ago
Description : SAP Learning Solution is vulnerable to Cross-Site Request Forgery (CSRF), allowing an attacker to trick authenticated user into sending unintended requests to the server. GET-based OData function is named in a way that it violates the expected behaviour. This issue could impact both the confidentiality and integrity of the application without affecting the availability.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…