CVE-2023-35816 – DevExpress TypeConverter Remote Code Execution Vulnerability

April 28, 2025

CVE ID : CVE-2023-35816

Published : April 28, 2025, 4:15 p.m. | 2 hours, 50 minutes ago

Description : DevExpress before 23.1.3 allows arbitrary TypeConverter conversion.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2023-35817 – DevExpress AsyncDownloader SSRF

Next Article CVE-2023-35815 – DevExpress XML Deserialization Data-Sourcing Protection Bypass

Highlights

CVE-2025-4819 – Y_Project RuoYi Remote Improper Authorization Vulnerability

May 17, 2025

CVE ID : CVE-2025-4819

Published : May 17, 2025, 6:15 a.m. | 2 hours, 52 minutes ago

Description : A vulnerability classified as problematic has been found in y_project RuoYi 4.8.0. Affected is an unknown function of the file /monitor/online/batchForceLogout of the component Offline Logout. The manipulation of the argument ids leads to improper authorization. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.

Severity: 3.1 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Prevent WordPress SQL Injection Attacks

This week in AI dev tools: Apple’s Foundations Model framework, Mistral’s first reasoning model, and more (June 13, 2025)

Open Talent platforms emerging to match skilled workers to needs, study finds

Java never goes out of style: Celebrating 30 years of the language

6 registry tweaks every tech-savvy user must apply on Windows 11

Here’s why network infrastructure is vital to maximizing your company’s AI adoption

The AI video tool behind the most viral social trends right now

Got a new password manager? How to clean up the password mess you left in the cloud

Right Invoicing App for iPhone: InvoiceTemple

Right Invoicing App for iPhone: InvoiceTemple

Tunnel Run game in 170 lines of pure JS

Integrating Drupal with Salesforce SSO via SAML and Dynamic User Sync

Windows 11 24H2 tests toggle to turn off Recommended feed in the Start menu

Windows 11 24H2 tests toggle to turn off Recommended feed in the Start menu

User calls Windows 11 “pure horror,” Microsoft says it’s listening to feedback

John the Ripper is an advanced offline password cracker

CVE-2023-35816 – DevExpress TypeConverter Remote Code Execution Vulnerability

Microsoft Defender for Identity Flaw (CVE-2025-26685) Allows Unauthenticated Privilege Escalation

The Anatomy of an RCE Attack : The Hacker’s Big Score

Proxy-FDA: Proxy-Based Feature Distribution Alignment for Fine-Tuning Vision Foundation Models Without Forgetting

Fedora Linux è ora una distribuzione WSL ufficiale

Your Oura Ring just got one of its biggest feature updates ever – for free

I love DOOM: The Dark Ages’ brutal dark fantasy so much that I’m awarding it a perfect score — eager for more

CVE-2025-4819 – Y_Project RuoYi Remote Improper Authorization Vulnerability

CVE-2025-5096 – TablePress for WordPress DOM-Based Stored Cross-Site Scripting Vulnerability

CVE-2025-3983 – AMTT Hotel Broadband Operation System NLog Down.php Remote Command Injection Vulnerability

All About the Filament v4 Beta Release

CVE-2023-35816 – DevExpress TypeConverter Remote Code Execution Vulnerability

Related Posts