CVE-2025-4115 – Netgear JWNR2000v2 Buffer Overflow Vulnerability

April 30, 2025

CVE ID : CVE-2025-4115

Published : April 30, 2025, 1:15 p.m. | 2 hours, 25 minutes ago

Description : A vulnerability classified as critical was found in Netgear JWNR2000v2 1.0.0.11. Affected by this vulnerability is the function default_version_is_new. The manipulation of the argument host leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4116 – Netgear JWNR2000 Buffer Overflow Vulnerability

Next Article CISA Adds SAP NetWeaver Vulnerability to KEV Catalog

Highlights

CVE-2025-32965 – XRP Ledger Malicious Code Exfiltration in xrpl.js

April 22, 2025

CVE ID : CVE-2025-32965

Published : April 22, 2025, 9:15 p.m. | 1 hour, 35 minutes ago

Description : xrpl.js is a JavaScript/TypeScript API for interacting with the XRP Ledger in Node.js and the browser. Versions 4.2.1, 4.2.2, 4.2.3, and 4.2.4 of xrpl.js were compromised and contained malicious code designed to exfiltrate private keys. Version 2.14.2 is also malicious, though it is less likely to lead to exploitation as it is not compatible with other 2.x versions. Anyone who used one of these versions should stop immediately and rotate any private keys or secrets used with affected systems. Users of xrpl.js should pgrade to version 4.2.5 or 2.14.3 to receive a patch. To secure funds, think carefully about whether any keys may have been compromised by this supply chain attack, and mitigate by sending funds to secure wallets, and/or rotating keys. If any account’s master key is potentially compromised, disable the key.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

What I Wish Someone Told Me When I Was Getting Into ARIA

SD Times 100

Managing the growing risk profile of agentic AI and MCP in the enterprise

How To Prevent WordPress SQL Injection Attacks

Funny Windows 11 bug brings back classic Windows boot sound from 20 years ago

Windows 11 news and updates in June: Microsoft’s AI agent in Settings makes adjusting your PC easier than ever

uBlock Origin ships to Edge for Android as Google kills it on Chrome

Windows Hello face unlock no longer works in the dark, and Microsoft says it’s not a bug

Community News: Latest PECL Releases (06.17.2025)

Community News: Latest PECL Releases (06.17.2025)

Stream-Omni: Simultaneous Multimodal Interactions with Large Language-Vision-Speech Model

How Inclusive Design Leading and Creating Solutions for Universal Design

Funny Windows 11 bug brings back classic Windows boot sound from 20 years ago

Funny Windows 11 bug brings back classic Windows boot sound from 20 years ago

Windows 11 news and updates in June: Microsoft’s AI agent in Settings makes adjusting your PC easier than ever

uBlock Origin ships to Edge for Android as Google kills it on Chrome

CVE-2025-4115 – Netgear JWNR2000v2 Buffer Overflow Vulnerability

TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert

Hard-Coded ‘b’ Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments

CVE-2025-48740 – StrangeBee TheHive CSRF

CVE-2025-46240 – Simple Download Counter Stored Cross-site Scripting

Distribution Release: Feren OS 2025.03

Master Image Processing in Node.js Using Sharp for Fast Web Apps

CVE-2025-32965 – XRP Ledger Malicious Code Exfiltration in xrpl.js

Vint Cerf on how today’s leaders can thrive in tomorrow’s AI-enabled internet

DistroWatch Weekly, Issue 1125

Train an AI Agent That Thinks and Predicts Like Stock Market Legends

CVE-2025-4115 – Netgear JWNR2000v2 Buffer Overflow Vulnerability

Related Posts