CVE-2025-4802 – GNU C Library LD_LIBRARY_PATH Path Traversal Vulnerability

May 16, 2025

CVE ID : CVE-2025-4802

Published : May 16, 2025, 8:15 p.m. | 48 minutes ago

Description : Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4807 – SourceCodester Online Student Clearance System Directory Traversal Information Disclosure

Next Article CVE-2025-22233 – Spring Framework Disallowed Fields Bypass Vulnerability

Highlights

CVE-2025-7553 – D-Link DIR-818LW Remote OS Command Injection Vulnerability

July 13, 2025

CVE ID : CVE-2025-7553

Published : July 14, 2025, 12:15 a.m. | 15 minutes ago

Description : A vulnerability classified as critical has been found in D-Link DIR-818LW up to 20191215. This affects an unknown part of the component System Time Page. The manipulation of the argument NTP Server leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sentry launches MCP monitoring tool

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

From Line To Layout: How Past Experiences Shape Your Design Career

Hire React.js Developers in the US: How to Choose the Right Team for Your Needs

I’ve tested every Samsung Galaxy phone in 2025 – here’s the model I’d recommend on sale

Google Photos just put all its best editing tools a tap away – here’s the shortcut

Claude can teach you how to code now, and more – how to try it

One of the best work laptops I’ve tested has MacBook written all over it (but it’s even better)

Controlling Execution Flow with Laravel’s Sleep Helper

Controlling Execution Flow with Laravel’s Sleep Helper

Generate Secure Temporary Share Links for Files in Laravel

This Week in Laravel: Filament 4, Laravel Boost, and Junie Review

KDE Plasma 6 on Wayland: the Payoff for Years of Plumbing

KDE Plasma 6 on Wayland: the Payoff for Years of Plumbing

FOSS Weekly #25.33: Debian 13 Released, Torvalds vs RISC-V, Arch’s New Tool, GNOME Perfection and More Linux Stuff

Ultimate ChatGPT-5 Prompt Guide: 52 Ideas for Any Task

CVE-2025-4802 – GNU C Library LD_LIBRARY_PATH Path Traversal Vulnerability

CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog

From Banking Darling to $1B Fraud Magnet: Inside the Zelle Lawsuit 2025

CVE-2025-3898 – Apache Webserver Denial of Service Vulnerability

CVE-2025-4586 – WordPress IRM Newsroom Plugin Stored Cross-Site Scripting

Distribution Release: Ubuntu Cinnamon 25.04

ALT Linux 11.0 Workstation: la distribuzione GNU/Linux russa con GNOME e tecnologie all’avanguardia

CVE-2025-7553 – D-Link DIR-818LW Remote OS Command Injection Vulnerability

Google Patches Actively Exploited Chrome Zero-Day: CVE-2025-6554

I tried Google’s XR glasses and they already beat my Meta Ray-Bans in 3 ways

Comparing Tauri and Electron

CVE-2025-4802 – GNU C Library LD_LIBRARY_PATH Path Traversal Vulnerability

Related Posts