CVE-2025-5105 – “Tozed ZLT W51 Heap Memory Corruption”

May 23, 2025

CVE ID : CVE-2025-5105

Published : May 23, 2025, 12:15 p.m. | 24 minutes ago

Description : A vulnerability was found in TOZED ZLT W51 up to 1.4.2 and classified as critical. Affected by this issue is some unknown functionality of the component Service Port 7777. The manipulation leads to improper clearing of heap memory before release. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5106 – Fujian Kelixun Filename Handler Os Command Injection Vulnerability

Next Article CVE-2025-41407 – Zohocorp ManageEngine ADAudit Plus SQL Injection Vulnerability

Highlights

CVE-2025-53006 – DataEase PostgreSQL/Redshift SSL Factory Parameter Injection Vulnerability

July 2, 2025

CVE ID : CVE-2025-53006

Published : July 2, 2025, 3:15 p.m. | 4 hours, 27 minutes ago

Description : DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, in both PostgreSQL and Redshift, apart from parameters like “socketfactory” and “socketfactoryarg”, there are also “sslfactory” and “sslfactoryarg” with similar functionality. The difference lies in that “sslfactory” and related parameters need to be triggered after establishing the connection. Other similar parameters include “sslhostnameverifier”, “sslpasswordcallback”, and “authenticationPluginClassName”. This issue has been patched in 2.10.11.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

The best AirTag alternative for Samsung users is currently 30% off

One of the biggest new features on the Google Pixel 10 is also one of the most overlooked

I tested these viral ‘crush-proof’ Bluetooth speakers, and they’re not your average portables

I compared the best smartwatches from Google and Apple – and there’s a clear winner

MongoDB Data Types

MongoDB Data Types

Building Cross-Platform Alerts with Laravel’s Notification Framework

Add Notes Functionality to Eloquent Models With the Notable Package

Microsoft nags more users with Windows 10 end of life banner, says get Windows 11

Microsoft nags more users with Windows 10 end of life banner, says get Windows 11

Hate Windows 11? Windows 10’s extended updates Enroll button is slowly rolling out, says Microsoft

Firefox Web App Support Available to Test (on Windows, At Least)

CVE-2025-5105 – “Tozed ZLT W51 Heap Memory Corruption”

CVE-2025-8208 – Spexo Addons for Elementor WordPress Stored Cross-Site Scripting

CVE-2025-9379 – “Belkin AX1800 Firmware Update Handler Remote Authentication Bypass”

CVE-2025-6854 – Chatchat-space Langchain-Chatchat Path Traversal Vulnerability

Rilasciato PeaZip 10.5: Miglioramenti per il Gestore di File e Archivi

Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server

Improve HTTP Error Testing with Laravel’s requestException() Method

CVE-2025-53006 – DataEase PostgreSQL/Redshift SSL Factory Parameter Injection Vulnerability

CVE-2025-4468 – SourceCodester Online Student Clearance System File Upload Vulnerability

CVE-2025-37793 – Intel ASoC avs Null Pointer Dereference Vulnerability

CVE-2025-31700 – Dahua Network Device Buffer Overflow Vulnerability

CVE-2025-5105 – “Tozed ZLT W51 Heap Memory Corruption”

Related Posts