CVE-2025-5109 – FreeFloat FTP Server Buffer Overflow Vulnerability

May 23, 2025

CVE ID : CVE-2025-5109

Published : May 23, 2025, 1:15 p.m. | 2 hours, 24 minutes ago

Description : A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component STATUS Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3580 – Grafana Server Administrator Account Deletion Vulnerability

Next Article CVE-2025-5108 – Zongzhige ShopXO ZIP File Handler Unrestricted File Upload Vulnerability

Highlights

CVE-2025-54139 – HAX CMS Clickjacking Vulnerability

July 22, 2025

CVE ID : CVE-2025-54139

Published : July 23, 2025, 12:15 a.m. | 21 minutes ago

Description : HAX CMS allows users to manage their microsite universe with a NodeJS or PHP backend. In haxcms-nodejs versions 11.0.12 and below and in haxcms-php versions 11.0.7 and below, all pages within the HAX CMS application do not contain headers to prevent other websites from loading the site within an iframe. This applies to both the CMS and generated sites. An unauthenticated attacker can load the standalone login page or other sensitive functionality within an iframe, performing a UI redressing attack (clickjacking). This can be used to perform social engineering attacks to attempt to coerce users into performing unintended actions within the HAX CMS application. This is fixed in haxcms-nodejs version 11.0.13 and haxcms-php 11.0.8.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

The best AirTag alternative for Samsung users is currently 30% off

One of the biggest new features on the Google Pixel 10 is also one of the most overlooked

I tested these viral ‘crush-proof’ Bluetooth speakers, and they’re not your average portables

I compared the best smartwatches from Google and Apple – and there’s a clear winner

MongoDB Data Types

MongoDB Data Types

Building Cross-Platform Alerts with Laravel’s Notification Framework

Add Notes Functionality to Eloquent Models With the Notable Package

Microsoft Teams updated with a feature you probably thought already existed — “Can you hear me?” is now a thing of the past

Microsoft Teams updated with a feature you probably thought already existed — “Can you hear me?” is now a thing of the past

Xbox Game Pass gets Gears of War: Reloaded, Dragon Age: The Veilguard, and more — here’s what is coming through the rest of August

Resident Evil ‘9’ Requiem has some of the most incredible lighting I’ve seen in a game — and Capcom uses it as a weapon

CVE-2025-5109 – FreeFloat FTP Server Buffer Overflow Vulnerability

Blue Locker ransomware hits critical infrastructure – is your organisation ready?

GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets

Here’s why I recommend this Motorola over flagship phones that cost twice as much

Hey Sony, take notes! Virtuos’ The Elder Scrolls IV: Oblivion just proved there’s more to a great remaster than meets the eye

The top 6 GNOME extensions I install first (and what they can do for you)

Vulnerabilities in applications preloaded on Ulefone and Krüger&Matz smartphones

CVE-2025-54139 – HAX CMS Clickjacking Vulnerability

Zyxel RCE Vulnerability Allows Arbitrary Query Execution Without any Authentication

CVE-2025-4533 – JeecgBoot Document Library Upload Remote Resource Consumption Vulnerability

Distribution Release: Ubuntu Cinnamon 25.04

CVE-2025-5109 – FreeFloat FTP Server Buffer Overflow Vulnerability

Related Posts