CVE-2025-48788 – Apache HTTP Server Credentials Disclosure

May 27, 2025

CVE ID : CVE-2025-48788

Published : May 27, 2025, 4:15 a.m. | 42 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48789 – Apache Struts Command Injection

Next Article CVE-2025-48786 – Apache HTTP Server Cross-Site Request Forgery

Highlights

CVE-2010-10015 – AOL Phobos.dll Stack-Based Buffer Overflow Vulnerability

August 21, 2025

CVE ID : CVE-2010-10015

Published : Aug. 21, 2025, 8:15 p.m. | 5 hours, 4 minutes ago

Description : AOL versions up to and including 9.5 includes an ActiveX control (Phobos.dll) that exposes a method called Import() via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overflow when provided with an excessively long string argument. Exploitation allows remote attackers to execute arbitrary code in the context of the user, but only when the malicious HTML file is opened locally, due to the control not being marked safe for scripting or initialization. AOL remains an active and supported brand offering services like AOL Mail and AOL Desktop Gold, but the legacy AOL 9.5 desktop software—specifically the version containing the vulnerable Phobos.dll ActiveX control—is long discontinued and no longer maintained.

Severity: 8.4 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Myopic Focus

The Value-Driven AI Roadmap

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

‘Job Hugging’ Trend Emerges as Workers Confront AI Uncertainty

Distribution Release: MocaccinoOS 25.09

Composition in CSS

DataCrunch raises €55M to boost EU AI sovereignty with green cloud infrastructure

External Forces Reshaping Financial Services in 2025 and Beyond

External Forces Reshaping Financial Services in 2025 and Beyond

Why It’s Time to Move from SharePoint On-Premises to SharePoint Online

Apple’s Big Move: The Future of Mobile

I Discovered the Wonderful Compose Key After 15 Years of Using Linux

I Discovered the Wonderful Compose Key After 15 Years of Using Linux

Distribution Release: MocaccinoOS 25.09

Speed Isn’t Everything When Buying SSDs – Here’s What Really Matters!

CVE-2025-48788 – Apache HTTP Server Credentials Disclosure

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs

CVE-2025-47733 – Microsoft Power Apps SSRF Vulnerability

How do you check for the equivalent of ‘deceptive design’ for coding in software?

Borderlands 4’s PC system requirements need specs over 50% of Steam doesn’t have, so I hope you’re ready to upgrade

CVE-2025-48921 – Drupal Open Social CSRF Vulnerability

CVE-2010-10015 – AOL Phobos.dll Stack-Based Buffer Overflow Vulnerability

How Deutsche Bahn redefines forecasting using Chronos models – Now available on Amazon Bedrock Marketplace

Minecraft friendly ghasts and Vibrant Visuals are rolling out to players

How I Landed 20+ Conference Talks – and How You Can, Too

CVE-2025-48788 – Apache HTTP Server Credentials Disclosure

Related Posts