CVE-2025-4947 – libcurl QUIC Certificate Verification Bypass

May 28, 2025

CVE ID : CVE-2025-4947

Published : May 28, 2025, 7:15 a.m. | 2 hours, 10 minutes ago

Description : libcurl accidentally skips the certificate verification for QUIC connections when connecting to a host specified as an IP address in the URL. Therefore, it does not detect impostors or man-in-the-middle attacks.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4009 – Evertz SVDN 3080ipx-10G PHP Web Management Interface Command Injection and Authentication Bypass

Next Article CVE-2025-5025 – libcurl wolfSSL QUIC Certificate Pinning Bypass

Highlights

CVE-2024-9544 – MapSVG WordPress Stored Cross-Site Scripting Vulnerability

May 22, 2025

CVE ID : CVE-2024-9544

Published : May 22, 2025, 10:15 a.m. | 1 hour, 52 minutes ago

Description : The MapSVG plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 8.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

My top 5 must-play PC games for the second half of 2025 — Will they live up to the hype?

A week of hell with my Windows 11 PC really makes me appreciate the simplicity of Google’s Chromebook laptops

Elden Ring Nightreign Night Aspect: How to beat Heolstor the Nightlord, the final boss

New Xbox games launching this week, from June 2 through June 8 — Zenless Zone Zero finally comes to Xbox

Student Record Android App using SQLite

Student Record Android App using SQLite

When Array uses less memory than Uint8Array (in V8)

Laravel 12 Starter Kits: Definite Guide Which to Choose

My top 5 must-play PC games for the second half of 2025 — Will they live up to the hype?

My top 5 must-play PC games for the second half of 2025 — Will they live up to the hype?

A week of hell with my Windows 11 PC really makes me appreciate the simplicity of Google’s Chromebook laptops

Elden Ring Nightreign Night Aspect: How to beat Heolstor the Nightlord, the final boss

CVE-2025-4947 – libcurl QUIC Certificate Verification Bypass

New Linux Flaws Allow Password Hash Theft via Core Dumps in Ubuntu, RHEL, Fedora

Google AI Edge Gallery: Unleash On-Device AI Power on Your Android (and Soon iOS!)

CVE-2025-43859: Request Smuggling Vulnerability in Python’s h11 HTTP Library

UX in Universal Design Series: Key Principles for Keyboard Access in Health Systems â€“ 2

Wikileaks’ Julian Assange Released from U.K. Prison, Heads to Australia

Internet Archive Defends Against Cyberattack Amid DDoS Assault

CVE-2024-9544 – MapSVG WordPress Stored Cross-Site Scripting Vulnerability

Samsung slashes gaming monitor prices — 50% off and a bonus Odyssey display at no extra cost

Evaluating social and ethical risks from generative AI

Updating the Frontier Safety Framework

CVE-2025-4947 – libcurl QUIC Certificate Verification Bypass

Related Posts