CVE-2025-1235 – Cisco Switch Date Overflow Vulnerability

June 2, 2025

CVE ID : CVE-2025-1235

Published : June 2, 2025, 7:15 a.m. | 4 hours, 7 minutes ago

Description : A low privileged attacker can set the date of the devices to the 19th of January 2038 an therefore exceed the 32-Bit time limit. This causes the date of the switch to be set back to January 1st, 1970.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5433 – Fengoffice SQL Injection Vulnerability

Next Article CVE-2025-4010 – Netcom NTC 6200 and NWL 222 Web Interface Command Injection Vulnerability

Highlights

CVE-2025-32974 – XWiki Cross-Site Scripting (XSS) and Privilege Escalation Vulnerability

April 30, 2025

CVE ID : CVE-2025-32974

Published : April 30, 2025, 3:16 p.m. | 25 minutes ago

Description : XWiki is a generic wiki platform. In versions starting from 15.9-rc-1 to before 15.10.8 and from 16.0.0-rc-1 to before 16.2.0, the required rights analysis doesn’t consider TextAreas with default content type. When editing a page, XWiki warns since version 15.9 when there is content on the page like a script macro that would gain more rights due to the editing. This analysis doesn’t consider certain kinds of properties, allowing a user to put malicious scripts in there that will be executed after a user with script, admin, or programming rights edited the page. Such a malicious script could impact the confidentiality, integrity and availability of the whole XWiki installation. This issue has been patched in versions 15.10.8 and 16.2.0.

Severity: 9.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

In-House vs. Outsource Node.js Development Teams: 9 Key Differences for the C-Suite (2025)

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

DistroWatch Weekly, Issue 1131

I ditched my Bluetooth speakers for this slick turntable – and it’s more practical than I thought

This split keyboard offers deep customization – if you’re willing to go all in

I spoke with an AI version of myself, thanks to Hume’s free tool – how to try it

The details of TC39’s last meeting

The details of TC39’s last meeting

Simple wrapper for Chrome’s built-in local LLM (Gemini Nano)

Online Examination System using PHP and MySQL

Windows 11 tests “shared audio” to play music via multiple devices, new taskbar animations

Windows 11 tests “shared audio” to play music via multiple devices, new taskbar animations

WhatsApp for Windows 11 is switching back to Chromium web wrapper from UWP/native

DistroWatch Weekly, Issue 1131

CVE-2025-1235 – Cisco Switch Date Overflow Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

You can now access Android, iPhone from Windows 11 Start menu and transfer files

Rethinking Toxic Data in LLM Pretraining: A Co-Design Approach for Improved Steerability and Detoxification

CVE-2025-1333 – IBM MQ Container Keycloak Information Disclosure

CVE-2025-27206 – Adobe Commerce Improper Access Control Security Feature Bypass

CVE-2025-32974 – XWiki Cross-Site Scripting (XSS) and Privilege Escalation Vulnerability

Evaluating social and ethical risks from generative AI

New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy

How Google’s AI combats new scam tactics – and how you can stay one step ahead

CVE-2025-1235 – Cisco Switch Date Overflow Vulnerability

Related Posts