CVE-2025-27709 – Zohocorp ManageEngine ADAudit Plus SQL Injection Vulnerability

June 9, 2025

CVE ID : CVE-2025-27709

Published : June 9, 2025, 11:15 a.m. | 1 hour, 14 minutes ago

Description : Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the Service Account Auditing reports.

Severity: 8.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3835 – Zohocorp ManageEngine Exchange Reporter Plus Remote Code Execution Vulnerability

Next Article CVE-2025-5872 – eGauge EG3000 Energy Monitor Authentication Bypass Vulnerability

Highlights

CVE-2025-5642 – Radare2 radiff2 Memory Corruption Vulnerability

June 5, 2025

CVE ID : CVE-2025-5642

Published : June 5, 2025, 7:15 a.m. | 4 hours, 25 minutes ago

Description : A vulnerability classified as problematic has been found in Radare2 5.9.9. Affected is the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation leads to memory corruption. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The patch is identified as 5705d99cc1f23f36f9a84aab26d1724010b97798. It is recommended to apply a patch to fix this issue. The documentation explains that the parameter -T is experimental and “crashy”. Further analysis has shown “the race is not a real problem unless you use asan”. A new warning has been added.

Severity: 2.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Vanillin Market Benefits from Clean Label and Natural Ingredient Trends

April 10, 2025

Microsoft stops selling flagship Surface Pro 11 and Surface Laptop 7 for $999 — they’re now more expensive, but tariffs aren’t to blame

May 8, 2025

CVE-2025-45488 – Linksys E5600 Command Injection Vulnerability

May 6, 2025

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

Minecraft Vibrant Visuals finally has a release date and it’s dropping with the Happy Ghasts

QAQ-QQ-AI-QUEST

QAQ-QQ-AI-QUEST

JS Dark Arts: Abusing prototypes and the Result type

Helpful Git Aliases To Maximize Developer Productivity

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

CVE-2025-27709 – Zohocorp ManageEngine ADAudit Plus SQL Injection Vulnerability

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

Paragon Spyware used to Spy on European Journalists

You May Know More About Security and IAM on the Mainframe Than You Think

CVE-2025-45949 – PHPGurukul User Registration & Login and User Management System Session Hijacking Vulnerability

Benchmarking the next generation of never-ending learners

Threat Actors Allegedly Selling Baldwin Killer That Bypasses AV & EDR

CVE-2025-5642 – Radare2 radiff2 Memory Corruption Vulnerability

Vanillin Market Benefits from Clean Label and Natural Ingredient Trends

Microsoft stops selling flagship Surface Pro 11 and Surface Laptop 7 for $999 — they’re now more expensive, but tariffs aren’t to blame

CVE-2025-45488 – Linksys E5600 Command Injection Vulnerability

CVE-2025-27709 – Zohocorp ManageEngine ADAudit Plus SQL Injection Vulnerability

Related Posts