CVE-2025-26383 – Apache iSTAR Memory Information Disclosure

June 11, 2025

CVE ID : CVE-2025-26383

Published : June 11, 2025, 4:15 p.m. | 4 hours, 13 minutes ago

Description : The iSTAR Configuration Utility (ICU) tool leaks memory, which could result in the unintended exposure of unauthorized data from the Windows PC that ICU is running on.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-1698 – “Xperia Fingerprint Sensor Null Pointer Denial of Service”

Next Article Salesforce tags 5 CVEs after SaaS security probe uncovers misconfig risks

Highlights

CVE-2025-5431 – AssamLook CMS SQL Injection Vulnerability

June 2, 2025

CVE ID : CVE-2025-5431

Published : June 2, 2025, 6:15 a.m. | 1 hour, 6 minutes ago

Description : A vulnerability, which was classified as critical, was found in AssamLook CMS 1.0. Affected is an unknown function of the file /department-profile.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

Minecraft Vibrant Visuals finally has a release date and it’s dropping with the Happy Ghasts

QAQ-QQ-AI-QUEST

QAQ-QQ-AI-QUEST

JS Dark Arts: Abusing prototypes and the Result type

Helpful Git Aliases To Maximize Developer Productivity

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

CVE-2025-26383 – Apache iSTAR Memory Information Disclosure

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

Paragon Spyware used to Spy on European Journalists

CVE-2025-3628 – Moodle Anonymous Assignment De-Anonymization Vulnerability

CVE-2025-44614 – Tinxy WiFi Lock Controller Plaintext Storage Vulnerability

CVE-2025-31253 – Apple FaceTime Audio Muting Vulnerability

CVE-2025-32972 – XWiki LESS Compiler Script Privilege Escalation Vulnerability

CVE-2025-5431 – AssamLook CMS SQL Injection Vulnerability

CVE-2024-55069 – FFmpeg Null Pointer Dereference in iamf_read_header

Facebook porn scam infects 110k users in 48 hours

CVE-2025-37088 – HPE Cray Data Virtualization Service (DVS) Authentication Bypass Vulnerability

CVE-2025-26383 – Apache iSTAR Memory Information Disclosure

Related Posts