CVE-2025-27827 – Mitel MiContact Center Business Session Data Information Disclosure

June 24, 2025

CVE ID : CVE-2025-27827

Published : June 24, 2025, 2:15 p.m. | 23 minutes ago

Description : A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.2.0.3 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper handling of session data. A successful exploit requires user interaction and could allow an attacker to access sensitive information, leading to unauthorized access to active chat rooms, reading chat data, and sending messages during an active chat session.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-27828 – Mitel MiContact Center Business Reflected Cross-Site Scripting Vulnerability

Next Article CVE-2025-6566 – Oatpp Oat++ JSON DeserializeArray Stack-Based Buffer Overflow Vulnerability

Highlights

CVE-2025-7854 – Tenda FH451 Stack-Based Buffer Overflow Vulnerability

July 19, 2025

CVE ID : CVE-2025-7854

Published : July 19, 2025, 9:15 p.m. | 2 hours, 29 minutes ago

Description : A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

I compared the best headphones from Apple, Sony, Bose, and Sonos: Here’s how the AirPods Max wins

I changed these 6 settings on my iPad to significantly improve its battery life

DistroWatch Weekly, Issue 1134

3 portable power stations I travel everywhere with (and how they differ)

Next.js PWA offline capability with Service Worker, no extra package

Next.js PWA offline capability with Service Worker, no extra package

spatie/laravel-flare

Establishing Consistent Data Foundations with Laravel’s Database Population System

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Best Architecture AI Rendering Platform: 6 Tools Tested

Microsoft won’t kill off Chromium Edge and PWAs on Windows 10 until October 2028

CVE-2025-27827 – Mitel MiContact Center Business Session Data Information Disclosure

Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models

Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

CVE-2025-6965 – SQLite Aggregate Overflow

Apple’s Powerful Xcode Update: ChatGPT Integration Transforms App Development

Grafana Patches XSS (CVE-2025-6023) and Open Redirect (CVE-2025-6197) Flaws in Recent Security Release

Rilasciato Agama 16: l’Installatore di openSUSE Introduce il Supporto per Wayland

CVE-2025-7854 – Tenda FH451 Stack-Based Buffer Overflow Vulnerability

CVE-2025-46661 – IPW Systems Metazo Server-Side Template-Injection Vulnerability

CVE-2025-42971 – SAPCAR Out-of-Bounds Memory Corruption Vulnerability

playerctl – MPRIS media player command-line controller

CVE-2025-27827 – Mitel MiContact Center Business Session Data Information Disclosure

Related Posts