CVE-2025-32978 – Quest KACE Systems Management Appliance License Replacement Vulnerability

June 24, 2025

CVE ID : CVE-2025-32978

Published : June 24, 2025, 3:15 p.m. | 3 hours, 38 minutes ago

Description : Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) allows unauthenticated users to replace system licenses through a web interface intended for license renewal. Attackers can exploit this to replace valid licenses with expired or trial licenses, causing denial of service.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-36537 – TeamViewer Remote and Tensor Privilege Escalation Vulnerability

Next Article CVE-2025-32977 – Quest KACE Systems Management Appliance File Upload Vulnerability

Highlights

CVE-2025-5807 – WordPress Gwolle Guestbook Stored Cross-Site Scripting Vulnerability

July 10, 2025

CVE ID : CVE-2025-5807

Published : July 10, 2025, 2:15 a.m. | 1 hour, 49 minutes ago

Description : The Gwolle Guestbook plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘gwolle_gb_content’ parameter in all versions up to, and including, 4.9.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

GitHub’s CEO Thomas Dohmke steps down, triggering tighter integration of company within Microsoft

bitHuman launches SDK for creating AI avatars

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

I found a Google Maps alternative that won’t track you or drain your battery – and it’s free

I tested this new AI podcast tool to see if it can beat NotebookLM – here’s how it did

Microsoft’s new update makes your taskbar a productivity hub – here’s how

Save $50 on the OnePlus Pad 3 plus get a free gift – here’s the deal

Laravel Global Scopes: Automatic Query Filtering

Laravel Global Scopes: Automatic Query Filtering

Building MCP Servers in PHP

Filament v4 is Stable!

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

Madden NFL 26 Leads This Week’s Xbox Drops—But Don’t Miss These Hidden Gems

ASUS G14 Bulked Up for 2025—Still Sexy, Just a Bit Chonkier

CVE-2025-32978 – Quest KACE Systems Management Appliance License Replacement Vulnerability

Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability

WinRAR zero-day exploited in espionage attacks against high-value targets

CVE-2025-6287 – PHPGurukul COVID19 Testing Management System Cross Site Scripting Vulnerability

Laravel Simple RabbitMQ Package

North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages

WordFinder app: Harnessing generative AI on AWS for aphasia communication

CVE-2025-5807 – WordPress Gwolle Guestbook Stored Cross-Site Scripting Vulnerability

CVE-2025-22884 – Delta Electronics ISPSoft Stack-Based Buffer Overflow Vulnerability

CVE-2023-47298 – “NCR Terminal Handler Information Disclosure Vulnerability”

CVE-2025-43488 – Poly Clariti Manager XSS Bypass

CVE-2025-32978 – Quest KACE Systems Management Appliance License Replacement Vulnerability

Related Posts