CVE-2025-32019 – Harbor Cross-Site Scripting (XSS) Vulnerability

July 23, 2025

CVE ID : CVE-2025-32019

Published : July 23, 2025, 9:15 p.m. | 1 hour, 50 minutes ago

Description : Harbor is an open source trusted cloud native registry project that stores, signs, and scans content. Versions 2.11.2 and below, as well as versions 2.12.0-rc1 and 2.13.0-rc1, contain a vulnerability where the markdown field in the info tab page can be exploited to inject XSS code. This is fixed in versions 2.11.3 and 2.12.3.

Severity: 4.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47281 – Kyverno JMESPath Variable Substitution Denial of Service

Next Article CVE-2025-8058 – “GNU C Library Regcomp Double Free Vulnerability”

Highlights

CVE-2025-34124 – Heroes of Might and Magic III Complete Buffer Overflow Vulnerability

July 16, 2025

CVE ID : CVE-2025-34124

Published : July 16, 2025, 10:15 p.m. | 4 hours, 47 minutes ago

Description : A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9, and Demo 1.0.0.0 via malicious .h3m map files that exploit object sprite name parsing logic. The vulnerability occurs during in-game map loading when a crafted object name causes a buffer overflow, potentially allowing arbitrary code execution. Exploitation requires the victim to open a malicious map file within the game.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Value-Driven AI Roadmap

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

‘Job Hugging’ Trend Emerges as Workers Confront AI Uncertainty

Distribution Release: MocaccinoOS 25.09

Composition in CSS

DataCrunch raises €55M to boost EU AI sovereignty with green cloud infrastructure

Finally, safe array methods in JavaScript

Finally, safe array methods in JavaScript

Perficient Interviewed for Forrester Report on AI’s Transformative Role in DXPs

Perficient’s “What If? So What?” Podcast Wins Gold Stevie® Award for Technology Podcast

Distribution Release: MocaccinoOS 25.09

Distribution Release: MocaccinoOS 25.09

Speed Isn’t Everything When Buying SSDs – Here’s What Really Matters!

14 Themes for Beautifying Your Ghostty Terminal

CVE-2025-32019 – Harbor Cross-Site Scripting (XSS) Vulnerability

Qantas Airways Slashes CEO Bonus After Cyberattack Exposes 5.7 Million Customers

UAE Cyber Security Council Flags 70% Smart Home Devices as Vulnerable

CVE-2025-4315 – CubeWP WordPress Privilege Escalation Vulnerability

Student Record Android App using SQLite

One Team, One Breath: Celebrating International Yoga Day at Perficient Nagpur & Pune

CVE-2025-35036 – Apache Hibernate Expression Language Injection Vulnerability

CVE-2025-34124 – Heroes of Might and Magic III Complete Buffer Overflow Vulnerability

CVE-2025-4327 – MRCMS Cross-Site Request Forgery Vulnerability

CVE-2025-4638 – PCL Zlib Inftrees Pointer Arithmetic Vulnerability

CVE-2025-6805 – Marvell QConvergeConsole Directory Traversal Vulnerability

CVE-2025-32019 – Harbor Cross-Site Scripting (XSS) Vulnerability

Related Posts