CVE-2025-46171 – vBulletin Denial-of-Service Vulnerability

July 23, 2025

CVE ID : CVE-2025-46171

Published : July 23, 2025, 4:15 p.m. | 6 hours, 50 minutes ago

Description : vBulletin 3.8.7 is vulnerable to a denial-of-service condition via the misc.php?do=buddylist endpoint. If an authenticated user has a sufficiently large buddy list, processing the list can consume excessive memory, exhausting system resources and crashing the forum.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-8069 – AWS Client VPN Windows OpenSSL Configuration File Execution

Next Article CVE-2025-50481 – Mezzanine CMS XSS Vulnerability

Highlights

CVE-2025-53906 – Vim Zip File Path Traversal Vulnerability

July 16, 2025

CVE ID : CVE-2025-53906

Published : July 15, 2025, 9:15 p.m. | 5 hours, 38 minutes ago

Description : Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.

Severity: 4.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Value-Driven AI Roadmap

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

As Windows 10 support ends, users weigh costly extended security program against upgrading to Windows 11

Lenovo’s Legion Glasses 2 update could change handheld gaming

Is Lenovo’s refreshed LOQ tower enough to compete? New OLED monitors raise the stakes at IFA 2025

External Forces Reshaping Financial Services in 2025 and Beyond

External Forces Reshaping Financial Services in 2025 and Beyond

Why It’s Time to Move from SharePoint On-Premises to SharePoint Online

Apple’s Big Move: The Future of Mobile

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

As Windows 10 support ends, users weigh costly extended security program against upgrading to Windows 11

Lenovo’s Legion Glasses 2 update could change handheld gaming

CVE-2025-46171 – vBulletin Denial-of-Service Vulnerability

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs

CVE-2025-53495 – Wikimedia Foundation Mediawiki AbuseFilter Extension Authorization Bypass

How to Audit Android Accessibility with the Accessibility Scanner App

Nottodbox – organize notes, to-dos and diaries

Navigating the Digital Transformation Landscape in 2025

CVE-2025-53906 – Vim Zip File Path Traversal Vulnerability

CVE-2025-45080 – SBI YONO Man-in-the-Middle Attack

CVE-2025-29746 – Koillection Cross Site Scripting (XSS)

Typewriter – create documents with typst

CVE-2025-46171 – vBulletin Denial-of-Service Vulnerability

Related Posts