CVE-2025-47908 – Apache Middleware Denial of Service Vulnerability

August 6, 2025

CVE ID : CVE-2025-47908

Published : Aug. 6, 2025, 9:15 p.m. | 3 hours, 47 minutes ago

Description : Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers (ACRH) header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt to cause a denial of service.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-50740 – AutoConnect Arduino Library XSS Vulnerability

Next Article CVE-2025-46660 – 4C Strategies Exonaut Hashing Without Salt Vulnerability

Highlights

CVE-2025-6587 – Docker Desktop Environment Variable Disclosure Vulnerability

July 3, 2025

CVE ID : CVE-2025-6587

Published : July 3, 2025, 10:15 a.m. | 1 hour, 14 minutes ago

Description : System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information such as api keys, passwords, etc.
A malicious actor with read access to these logs could obtain secrets and further use them to gain unauthorized access to other systems. Starting with version 4.43.0 Docker Desktop no longer logs system environment variables as part of diagnostics log collection.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Error’d: You Talkin’ to Me?

The Psychology Of Trust In AI: A Guide To Measuring And Designing For User Confidence

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)

Report: The major factors driving employee disengagement in 2025

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

@ts-ignore is almost always the worst option

@ts-ignore is almost always the worst option

MutativeJS v1.3.0 is out with massive performance gains

Student Performance Prediction System using Python Machine Learning (ML)

DistroWatch Weekly, Issue 1140

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Hyprland Made Easy: Preconfigured Beautiful Distros

CVE-2025-47908 – Apache Middleware Denial of Service Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-3647 – Moodle Information Disclosure

CVE-2025-20994 – Samsung Internet File Access Vulnerability

Microsoft says get Windows 11, ditch Windows 10 to be on the “right side”

CVE-2025-4067 – ScriptAndTools Online-Travling-System Remote File Inclusion Vulnerability

CVE-2025-6587 – Docker Desktop Environment Variable Disclosure Vulnerability

Apple’s ‘The Illusion of Thinking’ is shocking – but here’s what it missed

Mozilla Firefox 138.0.3 update rolls out with some known bug fixes

CVE-2025-4903 – D-Link DI-7003GV2 Authentication Bypass Vulnerability

CVE-2025-47908 – Apache Middleware Denial of Service Vulnerability

Related Posts