CVE-2025-8138

creation_timestamp| type| source ---|---|--- 2025-07-25 15:08:01+00:00| seen|...Read More ...

Continue Reading
K000152749: AMI’s SPx vulnerability CVE-2024-54085

Security Advisory Description AMI's SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of t ...

Continue Reading
ToolShell: Remote Code Execution in Microsoft SharePoint (CVE-2025-53770)

On July 19, 2025, a critical remote code execution (RCE) vulnerability (CVE-2025-53770, also referred to as ToolShell) was publicly disclosed, impacting on-premises Microsoft SharePoint Server install ...

Continue Reading
Assemblyline 4 service client vulnerable to Arbitrary Write through path traversal in Client code

Path-Traversal -> Arbitrary File Write in Assemblyline Service Client 1. Summary The Assemblyline 4 service client (task_handler.py) accepts a SHA-256 value returned by the service server and ...

Continue Reading
XWiki Platform vulnerable to SQL injection through XWiki#searchDocuments API

Impact It's possible to execute any SQL query in Oracle by using the function like DBMS_XMLGEN or DBMS_XMLQUERY. The XWiki#searchDocuments APIs are not sanitizing the query at all and even if the ...

Continue Reading
EUVD-2025-22548

LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices. In versions before 2.2.1, there is a critical SQL Injection vulnerability ...

Continue Reading
EUVD-2025-22549

Quiet is an alternative to team chat apps like Slack, Discord, and Element that does not require trusting a central server or running one's own. In versions 6.1.0-alpha.4 and below, Quiet's ...

Continue Reading
EUVD-2025-22563

Akamai Rate Control alpha before 2025 allows attackers to send requests above the stipulated thresholds because the rate is measured separately for each edge...Read More ...

Continue Reading

Back to Main

Subscribe for the latest news: