{
"Source": "CVE FEED",
"Title": "CVE-2025-49196 - Fortinet TLS Weakness",
"Content": "CVE ID : CVE-2025-49196
Published : June 12, 2025, 3:15 p.m. | 1 hour, 8 minutes ago
Description : A service supports the use of a deprecated and unsafe TLS version. This could be exploited to expose sensitive information, modify data in unexpected ways or spoof identities of other users or devices, affecting the confidentiality and integrity of the device.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49196 - Fortinet TLS Weakness",
"Content": "CVE ID : CVE-2025-49196
Published : June 12, 2025, 3:15 p.m. | 1 hour, 8 minutes ago
Description : A service supports the use of a deprecated and unsafe TLS version. This could be exploited to expose sensitive information, modify data in unexpected ways or spoof identities of other users or devices, affecting the confidentiality and integrity of the device.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49197 - Cisco FTP Weak Password Hash",
"Content": "CVE ID : CVE-2025-49197
Published : June 12, 2025, 3:15 p.m. | 1 hour, 8 minutes ago
Description : The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49197 - Cisco FTP Weak Password Hash",
"Content": "CVE ID : CVE-2025-49197
Published : June 12, 2025, 3:15 p.m. | 1 hour, 8 minutes ago
Description : The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2024-56158 - XWiki Oracle SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2024-56158
Published : June 12, 2025, 3:15 p.m. | 1 hour, 8 minutes ago
Description : XWiki is a generic wiki platform. It's possible to execute any SQL query in Oracle by using the function like DBMS_XMLGEN or DBMS_XMLQUERY. The XWiki query validator does not sanitize functions that would be used in a simple select and Hibernate allows using any native function in an HQL query. This vulnerability is fixed in 16.10.2, 16.4.7, and 15.10.16.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2024-56158 - XWiki Oracle SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2024-56158
Published : June 12, 2025, 3:15 p.m. | 1 hour, 8 minutes ago
Description : XWiki is a generic wiki platform. It's possible to execute any SQL query in Oracle by using the function like DBMS_XMLGEN or DBMS_XMLQUERY. The XWiki query validator does not sanitize functions that would be used in a simple select and Hibernate allows using any native function in an HQL query. This vulnerability is fixed in 16.10.2, 16.4.7, and 15.10.16.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49187 - Apache HTTP Server Username Brute Forcing",
"Content": "CVE ID : CVE-2025-49187
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : For failed login attempts, the application returns different error messages depending on whether the login failed due to an incorrect password or a non-existing username. This allows an attacker to guess usernames until they find an existing one.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49187 - Apache HTTP Server Username Brute Forcing",
"Content": "CVE ID : CVE-2025-49187
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : For failed login attempts, the application returns different error messages depending on whether the login failed due to an incorrect password or a non-existing username. This allows an attacker to guess usernames until they find an existing one.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49188 - Apache HTTP Server Authentication Credentials Exposure Vulnerability",
"Content": "CVE ID : CVE-2025-49188
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : The application sends user credentials as URL parameters instead of POST bodies, making it vulnerable to information gathering.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49188 - Apache HTTP Server Authentication Credentials Exposure Vulnerability",
"Content": "CVE ID : CVE-2025-49188
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : The application sends user credentials as URL parameters instead of POST bodies, making it vulnerable to information gathering.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49190 - Apache HTTP Server SSRF Vulnerability",
"Content": "CVE ID : CVE-2025-49190
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : The application is vulnerable to Server-Side Request Forgery (SSRF). An endpoint can be used to send server internal requests to other ports.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49190 - Apache HTTP Server SSRF Vulnerability",
"Content": "CVE ID : CVE-2025-49190
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : The application is vulnerable to Server-Side Request Forgery (SSRF). An endpoint can be used to send server internal requests to other ports.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49191 - Apache Atlas Cross-Site Scripting (XSS)",
"Content": "CVE ID : CVE-2025-49191
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : Linked URLs during the creation of iFrame widgets and dashboards are vulnerable to code execution. The URLs get embedded as iFrame widgets, making it possible to attack other users that access the dashboard by including malicious code. The attack is only possible if the attacker is authorized to create new dashboards or iFrame widgets.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49191 - Apache Atlas Cross-Site Scripting (XSS)",
"Content": "CVE ID : CVE-2025-49191
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : Linked URLs during the creation of iFrame widgets and dashboards are vulnerable to code execution. The URLs get embedded as iFrame widgets, making it possible to attack other users that access the dashboard by including malicious code. The attack is only possible if the attacker is authorized to create new dashboards or iFrame widgets.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49186 - Apache HTTP Server Authentication Bypass",
"Content": "CVE ID : CVE-2025-49186
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susceptible to brute-force attacks.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49186 - Apache HTTP Server Authentication Bypass",
"Content": "CVE ID : CVE-2025-49186
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susceptible to brute-force attacks.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49189 - Apache HTTP Server HTTPOnly Session Cookie Vulnerability",
"Content": "CVE ID : CVE-2025-49189
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : The HttpOnlyflag of the session cookie "@@" is set to false. Since this flag helps preventing access to cookies via client-side scripts, setting the flag to false can lead to a higher possibility of Cross-Side-Scripting attacks which target the stored cookies.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49189 - Apache HTTP Server HTTPOnly Session Cookie Vulnerability",
"Content": "CVE ID : CVE-2025-49189
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : The HttpOnlyflag of the session cookie "@@" is set to false. Since this flag helps preventing access to cookies via client-side scripts, setting the flag to false can lead to a higher possibility of Cross-Side-Scripting attacks which target the stored cookies.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49181 - Apache Log Service Unauthenticated API Endpoint Information Disclosure and Configuration Modification Vulnerability",
"Content": "CVE ID : CVE-2025-49181
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : Due to missing authorization of an API endpoint, unauthorized users can send HTTP GET
requests to gather sensitive information. An attacker could also send HTTP POST requests to modify
the log filesโ root path as well as the TCP ports the service is running on, leading to a Denial of Service
attack.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49181 - Apache Log Service Unauthenticated API Endpoint Information Disclosure and Configuration Modification Vulnerability",
"Content": "CVE ID : CVE-2025-49181
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : Due to missing authorization of an API endpoint, unauthorized users can send HTTP GET
requests to gather sensitive information. An attacker could also send HTTP POST requests to modify
the log filesโ root path as well as the TCP ports the service is running on, leading to a Denial of Service
attack.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49182 - Citrix Application Credentials Disclosure",
"Content": "CVE ID : CVE-2025-49182
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : Files in the source code contain login credentials for the admin user and the property configuration password, allowing an attacker to get full access to the application.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49182 - Citrix Application Credentials Disclosure",
"Content": "CVE ID : CVE-2025-49182
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : Files in the source code contain login credentials for the admin user and the property configuration password, allowing an attacker to get full access to the application.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49183 - Apache HTTP Unencrypted Communication Vulnerability",
"Content": "CVE ID : CVE-2025-49183
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : All communication with the REST API is unencrypted (HTTP), allowing an attacker to intercept traffic between an actor and the webserver. This leads to the possibility of information gathering and downloading media files.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49183 - Apache HTTP Unencrypted Communication Vulnerability",
"Content": "CVE ID : CVE-2025-49183
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : All communication with the REST API is unencrypted (HTTP), allowing an attacker to intercept traffic between an actor and the webserver. This leads to the possibility of information gathering and downloading media files.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49184 - Apache Product Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-49184
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : A remote unauthorized attacker may gather sensitive information of the application, due to missing authorization of configuration settings of the product.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49184 - Apache Product Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-49184
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : A remote unauthorized attacker may gather sensitive information of the application, due to missing authorization of configuration settings of the product.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-5982 - GitLab EE IP Access Restriction Bypass Vulnerability",
"Content": "CVE ID : CVE-2025-5982
Published : June 12, 2025, 5:15 p.m. | 1 hour, 9 minutes ago
Description : An issue has been discovered in GitLab EE affecting all versions from 12.0 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Under certain conditions users could bypass IP access restrictions and view sensitive information.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-5982 - GitLab EE IP Access Restriction Bypass Vulnerability",
"Content": "CVE ID : CVE-2025-5982
Published : June 12, 2025, 5:15 p.m. | 1 hour, 9 minutes ago
Description : An issue has been discovered in GitLab EE affecting all versions from 12.0 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Under certain conditions users could bypass IP access restrictions and view sensitive information.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49080 - "Absolute Secure Access Server Denial of Service Vulnerability"",
"Content": "CVE ID : CVE-2025-49080
Published : June 12, 2025, 5:15 p.m. | 1 hour, 9 minutes ago
Description : There is a memory management vulnerability in Absolute
Secure Access server versions 9.0 to 13.54. Attackers with network access to
the server can cause a Denial of Service by sending a specially crafted
sequence of packets to the server. The attack complexity is low, there are no
attack requirements, privileges, or user interaction required. Loss of
availability is high; there is no impact on confidentiality or integrity.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49080 - "Absolute Secure Access Server Denial of Service Vulnerability"",
"Content": "CVE ID : CVE-2025-49080
Published : June 12, 2025, 5:15 p.m. | 1 hour, 9 minutes ago
Description : There is a memory management vulnerability in Absolute
Secure Access server versions 9.0 to 13.54. Attackers with network access to
the server can cause a Denial of Service by sending a specially crafted
sequence of packets to the server. The attack complexity is low, there are no
attack requirements, privileges, or user interaction required. Loss of
availability is high; there is no impact on confidentiality or integrity.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2024-55567 - Insyde H2O UsbCoreDxe SMM Call Out Vulnerability",
"Content": "CVE ID : CVE-2024-55567
Published : June 12, 2025, 5:15 p.m. | 1 hour, 9 minutes ago
Description : Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05.47.01, 5.5 before 05.55.01, 5.6 before 05.62.01, and 5.7 before 05.71.01. The SMM module has an SMM call out vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2024-55567 - Insyde H2O UsbCoreDxe SMM Call Out Vulnerability",
"Content": "CVE ID : CVE-2024-55567
Published : June 12, 2025, 5:15 p.m. | 1 hour, 9 minutes ago
Description : Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05.47.01, 5.5 before 05.55.01, 5.6 before 05.62.01, and 5.7 before 05.71.01. The SMM module has an SMM call out vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2023-45256 - PrestaShop EuroInformation MoneticoPaiement SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2023-45256
Published : June 12, 2025, 5:15 p.m. | 1 hour, 9 minutes ago
Description : Multiple SQL injection vulnerabilities in the EuroInformation MoneticoPaiement module before 1.1.1 for PrestaShop allow remote attackers to execute arbitrary SQL commands via the TPE, societe, MAC, reference, or aliascb parameter to transaction.php, validation.php, or callback.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2023-45256 - PrestaShop EuroInformation MoneticoPaiement SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2023-45256
Published : June 12, 2025, 5:15 p.m. | 1 hour, 9 minutes ago
Description : Multiple SQL injection vulnerabilities in the EuroInformation MoneticoPaiement module before 1.1.1 for PrestaShop allow remote attackers to execute arbitrary SQL commands via the TPE, societe, MAC, reference, or aliascb parameter to transaction.php, validation.php, or callback.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-36573 - Dell Smart Dock Firmware Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-36573
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : Dell Smart Dock Firmware, versions prior to 01.00.08.01, contain an Insertion of Sensitive Information into Log File vulnerability. A user with local access could potentially exploit this vulnerability, leading to Information disclosure.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-36573 - Dell Smart Dock Firmware Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-36573
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : Dell Smart Dock Firmware, versions prior to 01.00.08.01, contain an Insertion of Sensitive Information into Log File vulnerability. A user with local access could potentially exploit this vulnerability, leading to Information disclosure.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-46035 - Tenda AC6 Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-46035
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-46035 - Tenda AC6 Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-46035
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49467 - JEvents SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-49467
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : A SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla was discovered. The extension is vulnerable to SQL injection via publicly accessible actions to list events by date ranges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49467 - JEvents SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-49467
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : A SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla was discovered. The extension is vulnerable to SQL injection via publicly accessible actions to list events by date ranges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2024-44905 - Go-Pg SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2024-44905
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : go-pg pg v10.13.0 was discovered to contain a SQL injection vulnerability via the component /types/append_value.go.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2024-44905 - Go-Pg SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2024-44905
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : go-pg pg v10.13.0 was discovered to contain a SQL injection vulnerability via the component /types/append_value.go.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น