{
"Source": "CVE FEED",
"Title": "CVE-2025-49188 - Apache HTTP Server Authentication Credentials Exposure Vulnerability",
"Content": "CVE ID : CVE-2025-49188
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : The application sends user credentials as URL parameters instead of POST bodies, making it vulnerable to information gathering.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49188 - Apache HTTP Server Authentication Credentials Exposure Vulnerability",
"Content": "CVE ID : CVE-2025-49188
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : The application sends user credentials as URL parameters instead of POST bodies, making it vulnerable to information gathering.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49190 - Apache HTTP Server SSRF Vulnerability",
"Content": "CVE ID : CVE-2025-49190
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : The application is vulnerable to Server-Side Request Forgery (SSRF). An endpoint can be used to send server internal requests to other ports.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49190 - Apache HTTP Server SSRF Vulnerability",
"Content": "CVE ID : CVE-2025-49190
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : The application is vulnerable to Server-Side Request Forgery (SSRF). An endpoint can be used to send server internal requests to other ports.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49191 - Apache Atlas Cross-Site Scripting (XSS)",
"Content": "CVE ID : CVE-2025-49191
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : Linked URLs during the creation of iFrame widgets and dashboards are vulnerable to code execution. The URLs get embedded as iFrame widgets, making it possible to attack other users that access the dashboard by including malicious code. The attack is only possible if the attacker is authorized to create new dashboards or iFrame widgets.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49191 - Apache Atlas Cross-Site Scripting (XSS)",
"Content": "CVE ID : CVE-2025-49191
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : Linked URLs during the creation of iFrame widgets and dashboards are vulnerable to code execution. The URLs get embedded as iFrame widgets, making it possible to attack other users that access the dashboard by including malicious code. The attack is only possible if the attacker is authorized to create new dashboards or iFrame widgets.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49186 - Apache HTTP Server Authentication Bypass",
"Content": "CVE ID : CVE-2025-49186
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susceptible to brute-force attacks.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49186 - Apache HTTP Server Authentication Bypass",
"Content": "CVE ID : CVE-2025-49186
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susceptible to brute-force attacks.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49189 - Apache HTTP Server HTTPOnly Session Cookie Vulnerability",
"Content": "CVE ID : CVE-2025-49189
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : The HttpOnlyflag of the session cookie "@@" is set to false. Since this flag helps preventing access to cookies via client-side scripts, setting the flag to false can lead to a higher possibility of Cross-Side-Scripting attacks which target the stored cookies.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49189 - Apache HTTP Server HTTPOnly Session Cookie Vulnerability",
"Content": "CVE ID : CVE-2025-49189
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : The HttpOnlyflag of the session cookie "@@" is set to false. Since this flag helps preventing access to cookies via client-side scripts, setting the flag to false can lead to a higher possibility of Cross-Side-Scripting attacks which target the stored cookies.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49181 - Apache Log Service Unauthenticated API Endpoint Information Disclosure and Configuration Modification Vulnerability",
"Content": "CVE ID : CVE-2025-49181
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : Due to missing authorization of an API endpoint, unauthorized users can send HTTP GET
requests to gather sensitive information. An attacker could also send HTTP POST requests to modify
the log filesโ root path as well as the TCP ports the service is running on, leading to a Denial of Service
attack.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49181 - Apache Log Service Unauthenticated API Endpoint Information Disclosure and Configuration Modification Vulnerability",
"Content": "CVE ID : CVE-2025-49181
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : Due to missing authorization of an API endpoint, unauthorized users can send HTTP GET
requests to gather sensitive information. An attacker could also send HTTP POST requests to modify
the log filesโ root path as well as the TCP ports the service is running on, leading to a Denial of Service
attack.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49182 - Citrix Application Credentials Disclosure",
"Content": "CVE ID : CVE-2025-49182
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : Files in the source code contain login credentials for the admin user and the property configuration password, allowing an attacker to get full access to the application.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49182 - Citrix Application Credentials Disclosure",
"Content": "CVE ID : CVE-2025-49182
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : Files in the source code contain login credentials for the admin user and the property configuration password, allowing an attacker to get full access to the application.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49183 - Apache HTTP Unencrypted Communication Vulnerability",
"Content": "CVE ID : CVE-2025-49183
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : All communication with the REST API is unencrypted (HTTP), allowing an attacker to intercept traffic between an actor and the webserver. This leads to the possibility of information gathering and downloading media files.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49183 - Apache HTTP Unencrypted Communication Vulnerability",
"Content": "CVE ID : CVE-2025-49183
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : All communication with the REST API is unencrypted (HTTP), allowing an attacker to intercept traffic between an actor and the webserver. This leads to the possibility of information gathering and downloading media files.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49184 - Apache Product Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-49184
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : A remote unauthorized attacker may gather sensitive information of the application, due to missing authorization of configuration settings of the product.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49184 - Apache Product Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-49184
Published : June 12, 2025, 2:15 p.m. | 2 hours, 8 minutes ago
Description : A remote unauthorized attacker may gather sensitive information of the application, due to missing authorization of configuration settings of the product.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-5982 - GitLab EE IP Access Restriction Bypass Vulnerability",
"Content": "CVE ID : CVE-2025-5982
Published : June 12, 2025, 5:15 p.m. | 1 hour, 9 minutes ago
Description : An issue has been discovered in GitLab EE affecting all versions from 12.0 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Under certain conditions users could bypass IP access restrictions and view sensitive information.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-5982 - GitLab EE IP Access Restriction Bypass Vulnerability",
"Content": "CVE ID : CVE-2025-5982
Published : June 12, 2025, 5:15 p.m. | 1 hour, 9 minutes ago
Description : An issue has been discovered in GitLab EE affecting all versions from 12.0 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Under certain conditions users could bypass IP access restrictions and view sensitive information.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49080 - "Absolute Secure Access Server Denial of Service Vulnerability"",
"Content": "CVE ID : CVE-2025-49080
Published : June 12, 2025, 5:15 p.m. | 1 hour, 9 minutes ago
Description : There is a memory management vulnerability in Absolute
Secure Access server versions 9.0 to 13.54. Attackers with network access to
the server can cause a Denial of Service by sending a specially crafted
sequence of packets to the server. The attack complexity is low, there are no
attack requirements, privileges, or user interaction required. Loss of
availability is high; there is no impact on confidentiality or integrity.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49080 - "Absolute Secure Access Server Denial of Service Vulnerability"",
"Content": "CVE ID : CVE-2025-49080
Published : June 12, 2025, 5:15 p.m. | 1 hour, 9 minutes ago
Description : There is a memory management vulnerability in Absolute
Secure Access server versions 9.0 to 13.54. Attackers with network access to
the server can cause a Denial of Service by sending a specially crafted
sequence of packets to the server. The attack complexity is low, there are no
attack requirements, privileges, or user interaction required. Loss of
availability is high; there is no impact on confidentiality or integrity.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2024-55567 - Insyde H2O UsbCoreDxe SMM Call Out Vulnerability",
"Content": "CVE ID : CVE-2024-55567
Published : June 12, 2025, 5:15 p.m. | 1 hour, 9 minutes ago
Description : Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05.47.01, 5.5 before 05.55.01, 5.6 before 05.62.01, and 5.7 before 05.71.01. The SMM module has an SMM call out vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2024-55567 - Insyde H2O UsbCoreDxe SMM Call Out Vulnerability",
"Content": "CVE ID : CVE-2024-55567
Published : June 12, 2025, 5:15 p.m. | 1 hour, 9 minutes ago
Description : Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05.47.01, 5.5 before 05.55.01, 5.6 before 05.62.01, and 5.7 before 05.71.01. The SMM module has an SMM call out vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2023-45256 - PrestaShop EuroInformation MoneticoPaiement SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2023-45256
Published : June 12, 2025, 5:15 p.m. | 1 hour, 9 minutes ago
Description : Multiple SQL injection vulnerabilities in the EuroInformation MoneticoPaiement module before 1.1.1 for PrestaShop allow remote attackers to execute arbitrary SQL commands via the TPE, societe, MAC, reference, or aliascb parameter to transaction.php, validation.php, or callback.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2023-45256 - PrestaShop EuroInformation MoneticoPaiement SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2023-45256
Published : June 12, 2025, 5:15 p.m. | 1 hour, 9 minutes ago
Description : Multiple SQL injection vulnerabilities in the EuroInformation MoneticoPaiement module before 1.1.1 for PrestaShop allow remote attackers to execute arbitrary SQL commands via the TPE, societe, MAC, reference, or aliascb parameter to transaction.php, validation.php, or callback.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-36573 - Dell Smart Dock Firmware Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-36573
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : Dell Smart Dock Firmware, versions prior to 01.00.08.01, contain an Insertion of Sensitive Information into Log File vulnerability. A user with local access could potentially exploit this vulnerability, leading to Information disclosure.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-36573 - Dell Smart Dock Firmware Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-36573
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : Dell Smart Dock Firmware, versions prior to 01.00.08.01, contain an Insertion of Sensitive Information into Log File vulnerability. A user with local access could potentially exploit this vulnerability, leading to Information disclosure.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-46035 - Tenda AC6 Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-46035
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-46035 - Tenda AC6 Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-46035
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-49467 - JEvents SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-49467
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : A SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla was discovered. The extension is vulnerable to SQL injection via publicly accessible actions to list events by date ranges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-49467 - JEvents SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-49467
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : A SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla was discovered. The extension is vulnerable to SQL injection via publicly accessible actions to list events by date ranges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2024-44905 - Go-Pg SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2024-44905
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : go-pg pg v10.13.0 was discovered to contain a SQL injection vulnerability via the component /types/append_value.go.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2024-44905 - Go-Pg SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2024-44905
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : go-pg pg v10.13.0 was discovered to contain a SQL injection vulnerability via the component /types/append_value.go.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2024-44906 - Uptrace PGDriver SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2024-44906
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : uptrace pgdriver v1.2.1 was discovered to contain a SQL injection vulnerability via the appendArg function in /pgdriver/format.go.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2024-44906 - Uptrace PGDriver SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2024-44906
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : uptrace pgdriver v1.2.1 was discovered to contain a SQL injection vulnerability via the appendArg function in /pgdriver/format.go.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2024-7562 - InstallShield Elevated Privilege Vulnerability",
"Content": "CVE ID : CVE-2024-7562
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : A potential elevated privilege issue has been reported with InstallShield built Standalone MSI setups having multiple InstallScript custom actions configured. All supported versions (InstallShield 2023 R2, InstallShield 2022 R2 and InstallShield 2021 R2) are affected by this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2024-7562 - InstallShield Elevated Privilege Vulnerability",
"Content": "CVE ID : CVE-2024-7562
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : A potential elevated privilege issue has been reported with InstallShield built Standalone MSI setups having multiple InstallScript custom actions configured. All supported versions (InstallShield 2023 R2, InstallShield 2022 R2 and InstallShield 2021 R2) are affected by this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-29744 - PostgreSQL pg-promise SQL Injection",
"Content": "CVE ID : CVE-2025-29744
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : pg-promise before 11.5.5 is vulnerable to SQL Injection due to improper handling of negative numbers.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-29744 - PostgreSQL pg-promise SQL Injection",
"Content": "CVE ID : CVE-2025-29744
Published : June 12, 2025, 4:15 p.m. | 2 hours, 9 minutes ago
Description : pg-promise before 11.5.5 is vulnerable to SQL Injection due to improper handling of negative numbers.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-5484 - SinoTrack Default Password Vulnerability (Weak Authentication)",
"Content": "CVE ID : CVE-2025-5484
Published : June 12, 2025, 8:15 p.m. | 15 minutes ago
Description : A username and password are required to authenticate to the central
SinoTrack device management interface. The username for all devices is
an identifier printed on the receiver. The default password is
well-known and common to all devices. Modification of the default
password is not enforced during device setup. A malicious actor can
retrieve device identifiers with either physical access or by capturing
identifiers from pictures of the devices posted on publicly accessible
websites such as eBay.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-5484 - SinoTrack Default Password Vulnerability (Weak Authentication)",
"Content": "CVE ID : CVE-2025-5484
Published : June 12, 2025, 8:15 p.m. | 15 minutes ago
Description : A username and password are required to authenticate to the central
SinoTrack device management interface. The username for all devices is
an identifier printed on the receiver. The default password is
well-known and common to all devices. Modification of the default
password is not enforced during device setup. A malicious actor can
retrieve device identifiers with either physical access or by capturing
identifiers from pictures of the devices posted on publicly accessible
websites such as eBay.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Jun 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น