{
"Source": "CVE FEED",
"Title": "CVE-2025-5324 - TechPowerUp GPU-Z IOCTL Handler Memory Leak Vulnerability",
"Content": "CVE ID : CVE-2025-5324
Published : May 29, 2025, 7:15 p.m. | 1 hour, 27 minutes ago
Description : A vulnerability, which was classified as problematic, was found in TechPowerUp GPU-Z 2.23.0. Affected is the function sub_140001880 in the library GPU-Z.sys of the component 0x8000645C IOCTL Handler. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5324 - TechPowerUp GPU-Z IOCTL Handler Memory Leak Vulnerability",
"Content": "CVE ID : CVE-2025-5324
Published : May 29, 2025, 7:15 p.m. | 1 hour, 27 minutes ago
Description : A vulnerability, which was classified as problematic, was found in TechPowerUp GPU-Z 2.23.0. Affected is the function sub_140001880 in the library GPU-Z.sys of the component 0x8000645C IOCTL Handler. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-46701 - Apache Tomcat GCI Servlet Case Sensitivity Security Constraint Bypass",
"Content": "CVE ID : CVE-2025-46701
Published : May 29, 2025, 7:15 p.m. | 1 hour, 27 minutes ago
Description : Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1 through 10.1.40, from 9.0.0.M1 through 9.0.104.
Users are recommended to upgrade to version 11.0.7, 10.1.41 or 9.0.105, which fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-46701 - Apache Tomcat GCI Servlet Case Sensitivity Security Constraint Bypass",
"Content": "CVE ID : CVE-2025-46701
Published : May 29, 2025, 7:15 p.m. | 1 hour, 27 minutes ago
Description : Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1 through 10.1.40, from 9.0.0.M1 through 9.0.104.
Users are recommended to upgrade to version 11.0.7, 10.1.41 or 9.0.105, which fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-32752 - Dell ThinOS Cleartext Storage of Sensitive Information Vulnerability",
"Content": "CVE ID : CVE-2025-32752
Published : May 29, 2025, 7:15 p.m. | 1 hour, 27 minutes ago
Description : Dell ThinOS 2502 and prior contain a Cleartext Storage of Sensitive Information vulnerability. A high privileged attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-32752 - Dell ThinOS Cleartext Storage of Sensitive Information Vulnerability",
"Content": "CVE ID : CVE-2025-32752
Published : May 29, 2025, 7:15 p.m. | 1 hour, 27 minutes ago
Description : Dell ThinOS 2502 and prior contain a Cleartext Storage of Sensitive Information vulnerability. A high privileged attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-31261 - Apple macOS User Data Access Permissions Vulnerability",
"Content": "CVE ID : CVE-2025-31261
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access protected user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-31261 - Apple macOS User Data Access Permissions Vulnerability",
"Content": "CVE ID : CVE-2025-31261
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access protected user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-31231 - Apple macOS Sequoia Location Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-31231
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to read sensitive location information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-31231 - Apple macOS Sequoia Location Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-31231
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to read sensitive location information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-31263 - Apple macOS Coprocessor Memory Corruption",
"Content": "CVE ID : CVE-2025-31263
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4. An app may be able to corrupt coprocessor memory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-31263 - Apple macOS Coprocessor Memory Corruption",
"Content": "CVE ID : CVE-2025-31263
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4. An app may be able to corrupt coprocessor memory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-31264 - Apple macOS Locked Device State Management Authentication Bypass",
"Content": "CVE ID : CVE-2025-31264
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-31264 - Apple macOS Locked Device State Management Authentication Bypass",
"Content": "CVE ID : CVE-2025-31264
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5307 - Santesoft Sante DICOM Viewer Pro RCE Memory Corruption",
"Content": "CVE ID : CVE-2025-5307
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : Santesoft Sante DICOM Viewer Pro contains a memory corruption vulnerability. A local attacker could exploit this issue to potentially disclose information and to execute arbitrary code on affected installations of Sante DICOM Viewer Pro.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5307 - Santesoft Sante DICOM Viewer Pro RCE Memory Corruption",
"Content": "CVE ID : CVE-2025-5307
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : Santesoft Sante DICOM Viewer Pro contains a memory corruption vulnerability. A local attacker could exploit this issue to potentially disclose information and to execute arbitrary code on affected installations of Sante DICOM Viewer Pro.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5330 - FreeFloat FTP Server RETR Command Handler Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-5330
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component RETR Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5330 - FreeFloat FTP Server RETR Command Handler Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-5330
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component RETR Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5331 - PCMan FTP Server Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-5331
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. This vulnerability affects unknown code of the component NLST Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5331 - PCMan FTP Server Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-5331
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. This vulnerability affects unknown code of the component NLST Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-30466 - "Safari Same Origin Policy Bypass"",
"Content": "CVE ID : CVE-2025-30466
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, visionOS 2.4, macOS Sequoia 15.4. A website may be able to bypass Same Origin Policy.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-30466 - "Safari Same Origin Policy Bypass"",
"Content": "CVE ID : CVE-2025-30466
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, visionOS 2.4, macOS Sequoia 15.4. A website may be able to bypass Same Origin Policy.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-31189 - Apple macOS Sandbox Escalation",
"Content": "CVE ID : CVE-2025-31189
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-31189 - Apple macOS Sandbox Escalation",
"Content": "CVE ID : CVE-2025-31189
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-31198 - Apple macOS Symlink Path Handling Vulnerability",
"Content": "CVE ID : CVE-2025-31198
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A path handling issue was addressed with improved validation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-31198 - Apple macOS Symlink Path Handling Vulnerability",
"Content": "CVE ID : CVE-2025-31198
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A path handling issue was addressed with improved validation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-31199 - "Apple iOS/iPadOS/visualOS/macOS Sequoia Sensitive Data Disclosure"",
"Content": "CVE ID : CVE-2025-31199
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and iPadOS 18.4, visionOS 2.4, macOS Sequoia 15.4. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-31199 - "Apple iOS/iPadOS/visualOS/macOS Sequoia Sensitive Data Disclosure"",
"Content": "CVE ID : CVE-2025-31199
Published : May 29, 2025, 10:15 p.m. | 35 minutes ago
Description : A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and iPadOS 18.4, visionOS 2.4, macOS Sequoia 15.4. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5328 - "Chshcms McCms Remote Path Traversal Vulnerability"",
"Content": "CVE ID : CVE-2025-5328
Published : May 29, 2025, 9:15 p.m. | 1 hour, 35 minutes ago
Description : A vulnerability was found in chshcms mccms 2.7. It has been declared as critical. This vulnerability affects the function restore_del of the file /sys/apps/controllers/admin/Backups.php. The manipulation of the argument dirs leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5328 - "Chshcms McCms Remote Path Traversal Vulnerability"",
"Content": "CVE ID : CVE-2025-5328
Published : May 29, 2025, 9:15 p.m. | 1 hour, 35 minutes ago
Description : A vulnerability was found in chshcms mccms 2.7. It has been declared as critical. This vulnerability affects the function restore_del of the file /sys/apps/controllers/admin/Backups.php. The manipulation of the argument dirs leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5327 - "Chshcms MCCMS Gf.php Server-Side Request Forgery Vulnerability"",
"Content": "CVE ID : CVE-2025-5327
Published : May 29, 2025, 9:15 p.m. | 1 hour, 35 minutes ago
Description : A vulnerability was found in chshcms mccms 2.7. It has been classified as critical. This affects the function index of the file sys/apps/controllers/api/Gf.php. The manipulation of the argument pic leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5327 - "Chshcms MCCMS Gf.php Server-Side Request Forgery Vulnerability"",
"Content": "CVE ID : CVE-2025-5327
Published : May 29, 2025, 9:15 p.m. | 1 hour, 35 minutes ago
Description : A vulnerability was found in chshcms mccms 2.7. It has been classified as critical. This affects the function index of the file sys/apps/controllers/api/Gf.php. The manipulation of the argument pic leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-46352 - "CS5000 Fire Panel Hard-Coded Password Remote Command Injection Vulnerability"",
"Content": "CVE ID : CVE-2025-46352
Published : May 30, 2025, 12:15 a.m. | 37 minutes ago
Description : The CS5000 Fire Panel is vulnerable due to a hard-coded password that
runs on a VNC server and is visible as a string in the binary
responsible for running VNC. This password cannot be altered, allowing
anyone with knowledge of it to gain remote access to the panel. Such
access could enable an attacker to operate the panel remotely,
potentially putting the fire panel into a non-functional state and
causing serious safety issues.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-46352 - "CS5000 Fire Panel Hard-Coded Password Remote Command Injection Vulnerability"",
"Content": "CVE ID : CVE-2025-46352
Published : May 30, 2025, 12:15 a.m. | 37 minutes ago
Description : The CS5000 Fire Panel is vulnerable due to a hard-coded password that
runs on a VNC server and is visible as a string in the binary
responsible for running VNC. This password cannot be altered, allowing
anyone with knowledge of it to gain remote access to the panel. Such
access could enable an attacker to operate the panel remotely,
potentially putting the fire panel into a non-functional state and
causing serious safety issues.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-41438 - "CS5000 Fire Panel Default Account Privilege Escalation"",
"Content": "CVE ID : CVE-2025-41438
Published : May 30, 2025, 12:15 a.m. | 37 minutes ago
Description : The CS5000 Fire Panel is vulnerable due to a default account that exists
on the panel. Even though it is possible to change this by SSHing into
the device, it has remained unchanged on every installed system
observed. This account is not root but holds high-level permissions that
could severely impact the device's operation if exploited.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-41438 - "CS5000 Fire Panel Default Account Privilege Escalation"",
"Content": "CVE ID : CVE-2025-41438
Published : May 30, 2025, 12:15 a.m. | 37 minutes ago
Description : The CS5000 Fire Panel is vulnerable due to a default account that exists
on the panel. Even though it is possible to change this by SSHing into
the device, it has remained unchanged on every installed system
observed. This account is not root but holds high-level permissions that
could severely impact the device's operation if exploited.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-1907 - Instantel Micromate Unauthenticated Command Execution",
"Content": "CVE ID : CVE-2025-1907
Published : May 30, 2025, 12:15 a.m. | 37 minutes ago
Description : Instantel Micromate lacks authentication on a configuration port which could allow an attacker to execute commands if connected.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-1907 - Instantel Micromate Unauthenticated Command Execution",
"Content": "CVE ID : CVE-2025-1907
Published : May 30, 2025, 12:15 a.m. | 37 minutes ago
Description : Instantel Micromate lacks authentication on a configuration port which could allow an attacker to execute commands if connected.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5332 - "1000 Projects Online Notice Board SQL Injection Vulnerability"",
"Content": "CVE ID : CVE-2025-5332
Published : May 29, 2025, 11:15 p.m. | 1 hour, 37 minutes ago
Description : A vulnerability was found in 1000 Projects Online Notice Board 1.0 and classified as critical. This issue affects some unknown processing of the file /index.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5332 - "1000 Projects Online Notice Board SQL Injection Vulnerability"",
"Content": "CVE ID : CVE-2025-5332
Published : May 29, 2025, 11:15 p.m. | 1 hour, 37 minutes ago
Description : A vulnerability was found in 1000 Projects Online Notice Board 1.0 and classified as critical. This issue affects some unknown processing of the file /index.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-12224 - Servo rust-url IDNA Punycode Equivalence Validation Vulnerability",
"Content": "CVE ID : CVE-2024-12224
Published : May 30, 2025, 2:15 a.m. | 39 minutes ago
Description : Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-12224 - Servo rust-url IDNA Punycode Equivalence Validation Vulnerability",
"Content": "CVE ID : CVE-2024-12224
Published : May 30, 2025, 2:15 a.m. | 39 minutes ago
Description : Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "30 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹