{
"Source": "CVE FEED",
"Title": "CVE-2025-54569 - Malwarebytes Binisoft Windows Firewall Control Privilege Escalation",
"Content": "CVE ID : CVE-2025-54569
Published : July 28, 2025, 1:15 p.m. | 1 hour, 21 minutes ago
Description : In Malwarebytes Binisoft Windows Firewall Control before 6.16.0.0, the installer is vulnerable to local privilege escalation.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-54569 - Malwarebytes Binisoft Windows Firewall Control Privilege Escalation",
"Content": "CVE ID : CVE-2025-54569
Published : July 28, 2025, 1:15 p.m. | 1 hour, 21 minutes ago
Description : In Malwarebytes Binisoft Windows Firewall Control before 6.16.0.0, the installer is vulnerable to local privilege escalation.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-8275 - Peru Cocktails App Android Improper Component Export Vulnerability",
"Content": "CVE ID : CVE-2025-8275
Published : July 28, 2025, 1:15 p.m. | 1 hour, 21 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in bsc Peru Cocktails App 1.0.0 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component bsc.devy.peru_cocktails. The manipulation leads to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-8275 - Peru Cocktails App Android Improper Component Export Vulnerability",
"Content": "CVE ID : CVE-2025-8275
Published : July 28, 2025, 1:15 p.m. | 1 hour, 21 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in bsc Peru Cocktails App 1.0.0 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component bsc.devy.peru_cocktails. The manipulation leads to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-49342 - IBM Informix Dynamic Server Authentication Bypass",
"Content": "CVE ID : CVE-2024-49342
Published : July 28, 2025, 4:15 p.m. | 22 minutes ago
Description : IBM Informix Dynamic Server 12.10 and 14.10 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-49342 - IBM Informix Dynamic Server Authentication Bypass",
"Content": "CVE ID : CVE-2024-49342
Published : July 28, 2025, 4:15 p.m. | 22 minutes ago
Description : IBM Informix Dynamic Server 12.10 and 14.10 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-2297 - Apache Struts Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2025-2297
Published : July 28, 2025, 4:15 p.m. | 22 minutes ago
Description : Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to administrator.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-2297 - Apache Struts Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2025-2297
Published : July 28, 2025, 4:15 p.m. | 22 minutes ago
Description : Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to administrator.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-49343 - IBM Informix Dynamic Server HTML Injection Vulnerability",
"Content": "CVE ID : CVE-2024-49343
Published : July 28, 2025, 4:15 p.m. | 22 minutes ago
Description : IBM Informix Dynamic Server 12.10 and 14.10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-49343 - IBM Informix Dynamic Server HTML Injection Vulnerability",
"Content": "CVE ID : CVE-2024-49343
Published : July 28, 2025, 4:15 p.m. | 22 minutes ago
Description : IBM Informix Dynamic Server 12.10 and 14.10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6250 - Symantec Defendpoint Service Bypass",
"Content": "CVE ID : CVE-2025-6250
Published : July 28, 2025, 4:15 p.m. | 22 minutes ago
Description : Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6250 - Symantec Defendpoint Service Bypass",
"Content": "CVE ID : CVE-2025-6250
Published : July 28, 2025, 4:15 p.m. | 22 minutes ago
Description : Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-30125 - Marbella KR8s Dashcam Weak Password Authentication Vulnerability",
"Content": "CVE ID : CVE-2025-30125
Published : July 28, 2025, 3:15 p.m. | 1 hour, 22 minutes ago
Description : An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. All dashcams were shipped with the same default credentials of 12345678, which creates an insecure-by-default condition. For users who change their passwords, it's limited to 8 characters. These short passwords can be cracked in 8 hours via low-end commercial cloud resources.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-30125 - Marbella KR8s Dashcam Weak Password Authentication Vulnerability",
"Content": "CVE ID : CVE-2025-30125
Published : July 28, 2025, 3:15 p.m. | 1 hour, 22 minutes ago
Description : An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. All dashcams were shipped with the same default credentials of 12345678, which creates an insecure-by-default condition. For users who change their passwords, it's limited to 8 characters. These short passwords can be cracked in 8 hours via low-end commercial cloud resources.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-53696 - iSTAR Ultra Firmware Verification Bypass Vulnerability",
"Content": "CVE ID : CVE-2025-53696
Published : July 28, 2025, 3:15 p.m. | 1 hour, 22 minutes ago
Description : iSTAR Ultra performs a firmware verification on boot, however the verification does not inspect certain portions of the firmware. These firmware parts may contain malicious code. Tested up to firmware 6.9.2, later firmwares are also possibly affected.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-53696 - iSTAR Ultra Firmware Verification Bypass Vulnerability",
"Content": "CVE ID : CVE-2025-53696
Published : July 28, 2025, 3:15 p.m. | 1 hour, 22 minutes ago
Description : iSTAR Ultra performs a firmware verification on boot, however the verification does not inspect certain portions of the firmware. These firmware parts may contain malicious code. Tested up to firmware 6.9.2, later firmwares are also possibly affected.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-54418 - CodeIgniter ImageMagick Command Injection Vulnerability",
"Content": "CVE ID : CVE-2025-54418
Published : July 28, 2025, 3:15 p.m. | 1 hour, 22 minutes ago
Description : CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing (`imagick` as the image library) and either allow file uploads with user-controlled filenames and process uploaded images using the `resize()` method or use the `text()` method with user-controlled text content or options. An attacker can upload a file with a malicious filename containing shell metacharacters that get executed when the image is processed or provide malicious text content or options that get executed when adding text to images Users should upgrade to v4.6.2 or later to receive a patch. As a workaround, switch to the GD image handler (`gd`, the default handler), which is not affected by either vulnerability. For file upload scenarios, instead of using user-provided filenames, generate random names to eliminate the attack vector with `getRandomName()` when using the `move()` method, or use the `store()` method, which automatically generates safe filenames. For text operations, if one must use ImageMagick with user-controlled text, sanitize the input to only allow safe characters and validate/restrict text options.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-54418 - CodeIgniter ImageMagick Command Injection Vulnerability",
"Content": "CVE ID : CVE-2025-54418
Published : July 28, 2025, 3:15 p.m. | 1 hour, 22 minutes ago
Description : CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing (`imagick` as the image library) and either allow file uploads with user-controlled filenames and process uploaded images using the `resize()` method or use the `text()` method with user-controlled text content or options. An attacker can upload a file with a malicious filename containing shell metacharacters that get executed when the image is processed or provide malicious text content or options that get executed when adding text to images Users should upgrade to v4.6.2 or later to receive a patch. As a workaround, switch to the GD image handler (`gd`, the default handler), which is not affected by either vulnerability. For file upload scenarios, instead of using user-provided filenames, generate random names to eliminate the attack vector with `getRandomName()` when using the `move()` method, or use the `store()` method, which automatically generates safe filenames. For text operations, if one must use ImageMagick with user-controlled text, sanitize the input to only allow safe characters and validate/restrict text options.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-54299 - Joomla No Boss Testimonials Stored XSS Vulnerability",
"Content": "CVE ID : CVE-2025-54299
Published : July 28, 2025, 6:15 p.m. | 26 minutes ago
Description : A stored XSS vulnerability in No Boss Testimonials component 1.0.0-3.0.0 and 4.0.0-4.0.2 for Joomla was discovered.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-54299 - Joomla No Boss Testimonials Stored XSS Vulnerability",
"Content": "CVE ID : CVE-2025-54299
Published : July 28, 2025, 6:15 p.m. | 26 minutes ago
Description : A stored XSS vulnerability in No Boss Testimonials component 1.0.0-3.0.0 and 4.0.0-4.0.2 for Joomla was discovered.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-54298 - Joomla CommentBox Stored Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-54298
Published : July 28, 2025, 6:15 p.m. | 26 minutes ago
Description : A stored XSS vulnerability in CommentBox component 1.0.0-1.1.0 for Joomla was discovered.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-54298 - Joomla CommentBox Stored Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-54298
Published : July 28, 2025, 6:15 p.m. | 26 minutes ago
Description : A stored XSS vulnerability in CommentBox component 1.0.0-1.1.0 for Joomla was discovered.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-50491 - PHPGurukul Bank Locker Management System Session Hijacking Vulnerability",
"Content": "CVE ID : CVE-2025-50491
Published : July 28, 2025, 6:15 p.m. | 26 minutes ago
Description : Improper session invalidation in the component /banker/change-password.php of PHPGurukul Bank Locker Management System v1 allows attackers to execute a session hijacking attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-50491 - PHPGurukul Bank Locker Management System Session Hijacking Vulnerability",
"Content": "CVE ID : CVE-2025-50491
Published : July 28, 2025, 6:15 p.m. | 26 minutes ago
Description : Improper session invalidation in the component /banker/change-password.php of PHPGurukul Bank Locker Management System v1 allows attackers to execute a session hijacking attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-50492 - PHPGurukul e-Diary Management System Session Hijacking Vulnerability",
"Content": "CVE ID : CVE-2025-50492
Published : July 28, 2025, 6:15 p.m. | 26 minutes ago
Description : Improper session invalidation in the component /edms/change-password.php of PHPGurukul e-Diary Management System v1 allows attackers to execute a session hijacking attack.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-50492 - PHPGurukul e-Diary Management System Session Hijacking Vulnerability",
"Content": "CVE ID : CVE-2025-50492
Published : July 28, 2025, 6:15 p.m. | 26 minutes ago
Description : Improper session invalidation in the component /edms/change-password.php of PHPGurukul e-Diary Management System v1 allows attackers to execute a session hijacking attack.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-43023 - HP Linux Imaging and Printing Software DSA Code Signing Key Weakness",
"Content": "CVE ID : CVE-2025-43023
Published : July 28, 2025, 6:15 p.m. | 26 minutes ago
Description : A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm (DSA).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-43023 - HP Linux Imaging and Printing Software DSA Code Signing Key Weakness",
"Content": "CVE ID : CVE-2025-43023
Published : July 28, 2025, 6:15 p.m. | 26 minutes ago
Description : A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm (DSA).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-50488 - PHPGurukul Online Library Management System Session Hijacking Vuln",
"Content": "CVE ID : CVE-2025-50488
Published : July 28, 2025, 6:15 p.m. | 26 minutes ago
Description : Improper session invalidation in the component /library/change-password.php of PHPGurukul Online Library Management System v3.0 allows attackers to execute a session hijacking attack.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-50488 - PHPGurukul Online Library Management System Session Hijacking Vuln",
"Content": "CVE ID : CVE-2025-50488
Published : July 28, 2025, 6:15 p.m. | 26 minutes ago
Description : Improper session invalidation in the component /library/change-password.php of PHPGurukul Online Library Management System v3.0 allows attackers to execute a session hijacking attack.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-50489 - PHPGurukul Student Result Management System Session Hijacking Vulnerability",
"Content": "CVE ID : CVE-2025-50489
Published : July 28, 2025, 6:15 p.m. | 26 minutes ago
Description : Improper session invalidation in the component /srms/change-password.php of PHPGurukul Student Result Management System v2.0 allows attackers to execute a session hijacking attack.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-50489 - PHPGurukul Student Result Management System Session Hijacking Vulnerability",
"Content": "CVE ID : CVE-2025-50489
Published : July 28, 2025, 6:15 p.m. | 26 minutes ago
Description : Improper session invalidation in the component /srms/change-password.php of PHPGurukul Student Result Management System v2.0 allows attackers to execute a session hijacking attack.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-54538 - JetBrains TeamCity Password Exposure Vulnerability",
"Content": "CVE ID : CVE-2025-54538
Published : July 28, 2025, 5:15 p.m. | 1 hour, 26 minutes ago
Description : In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg pull" command
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-54538 - JetBrains TeamCity Password Exposure Vulnerability",
"Content": "CVE ID : CVE-2025-54538
Published : July 28, 2025, 5:15 p.m. | 1 hour, 26 minutes ago
Description : In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg pull" command
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-7676 - Microsoft Windows DLL Hijacking Vulnerability",
"Content": "CVE ID : CVE-2025-7676
Published : July 28, 2025, 5:15 p.m. | 1 hour, 26 minutes ago
Description : DLL hijacking of all PE32 executables when run on Windows for ARM64 CPU architecture. This allows an attacker to execute code, if the attacker can plant a DLL in the same directory as the executable. Vulnerable versions of Windows 11 for ARM attempt to load Base DLLs that would ordinarily not be loaded from the application directory. Fixed in release 24H2, but present in all earlier versions of Windows 11 for ARM CPUs.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-7676 - Microsoft Windows DLL Hijacking Vulnerability",
"Content": "CVE ID : CVE-2025-7676
Published : July 28, 2025, 5:15 p.m. | 1 hour, 26 minutes ago
Description : DLL hijacking of all PE32 executables when run on Windows for ARM64 CPU architecture. This allows an attacker to execute code, if the attacker can plant a DLL in the same directory as the executable. Vulnerable versions of Windows 11 for ARM attempt to load Base DLLs that would ordinarily not be loaded from the application directory. Fixed in release 24H2, but present in all earlier versions of Windows 11 for ARM CPUs.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-54535 - JetBrains TeamCity Weak Password Token Hashing",
"Content": "CVE ID : CVE-2025-54535
Published : July 28, 2025, 5:15 p.m. | 1 hour, 26 minutes ago
Description : In JetBrains TeamCity before 2025.07 password reset and email verification tokens were using weak hashing algorithms
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-54535 - JetBrains TeamCity Weak Password Token Hashing",
"Content": "CVE ID : CVE-2025-54535
Published : July 28, 2025, 5:15 p.m. | 1 hour, 26 minutes ago
Description : In JetBrains TeamCity before 2025.07 password reset and email verification tokens were using weak hashing algorithms
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-54536 - JetBrains TeamCity GraphQL CSRF Vulnerability",
"Content": "CVE ID : CVE-2025-54536
Published : July 28, 2025, 5:15 p.m. | 1 hour, 26 minutes ago
Description : In JetBrains TeamCity before 2025.07 a CSRF was possible on GraphQL endpoint
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-54536 - JetBrains TeamCity GraphQL CSRF Vulnerability",
"Content": "CVE ID : CVE-2025-54536
Published : July 28, 2025, 5:15 p.m. | 1 hour, 26 minutes ago
Description : In JetBrains TeamCity before 2025.07 a CSRF was possible on GraphQL endpoint
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-54537 - JetBrains TeamCity Plain Text User Credentials Memory Snapshot Vulnerability",
"Content": "CVE ID : CVE-2025-54537
Published : July 28, 2025, 5:15 p.m. | 1 hour, 26 minutes ago
Description : In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-54537 - JetBrains TeamCity Plain Text User Credentials Memory Snapshot Vulnerability",
"Content": "CVE ID : CVE-2025-54537
Published : July 28, 2025, 5:15 p.m. | 1 hour, 26 minutes ago
Description : In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "28 Jul 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹