{
"Source": "CVE FEED",
"Title": "CVE-2025-41249 - CVE-2025-41249: Spring Framework Annotation Detection Vulnerability",
"Content": "CVE ID : CVE-2025-41249
Published : Sept. 16, 2025, 10:15 a.m. | 39 minutes ago
Description : The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions.
Your application may be affected by this if you are using Spring Security's @EnableMethodSecurity feature.
You are not affected by this if you are not using @EnableMethodSecurity or if you do not use security annotations on methods in generic superclasses or generic interfaces.
This CVE is published in conjunction with CVE-2025-41248 .
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-41249 - CVE-2025-41249: Spring Framework Annotation Detection Vulnerability",
"Content": "CVE ID : CVE-2025-41249
Published : Sept. 16, 2025, 10:15 a.m. | 39 minutes ago
Description : The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions.
Your application may be affected by this if you are using Spring Security's @EnableMethodSecurity feature.
You are not affected by this if you are not using @EnableMethodSecurity or if you do not use security annotations on methods in generic superclasses or generic interfaces.
This CVE is published in conjunction with CVE-2025-41248 .
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-41248 - CVE-2025-41248: Spring Security authorization bypass for method security annotations on parameterized types",
"Content": "CVE ID : CVE-2025-41248
Published : Sept. 16, 2025, 10:10 a.m. | 43 minutes ago
Description : The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue when using @PreAuthorize and other method security annotations, resulting in an authorization bypass.
Your application may be affected by this if you are using Spring Security's @EnableMethodSecurity feature.
You are not affected by this if you are not using @EnableMethodSecurity or if you do not use security annotations on methods in generic superclasses or generic interfaces.
This CVE is published in conjunction with CVE-2025-41249 .
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-41248 - CVE-2025-41248: Spring Security authorization bypass for method security annotations on parameterized types",
"Content": "CVE ID : CVE-2025-41248
Published : Sept. 16, 2025, 10:10 a.m. | 43 minutes ago
Description : The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue when using @PreAuthorize and other method security annotations, resulting in an authorization bypass.
Your application may be affected by this if you are using Spring Security's @EnableMethodSecurity feature.
You are not affected by this if you are not using @EnableMethodSecurity or if you do not use security annotations on methods in generic superclasses or generic interfaces.
This CVE is published in conjunction with CVE-2025-41249 .
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10016 - Local Privilege Escalation in Sparkle Autoupdate Daemon",
"Content": "CVE ID : CVE-2025-10016
Published : Sept. 16, 2025, 10:03 a.m. | 51 minutes ago
Description : The Sparkle framework includes a helper tool Autoupdate. Due to lack of authentication of connecting clients a local unprivileged attacker can request installation of crafted malicious PKG file by racing to connect to the daemon when other app spawns it as root. This results in local privilege escalation to root privileges. It is worth noting that it is possible to spawn Autopudate manually via Installer XPC service. However this requires the victim to enter credentials upon system authorization dialog creation that can be modified by the attacker.
This issue was fixed in version 2.7.2
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10016 - Local Privilege Escalation in Sparkle Autoupdate Daemon",
"Content": "CVE ID : CVE-2025-10016
Published : Sept. 16, 2025, 10:03 a.m. | 51 minutes ago
Description : The Sparkle framework includes a helper tool Autoupdate. Due to lack of authentication of connecting clients a local unprivileged attacker can request installation of crafted malicious PKG file by racing to connect to the daemon when other app spawns it as root. This results in local privilege escalation to root privileges. It is worth noting that it is possible to spawn Autopudate manually via Installer XPC service. However this requires the victim to enter credentials upon system authorization dialog creation that can be modified by the attacker.
This issue was fixed in version 2.7.2
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10015 - TCC Bypass via Downloader XPC Service in Sparkle",
"Content": "CVE ID : CVE-2025-10015
Published : Sept. 16, 2025, 10:03 a.m. | 51 minutes ago
Description : The Sparkle framework includes an XPC service Downloader.xpc, by default this service is private to the application its bundled with. A local unprivileged attacker can register this XPC service globally which will inherit TCC permissions of the application.
Lack of validation of connecting client allows the attacker to copy TCC-protected files to an arbitrary location. Access to other resources beyond granted-permissions requires user interaction with a system prompt asking for permission.
This issue was fixed in version 2.7.2
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10015 - TCC Bypass via Downloader XPC Service in Sparkle",
"Content": "CVE ID : CVE-2025-10015
Published : Sept. 16, 2025, 10:03 a.m. | 51 minutes ago
Description : The Sparkle framework includes an XPC service Downloader.xpc, by default this service is private to the application its bundled with. A local unprivileged attacker can register this XPC service globally which will inherit TCC permissions of the application.
Lack of validation of connecting client allows the attacker to copy TCC-protected files to an arbitrary location. Access to other resources beyond granted-permissions requires user interaction with a system prompt asking for permission.
This issue was fixed in version 2.7.2
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-26711 - ZTE T5400 Web Module Unauthorized Access Vulnerability",
"Content": "CVE ID : CVE-2025-26711
Published : Sept. 16, 2025, 9:35 a.m. | 1 hour, 19 minutes ago
Description : There is an unauthorized access vulnerability in ZTE T5400. Due to improper permission control of the Web module interface, an unauthorized attacker can obtain sensitive information through the interface.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-26711 - ZTE T5400 Web Module Unauthorized Access Vulnerability",
"Content": "CVE ID : CVE-2025-26711
Published : Sept. 16, 2025, 9:35 a.m. | 1 hour, 19 minutes ago
Description : There is an unauthorized access vulnerability in ZTE T5400. Due to improper permission control of the Web module interface, an unauthorized attacker can obtain sensitive information through the interface.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-26710 - ZTE T5400 Access Control Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-26710
Published : Sept. 16, 2025, 9:14 a.m. | 1 hour, 40 minutes ago
Description : There is an an information disclosure vulnerability in ZTE T5400. Due to improper configuration of the access control mechanism, attackers can obtain information through interfaces without authorization, causing the risk of information disclosure.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-26710 - ZTE T5400 Access Control Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-26710
Published : Sept. 16, 2025, 9:14 a.m. | 1 hour, 40 minutes ago
Description : There is an an information disclosure vulnerability in ZTE T5400. Due to improper configuration of the access control mechanism, attackers can obtain information through interfaces without authorization, causing the risk of information disclosure.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10316 - Cross-Site Scripting in extension "Form to Database" (form_to_database)",
"Content": "CVE ID : CVE-2025-10316
Published : Sept. 16, 2025, 9:09 a.m. | 1 hour, 45 minutes ago
Description : The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2.
Severity: 2.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10316 - Cross-Site Scripting in extension "Form to Database" (form_to_database)",
"Content": "CVE ID : CVE-2025-10316
Published : Sept. 16, 2025, 9:09 a.m. | 1 hour, 45 minutes ago
Description : The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2.
Severity: 2.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-4688 - SQLi in BGS Interactive's SINAV.LINK Exam Result Module",
"Content": "CVE ID : CVE-2025-4688
Published : Sept. 16, 2025, 8:38 a.m. | 2 hours, 16 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BGS Interactive SINAV.LINK Exam Result Module allows SQL Injection.This issue affects SINAV.LINK Exam Result Module: before 1.2.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-4688 - SQLi in BGS Interactive's SINAV.LINK Exam Result Module",
"Content": "CVE ID : CVE-2025-4688
Published : Sept. 16, 2025, 8:38 a.m. | 2 hours, 16 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BGS Interactive SINAV.LINK Exam Result Module allows SQL Injection.This issue affects SINAV.LINK Exam Result Module: before 1.2.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10290 - Focus iOS Spoofing Vulnerability",
"Content": "CVE ID : CVE-2025-10290
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : Opening links via the contextual menu in Focus iOS for certain URL schemes would fail to load but would not refresh the toolbar correctly, allowing attackers to spoof websites if users were coerced into opening a link explicitly through a long-press This vulnerability affects Focus for iOS < 143.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10290 - Focus iOS Spoofing Vulnerability",
"Content": "CVE ID : CVE-2025-10290
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : Opening links via the contextual menu in Focus iOS for certain URL schemes would fail to load but would not refresh the toolbar correctly, allowing attackers to spoof websites if users were coerced into opening a link explicitly through a long-press This vulnerability affects Focus for iOS < 143.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10531 - "Firefox Code Execution Vulnerability"",
"Content": "CVE ID : CVE-2025-10531
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10531 - "Firefox Code Execution Vulnerability"",
"Content": "CVE ID : CVE-2025-10531
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10534 - Firefox Cross-Site Scripting (XSS)",
"Content": "CVE ID : CVE-2025-10534
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10534 - Firefox Cross-Site Scripting (XSS)",
"Content": "CVE ID : CVE-2025-10534
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10535 - Firefox Cross-Site Scripting (XSS)",
"Content": "CVE ID : CVE-2025-10535
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10535 - Firefox Cross-Site Scripting (XSS)",
"Content": "CVE ID : CVE-2025-10535
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10537 - Mozilla Firefox/Mozilla Thunderbird Memory Corruption Vulnerability",
"Content": "CVE ID : CVE-2025-10537
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 143 and Firefox ESR < 140.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10537 - Mozilla Firefox/Mozilla Thunderbird Memory Corruption Vulnerability",
"Content": "CVE ID : CVE-2025-10537
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 143 and Firefox ESR < 140.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10530 - "Mozilla Firefox DNS Rebinding Vulnerability"",
"Content": "CVE ID : CVE-2025-10530
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10530 - "Mozilla Firefox DNS Rebinding Vulnerability"",
"Content": "CVE ID : CVE-2025-10530
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10532 - Mozilla Firefox Memory Corruption Vulnerability",
"Content": "CVE ID : CVE-2025-10532
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143 and Firefox ESR < 140.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10532 - Mozilla Firefox Memory Corruption Vulnerability",
"Content": "CVE ID : CVE-2025-10532
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143 and Firefox ESR < 140.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10536 - Firefox Memory Corruption Vulnerability",
"Content": "CVE ID : CVE-2025-10536
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143 and Firefox ESR < 140.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10536 - Firefox Memory Corruption Vulnerability",
"Content": "CVE ID : CVE-2025-10536
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143 and Firefox ESR < 140.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10527 - "Firefox Memory Corruption Vulnerability"",
"Content": "CVE ID : CVE-2025-10527
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143 and Firefox ESR < 140.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10527 - "Firefox Memory Corruption Vulnerability"",
"Content": "CVE ID : CVE-2025-10527
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143 and Firefox ESR < 140.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10528 - Firefox Memory Corruption Vulnerability",
"Content": "CVE ID : CVE-2025-10528
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143 and Firefox ESR < 140.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10528 - Firefox Memory Corruption Vulnerability",
"Content": "CVE ID : CVE-2025-10528
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143 and Firefox ESR < 140.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10529 - "Mozilla Firefox Memory Corruption Vulnerability"",
"Content": "CVE ID : CVE-2025-10529
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143 and Firefox ESR < 140.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10529 - "Mozilla Firefox Memory Corruption Vulnerability"",
"Content": "CVE ID : CVE-2025-10529
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143 and Firefox ESR < 140.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10533 - Mozilla Firefox Use-After-Free Vulnerability",
"Content": "CVE ID : CVE-2025-10533
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143, Firefox ESR < 115.28, and Firefox ESR < 140.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10533 - Mozilla Firefox Use-After-Free Vulnerability",
"Content": "CVE ID : CVE-2025-10533
Published : Sept. 16, 2025, 12:26 p.m. | 28 minutes ago
Description : This vulnerability affects Firefox < 143, Firefox ESR < 115.28, and Firefox ESR < 140.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-55118 - BMC Control-M/Agent memory corruption in SSL/TLS communication",
"Content": "CVE ID : CVE-2025-55118
Published : Sept. 16, 2025, 12:23 p.m. | 31 minutes ago
Description : Memory corruptions can be remotely triggered in the Control-M/Agent when SSL/TLS communication is configured.
The issue occurs in the following cases:
* Control-M/Agent 9.0.20: SSL/TLS configuration is set to the non-default setting "use_openssl=n";
* Control-M/Agent 9.0.21 and 9.0.22: Agent router configuration uses the non-default settings "JAVA_AR=N" and "use_openssl=n".
Severity: 8.9 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-55118 - BMC Control-M/Agent memory corruption in SSL/TLS communication",
"Content": "CVE ID : CVE-2025-55118
Published : Sept. 16, 2025, 12:23 p.m. | 31 minutes ago
Description : Memory corruptions can be remotely triggered in the Control-M/Agent when SSL/TLS communication is configured.
The issue occurs in the following cases:
* Control-M/Agent 9.0.20: SSL/TLS configuration is set to the non-default setting "use_openssl=n";
* Control-M/Agent 9.0.21 and 9.0.22: Agent router configuration uses the non-default settings "JAVA_AR=N" and "use_openssl=n".
Severity: 8.9 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "16 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹