{
"Source": "CVE FEED",
"Title": "CVE-2025-48370 - Supabase Auth URL Path Traversal Vulnerability",
"Content": "CVE ID : CVE-2025-48370
Published : May 27, 2025, 4:15 p.m. | 1 hour, 33 minutes ago
Description : auth-js is an isomorphic Javascript library for Supabase Auth. Prior to version 2.69.1, the library functions getUserById, deleteUser, updateUserById, listFactors and deleteFactor did not require the user supplied values to be valid UUIDs. This could lead to a URL path traversal, resulting in the wrong API function being called. Implementations that follow security best practice and validate user controlled inputs, such as the userId are not affected by this. This issue has been patched in version 2.69.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-48370 - Supabase Auth URL Path Traversal Vulnerability",
"Content": "CVE ID : CVE-2025-48370
Published : May 27, 2025, 4:15 p.m. | 1 hour, 33 minutes ago
Description : auth-js is an isomorphic Javascript library for Supabase Auth. Prior to version 2.69.1, the library functions getUserById, deleteUser, updateUserById, listFactors and deleteFactor did not require the user supplied values to be valid UUIDs. This could lead to a URL path traversal, resulting in the wrong API function being called. Implementations that follow security best practice and validate user controlled inputs, such as the userId are not affected by this. This issue has been patched in version 2.69.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-27700 - "Qualcomm Carrier Restrictions Bypass Local Privilege Escalation"",
"Content": "CVE ID : CVE-2025-27700
Published : May 27, 2025, 4:15 p.m. | 1 hour, 33 minutes ago
Description : There is a possible bypass of carrier restrictions due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-27700 - "Qualcomm Carrier Restrictions Bypass Local Privilege Escalation"",
"Content": "CVE ID : CVE-2025-27700
Published : May 27, 2025, 4:15 p.m. | 1 hour, 33 minutes ago
Description : There is a possible bypass of carrier restrictions due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-27701 - Apache HTTP Server Null Pointer Dereference",
"Content": "CVE ID : CVE-2025-27701
Published : May 27, 2025, 4:15 p.m. | 1 hour, 33 minutes ago
Description : In the function process_crypto_cmd, the values of ptrs[i] can be potentially equal to NULL which is valid value after calling slice_map_array(). Later this values will be derefenced without prior NULL check, which can lead to local Temporary DoS or OOB Read, leading to information disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-27701 - Apache HTTP Server Null Pointer Dereference",
"Content": "CVE ID : CVE-2025-27701
Published : May 27, 2025, 4:15 p.m. | 1 hour, 33 minutes ago
Description : In the function process_crypto_cmd, the values of ptrs[i] can be potentially equal to NULL which is valid value after calling slice_map_array(). Later this values will be derefenced without prior NULL check, which can lead to local Temporary DoS or OOB Read, leading to information disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-56193 - "Bluetooth Adapter Permissions Bypass Vulnerability in [Vendor Name]"",
"Content": "CVE ID : CVE-2024-56193
Published : May 27, 2025, 4:15 p.m. | 1 hour, 33 minutes ago
Description : There is a possible disclosure of Bluetooth adapter details due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-56193 - "Bluetooth Adapter Permissions Bypass Vulnerability in [Vendor Name]"",
"Content": "CVE ID : CVE-2024-56193
Published : May 27, 2025, 4:15 p.m. | 1 hour, 33 minutes ago
Description : There is a possible disclosure of Bluetooth adapter details due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2022-0003 - Apache HTTP Server Cross-Site Request Forgery",
"Content": "CVE ID : CVE-2022-0003
Published : May 27, 2025, 4:15 p.m. | 1 hour, 33 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2022-0003 - Apache HTTP Server Cross-Site Request Forgery",
"Content": "CVE ID : CVE-2022-0003
Published : May 27, 2025, 4:15 p.m. | 1 hour, 33 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2022-21138 - Apache Struts Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2022-21138
Published : May 27, 2025, 4:15 p.m. | 1 hour, 33 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2022-21138 - Apache Struts Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2022-21138
Published : May 27, 2025, 4:15 p.m. | 1 hour, 33 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-2872 - Apache HTTP Server Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-2872
Published : May 27, 2025, 7:15 p.m. | 33 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-47577. Reason: This candidate is a reservation duplicate of CVE-2025-47577. Notes: All CVE users should reference CVE-2025-47577 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-2872 - Apache HTTP Server Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-2872
Published : May 27, 2025, 7:15 p.m. | 33 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-47577. Reason: This candidate is a reservation duplicate of CVE-2025-47577. Notes: All CVE users should reference CVE-2025-47577 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-45529 - SSCMS File Read Vulnerability",
"Content": "CVE ID : CVE-2025-45529
Published : May 27, 2025, 7:15 p.m. | 33 minutes ago
Description : An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-45529 - SSCMS File Read Vulnerability",
"Content": "CVE ID : CVE-2025-45529
Published : May 27, 2025, 7:15 p.m. | 33 minutes ago
Description : An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-13966 - ZKTeco BioTime Default Password Authentication Bypass",
"Content": "CVE ID : CVE-2024-13966
Published : May 27, 2025, 7:15 p.m. | 33 minutes ago
Description : ZKTeco BioTime allows unauthenticated attackers to enumerate usernames and log in as any user with a password unchanged from the default value '123456'. Users should change their passwords (located under the Attendance Settings tab as "Self-Password").
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-13966 - ZKTeco BioTime Default Password Authentication Bypass",
"Content": "CVE ID : CVE-2024-13966
Published : May 27, 2025, 7:15 p.m. | 33 minutes ago
Description : ZKTeco BioTime allows unauthenticated attackers to enumerate usernames and log in as any user with a password unchanged from the default value '123456'. Users should change their passwords (located under the Attendance Settings tab as "Self-Password").
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-45475 - Maccms SSRF Vulnerability in Friend Link Management",
"Content": "CVE ID : CVE-2025-45475
Published : May 27, 2025, 6:15 p.m. | 1 hour, 33 minutes ago
Description : maccms10 v2025.1000.4047 is vulnerable to Server-Side request forgery (SSRF) in Friend Link Management.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-45475 - Maccms SSRF Vulnerability in Friend Link Management",
"Content": "CVE ID : CVE-2025-45475
Published : May 27, 2025, 6:15 p.m. | 1 hour, 33 minutes ago
Description : maccms10 v2025.1000.4047 is vulnerable to Server-Side request forgery (SSRF) in Friend Link Management.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5252 - PHPGurukul News Portal Project SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-5252
Published : May 27, 2025, 6:15 p.m. | 1 hour, 33 minutes ago
Description : A vulnerability was found in PHPGurukul News Portal Project 4.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-subadmin.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5252 - PHPGurukul News Portal Project SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-5252
Published : May 27, 2025, 6:15 p.m. | 1 hour, 33 minutes ago
Description : A vulnerability was found in PHPGurukul News Portal Project 4.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-subadmin.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-49197 - Samsung Exynos Wi-Fi Out-of-Bounds Access Vulnerability",
"Content": "CVE ID : CVE-2024-49197
Published : May 27, 2025, 6:15 p.m. | 1 hour, 33 minutes ago
Description : An issue was discovered in Wi-Fi in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Lack of a boundary check in STOP_KEEP_ALIVE_OFFLOAD leads to out-of-bounds access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-49197 - Samsung Exynos Wi-Fi Out-of-Bounds Access Vulnerability",
"Content": "CVE ID : CVE-2024-49197
Published : May 27, 2025, 6:15 p.m. | 1 hour, 33 minutes ago
Description : An issue was discovered in Wi-Fi in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Lack of a boundary check in STOP_KEEP_ALIVE_OFFLOAD leads to out-of-bounds access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5222 - ICU Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-5222
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5222 - ICU Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-5222
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5278 - "GNU Coreutils Sort Utility Heap Buffer Under-Read Vulnerability"",
"Content": "CVE ID : CVE-2025-5278
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5278 - "GNU Coreutils Sort Utility Heap Buffer Under-Read Vulnerability"",
"Content": "CVE ID : CVE-2025-5278
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5279 - Amazon Redshift Python Connector AzureOAuth2CredentialsProvider SSL Certificate Validation Bypass",
"Content": "CVE ID : CVE-2025-5279
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : When the Amazon Redshift Python Connector is configured with the BrowserAzureOAuth2CredentialsProvider plugin, the driver skips the SSL certificate validation step for the Identity Provider. An insecure connection could allow an actor to intercept the token exchange process and retrieve an access token.
This issue has been addressed in driver version 2.1.7. Users should upgrade to address this issue and ensure any forked or derivative code is patched to incorporate the new fixes.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5279 - Amazon Redshift Python Connector AzureOAuth2CredentialsProvider SSL Certificate Validation Bypass",
"Content": "CVE ID : CVE-2025-5279
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : When the Amazon Redshift Python Connector is configured with the BrowserAzureOAuth2CredentialsProvider plugin, the driver skips the SSL certificate validation step for the Identity Provider. An insecure connection could allow an actor to intercept the token exchange process and retrieve an access token.
This issue has been addressed in driver version 2.1.7. Users should upgrade to address this issue and ensure any forked or derivative code is patched to incorporate the new fixes.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5280 - Google Chrome V8 Out-of-Bounds Heap Corruption Vulnerability",
"Content": "CVE ID : CVE-2025-5280
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5280 - Google Chrome V8 Out-of-Bounds Heap Corruption Vulnerability",
"Content": "CVE ID : CVE-2025-5280
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5281 - Google Chrome BFCache User Information Disclosure",
"Content": "CVE ID : CVE-2025-5281
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : Inappropriate implementation in BFCache in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially obtain user information via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5281 - Google Chrome BFCache User Information Disclosure",
"Content": "CVE ID : CVE-2025-5281
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : Inappropriate implementation in BFCache in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially obtain user information via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5283 - Google Chrome libvpx Use-After-Free Heap Corruption Vulnerability",
"Content": "CVE ID : CVE-2025-5283
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5283 - Google Chrome libvpx Use-After-Free Heap Corruption Vulnerability",
"Content": "CVE ID : CVE-2025-5283
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5063 - Google Chrome Use After Free in Compositing Vulnerability",
"Content": "CVE ID : CVE-2025-5063
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5063 - Google Chrome Use After Free in Compositing Vulnerability",
"Content": "CVE ID : CVE-2025-5063
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5064 - Google Chrome Background Fetch API Cross-Origin Data Leak Vulnerability",
"Content": "CVE ID : CVE-2025-5064
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : Inappropriate implementation in Background Fetch API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5064 - Google Chrome Background Fetch API Cross-Origin Data Leak Vulnerability",
"Content": "CVE ID : CVE-2025-5064
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : Inappropriate implementation in Background Fetch API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5065 - Google Chrome FileSystemAccess API UI Spoofing Vulnerability",
"Content": "CVE ID : CVE-2025-5065
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5065 - Google Chrome FileSystemAccess API UI Spoofing Vulnerability",
"Content": "CVE ID : CVE-2025-5065
Published : May 27, 2025, 9:15 p.m. | 33 minutes ago
Description : Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 May 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹