{
"Source": "CVE FEED",
"Title": "CVE-2025-22430 - Apache Access Control Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-22430
Published : Sept. 2, 2025, 11:15 p.m. | 57 minutes ago
Description : In isInSignificantPlace of multiple files, there is a possible way to access sensitive information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-22430 - Apache Access Control Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-22430
Published : Sept. 2, 2025, 11:15 p.m. | 57 minutes ago
Description : In isInSignificantPlace of multiple files, there is a possible way to access sensitive information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-22416 - Android ChooserActivity Local Privilege Escalation",
"Content": "CVE ID : CVE-2025-22416
Published : Sept. 2, 2025, 11:15 p.m. | 57 minutes ago
Description : In onCreate of ChooserActivity.java , there is a possible way to view other users' images due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-22416 - Android ChooserActivity Local Privilege Escalation",
"Content": "CVE ID : CVE-2025-22416
Published : Sept. 2, 2025, 11:15 p.m. | 57 minutes ago
Description : In onCreate of ChooserActivity.java , there is a possible way to view other users' images due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-22418 - Apache Intent Redirect Privilege Escalation",
"Content": "CVE ID : CVE-2025-22418
Published : Sept. 2, 2025, 11:15 p.m. | 57 minutes ago
Description : In multiple locations, there is a possible confused deputy due to Intent Redirect. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-22418 - Apache Intent Redirect Privilege Escalation",
"Content": "CVE ID : CVE-2025-22418
Published : Sept. 2, 2025, 11:15 p.m. | 57 minutes ago
Description : In multiple locations, there is a possible confused deputy due to Intent Redirect. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-22417 - Android Transition tapjacking/overlay vulnerability",
"Content": "CVE ID : CVE-2025-22417
Published : Sept. 2, 2025, 11:15 p.m. | 57 minutes ago
Description : In finishTransition of Transition.java, there is a possible way to bypass touch filtering restrictions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-22417 - Android Transition tapjacking/overlay vulnerability",
"Content": "CVE ID : CVE-2025-22417
Published : Sept. 2, 2025, 11:15 p.m. | 57 minutes ago
Description : In finishTransition of Transition.java, there is a possible way to bypass touch filtering restrictions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-22419 - Google Android Tapjacking Overlay Vulnerability",
"Content": "CVE ID : CVE-2025-22419
Published : Sept. 2, 2025, 11:15 p.m. | 57 minutes ago
Description : In multiple locations, there is a possible way to mislead the user into enabling malicious phone calls forwarding due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-22419 - Google Android Tapjacking Overlay Vulnerability",
"Content": "CVE ID : CVE-2025-22419
Published : Sept. 2, 2025, 11:15 p.m. | 57 minutes ago
Description : In multiple locations, there is a possible way to mislead the user into enabling malicious phone calls forwarding due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-22421 - Google NotificationContentDescription Lockscreen Information Disclosure",
"Content": "CVE ID : CVE-2025-22421
Published : Sept. 2, 2025, 11:15 p.m. | 57 minutes ago
Description : In contentDescForNotification of NotificationContentDescription.kt, there is a possible notification content leak through the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-22421 - Google NotificationContentDescription Lockscreen Information Disclosure",
"Content": "CVE ID : CVE-2025-22421
Published : Sept. 2, 2025, 11:15 p.m. | 57 minutes ago
Description : In contentDescForNotification of NotificationContentDescription.kt, there is a possible notification content leak through the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9841 - Code-projects Mobile Shop Management System File Upload Vulnerability",
"Content": "CVE ID : CVE-2025-9841
Published : Sept. 3, 2025, 12:15 a.m. | 2 hours, 5 minutes ago
Description : A security vulnerability has been detected in code-projects Mobile Shop Management System 1.0. This affects an unknown function of the file AddNewProduct.php. The manipulation of the argument ProductImage leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9841 - Code-projects Mobile Shop Management System File Upload Vulnerability",
"Content": "CVE ID : CVE-2025-9841
Published : Sept. 3, 2025, 12:15 a.m. | 2 hours, 5 minutes ago
Description : A security vulnerability has been detected in code-projects Mobile Shop Management System 1.0. This affects an unknown function of the file AddNewProduct.php. The manipulation of the argument ProductImage leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-54588 - Envoy DNS Cache Use-After-Free Vulnerability",
"Content": "CVE ID : CVE-2025-54588
Published : Sept. 3, 2025, 12:15 a.m. | 2 hours, 5 minutes ago
Description : Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free (UAF) vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic Forward Proxy implementation, occurring when a completion callback for a DNS resolution triggers new DNS resolutions or removes existing pending resolutions. This condition may occur when the following conditions are met: dynamic Forwarding Filter is enabled, the `envoy.reloadable_features.dfp_cluster_resolves_hosts` runtime flag is enabled, and the Host header is modified between the Dynamic Forwarding Filter and Router filters. This issue is resolved in versions 1.34.5 and 1.35.1. To work around this issue, set the envoy.reloadable_features.dfp_cluster_resolves_hosts runtime flag to false.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-54588 - Envoy DNS Cache Use-After-Free Vulnerability",
"Content": "CVE ID : CVE-2025-54588
Published : Sept. 3, 2025, 12:15 a.m. | 2 hours, 5 minutes ago
Description : Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free (UAF) vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic Forward Proxy implementation, occurring when a completion callback for a DNS resolution triggers new DNS resolutions or removes existing pending resolutions. This condition may occur when the following conditions are met: dynamic Forwarding Filter is enabled, the `envoy.reloadable_features.dfp_cluster_resolves_hosts` runtime flag is enabled, and the Host header is modified between the Dynamic Forwarding Filter and Router filters. This issue is resolved in versions 1.34.5 and 1.35.1. To work around this issue, set the envoy.reloadable_features.dfp_cluster_resolves_hosts runtime flag to false.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9260 - Fluent Forms PHP Object Injection and Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-9260
Published : Sept. 3, 2025, 12:15 a.m. | 2 hours, 5 minutes ago
Description : The Fluent Forms โ Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to PHP Object Injection in versions 5.1.16 to 6.1.1 via deserialization of untrusted input in the parseUserProperties function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. The additional presence of a POP chain allows attackers to read arbitrary files. If allow_url_include is enabled on the server, remote code execution is possible.
While the vendor patched this issue in version 6.1.0, the patch caused a fatal error in the vulnerable code, due to a missing class import, so we consider 6.1.2 to be the most complete and best patched version
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9260 - Fluent Forms PHP Object Injection and Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-9260
Published : Sept. 3, 2025, 12:15 a.m. | 2 hours, 5 minutes ago
Description : The Fluent Forms โ Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to PHP Object Injection in versions 5.1.16 to 6.1.1 via deserialization of untrusted input in the parseUserProperties function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. The additional presence of a POP chain allows attackers to read arbitrary files. If allow_url_include is enabled on the server, remote code execution is possible.
While the vendor patched this issue in version 6.1.0, the patch caused a fatal error in the vulnerable code, due to a missing class import, so we consider 6.1.2 to be the most complete and best patched version
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9842 - Das Parking Management System File Inclusion Information Disclosure",
"Content": "CVE ID : CVE-2025-9842
Published : Sept. 3, 2025, 12:15 a.m. | 2 hours, 5 minutes ago
Description : A vulnerability was detected in Das Parking Management System ๅ่ฝฆๅบ็ฎก็็ณป็ป 6.2.0. This impacts an unknown function of the file /Operator/Search. The manipulation results in information disclosure. The attack may be performed from remote. The exploit is now public and may be used.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9842 - Das Parking Management System File Inclusion Information Disclosure",
"Content": "CVE ID : CVE-2025-9842
Published : Sept. 3, 2025, 12:15 a.m. | 2 hours, 5 minutes ago
Description : A vulnerability was detected in Das Parking Management System ๅ่ฝฆๅบ็ฎก็็ณป็ป 6.2.0. This impacts an unknown function of the file /Operator/Search. The manipulation results in information disclosure. The attack may be performed from remote. The exploit is now public and may be used.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58351 - "Outline File Storage Local File Inclusion Vulnerability"",
"Content": "CVE ID : CVE-2025-58351
Published : Sept. 3, 2025, 4:16 a.m. | 14 minutes ago
Description : Outline is a service that allows for collaborative documentation. In versions 0.72.0 through 0.83.0, Outline introduced a feature which facilitates local file system storage capabilities as an optional file storage strategy. This feature allowed a CSP bypass as well as a ContentType bypass that might facilitate further attacks. In the case of self-hosting and using Outline FILE_STORAGE=local on the same domain as the Outline application, a malicious payload can be uploaded as a file attachment and bypass those CSP restrictions, allowing script execution within the context of another user. This is fixed in version 0.84.0.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58351 - "Outline File Storage Local File Inclusion Vulnerability"",
"Content": "CVE ID : CVE-2025-58351
Published : Sept. 3, 2025, 4:16 a.m. | 14 minutes ago
Description : Outline is a service that allows for collaborative documentation. In versions 0.72.0 through 0.83.0, Outline introduced a feature which facilitates local file system storage capabilities as an optional file storage strategy. This feature allowed a CSP bypass as well as a ContentType bypass that might facilitate further attacks. In the case of self-hosting and using Outline FILE_STORAGE=local on the same domain as the Outline application, a malicious payload can be uploaded as a file attachment and bypass those CSP restrictions, allowing script execution within the context of another user. This is fixed in version 0.84.0.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58176 - Dive Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-58176
Published : Sept. 3, 2025, 4:16 a.m. | 14 minutes ago
Description : Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. In versions 0.9.0 through 0.9.3, there is a one-click Remote Code Execution vulnerability triggered through a custom url value, `transport` in the JSON object. An attacker can exploit the vulnerability in the following two scenarios: a victim visits a malicious website controlled by the attacker and the website redirect to the URL automatically, or a victim clicks on such a crafted link embedded on a legitimate website (e.g., in user-generated content). In both cases, the browser invokes Dive's custom URL handler (dive:), which launches the Dive app and processes the crafted URL, leading to arbitrary code execution on the victimโs machine. This vulnerability is caused by improper processing of custom url. This is fixed in version 0.9.4.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58176 - Dive Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-58176
Published : Sept. 3, 2025, 4:16 a.m. | 14 minutes ago
Description : Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. In versions 0.9.0 through 0.9.3, there is a one-click Remote Code Execution vulnerability triggered through a custom url value, `transport` in the JSON object. An attacker can exploit the vulnerability in the following two scenarios: a victim visits a malicious website controlled by the attacker and the website redirect to the URL automatically, or a victim clicks on such a crafted link embedded on a legitimate website (e.g., in user-generated content). In both cases, the browser invokes Dive's custom URL handler (dive:), which launches the Dive app and processes the crafted URL, leading to arbitrary code execution on the victimโs machine. This vulnerability is caused by improper processing of custom url. This is fixed in version 0.9.4.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58164 - Apache HTTP Server Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-58164
Published : Sept. 3, 2025, 3:15 a.m. | 1 hour, 15 minutes ago
Description : Rejected reason: This CVE is a duplicate of another CVE, CVE-2025-58163.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58164 - Apache HTTP Server Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-58164
Published : Sept. 3, 2025, 3:15 a.m. | 1 hour, 15 minutes ago
Description : Rejected reason: This CVE is a duplicate of another CVE, CVE-2025-58163.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58165 - Apache HTTP Server Remote Code Execution",
"Content": "CVE ID : CVE-2025-58165
Published : Sept. 3, 2025, 3:15 a.m. | 1 hour, 15 minutes ago
Description : Rejected reason: This CVE is a duplicate of another CVE, CVE-2025-58163.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58165 - Apache HTTP Server Remote Code Execution",
"Content": "CVE ID : CVE-2025-58165
Published : Sept. 3, 2025, 3:15 a.m. | 1 hour, 15 minutes ago
Description : Rejected reason: This CVE is a duplicate of another CVE, CVE-2025-58163.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58166 - Apache Struts Remote Code Execution",
"Content": "CVE ID : CVE-2025-58166
Published : Sept. 3, 2025, 3:15 a.m. | 1 hour, 15 minutes ago
Description : Rejected reason: This CVE is a duplicate of another CVE.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58166 - Apache Struts Remote Code Execution",
"Content": "CVE ID : CVE-2025-58166
Published : Sept. 3, 2025, 3:15 a.m. | 1 hour, 15 minutes ago
Description : Rejected reason: This CVE is a duplicate of another CVE.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58167 - Apache Struts Command Injection",
"Content": "CVE ID : CVE-2025-58167
Published : Sept. 3, 2025, 3:15 a.m. | 1 hour, 15 minutes ago
Description : Rejected reason: This CVE is a duplicate of another CVE.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58167 - Apache Struts Command Injection",
"Content": "CVE ID : CVE-2025-58167
Published : Sept. 3, 2025, 3:15 a.m. | 1 hour, 15 minutes ago
Description : Rejected reason: This CVE is a duplicate of another CVE.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58168 - Apache Struts Remote Code Execution",
"Content": "CVE ID : CVE-2025-58168
Published : Sept. 3, 2025, 3:15 a.m. | 1 hour, 15 minutes ago
Description : Rejected reason: This CVE is a duplicate of another CVE.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58168 - Apache Struts Remote Code Execution",
"Content": "CVE ID : CVE-2025-58168
Published : Sept. 3, 2025, 3:15 a.m. | 1 hour, 15 minutes ago
Description : Rejected reason: This CVE is a duplicate of another CVE.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58169 - Apache Struts SSRF",
"Content": "CVE ID : CVE-2025-58169
Published : Sept. 3, 2025, 3:15 a.m. | 1 hour, 15 minutes ago
Description : Rejected reason: This CVE is a duplicate of another CVE.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58169 - Apache Struts SSRF",
"Content": "CVE ID : CVE-2025-58169
Published : Sept. 3, 2025, 3:15 a.m. | 1 hour, 15 minutes ago
Description : Rejected reason: This CVE is a duplicate of another CVE.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58170 - Apache HTTP Server Remote Code Execution",
"Content": "CVE ID : CVE-2025-58170
Published : Sept. 3, 2025, 3:15 a.m. | 1 hour, 15 minutes ago
Description : Rejected reason: This CVE is a duplicate of another CVE.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58170 - Apache HTTP Server Remote Code Execution",
"Content": "CVE ID : CVE-2025-58170
Published : Sept. 3, 2025, 3:15 a.m. | 1 hour, 15 minutes ago
Description : Rejected reason: This CVE is a duplicate of another CVE.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-7039 - "LibGLib Temporary File Path Traversal Vulnerability"",
"Content": "CVE ID : CVE-2025-7039
Published : Sept. 3, 2025, 2:15 a.m. | 2 hours, 15 minutes ago
Description : A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-7039 - "LibGLib Temporary File Path Traversal Vulnerability"",
"Content": "CVE ID : CVE-2025-7039
Published : Sept. 3, 2025, 2:15 a.m. | 2 hours, 15 minutes ago
Description : A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9847 - ScriptAndTools Real Estate Management System Unrestricted File Upload Vulnerability",
"Content": "CVE ID : CVE-2025-9847
Published : Sept. 3, 2025, 2:15 a.m. | 2 hours, 15 minutes ago
Description : A weakness has been identified in ScriptAndTools Real Estate Management System 1.0. Impacted is an unknown function of the file register.php. This manipulation of the argument uimage causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9847 - ScriptAndTools Real Estate Management System Unrestricted File Upload Vulnerability",
"Content": "CVE ID : CVE-2025-9847
Published : Sept. 3, 2025, 2:15 a.m. | 2 hours, 15 minutes ago
Description : A weakness has been identified in ScriptAndTools Real Estate Management System 1.0. Impacted is an unknown function of the file register.php. This manipulation of the argument uimage causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "03 Sep 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น