In Sherpa Orchestrator 141851, multiple time-based blind SQL injections can be performed by an authenticated user. This affects api/gui/asset/list, /api/gui/files/export/csv/, /api/gui/files/list, /api/gui/process/export/csv, /api/gui/process/export/xlsx, /api/gui/process/listAll, /api/gui/processVersion/export/csv/, /api/gui/processVersion/export/xlsx/, /api/gui/processVersion/list/, /api/gui/robot/list/, /api/gui/task/export/csv/, /api/gui/task/export/xlsx/, and /api/gui/task/list/.
The following table lists the changes that have been made to the CVE-2025-46547 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Apr. 25, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-46545 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Apr. 25, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-46544 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Apr. 25, 2025 Action […]
CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks A critical zero-day vulnerability affecting SAP NetWeaver Visual Composer MetadataUploader, now tracked as CVE-2025-31324, is being actively exploited in the wild to compromise enterprise and governme … Read more Published Date: Apr 25, 2025 (2 hours, 5 minutes ago) Vulnerabilities […]
Microsoft’s Patch for Symlink Exploit Introduces New Windows Update DoS Flaw Image: Kevin Beaumont Previously, in an effort to patch security vulnerability (CVE-2025–21204) within the Windows operating system, Microsoft began creating an empty folder named inetpub in the syste … Read more Published Date: Apr 25, 2025 (2 hours, 24 minutes ago) Vulnerabilities has been mentioned in […]
Perplexity Eyes Chrome as DOJ Pressures Google Over Antitrust In addition to OpenAI expressing interest in acquiring Google’s Chrome browser business, Perplexity.ai has also signaled its intent to pursue such a deal. During testimony in the U.S. Department of Ju … Read more Published Date: Apr 25, 2025 (2 hours, 32 minutes ago) Vulnerabilities has been mentioned […]
The following table lists the changes that have been made to the CVE-2025-43864 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Apr. 25, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-43865 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Apr. 25, 2025 Action […]
CVE-2024-2787: Apple Archive Flaw Enables Arbitrary File Write and Gatekeeper Bypass, PoC Releases A newly disclosed vulnerability in Apple’s proprietary libAppleArchive library, tracked as CVE-2024-27876, enables attackers to achieve arbitrary file writes on macOS and iOS systems, with the added p … Read more Published Date: Apr 25, 2025 (1 hour, 40 minutes ago) Vulnerabilities has been […]
