XWiki is a generic wiki platform. In versions starting from 4.5.1 to before 15.10.13, from 16.0.0-rc-1 to before 16.4.4, and from 16.5.0-rc-1 to before 16.8.0-rc-1, the Solr script service doesn’t take dropped programming rights into account. The Solr script service that is accessible in XWiki’s scripting API normally requires programming rights to be called. Due […]
XWiki is a generic wiki platform. In versions starting from 13.5-rc-1 to before 15.10.13, from 16.0.0-rc-1 to before 16.4.4, and from 16.5.0-rc-1 to before 16.8.0, an open redirect vulnerability in the HTML conversion request filter allows attackers to construct URLs on an XWiki instance that redirects to any URL. This issue has been patched in […]
The following table lists the changes that have been made to the CVE-2025-32376 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Apr. 30, 2025 Action […]
Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. Prior to version 3.3.3, path traversal is possible in Joplin Server if static file path starts with `css/pluginAssets` or `js/pluginAssets`. The `findLocalFile` function in the `default route` calls `localFileFromUrl` to check for special […]
The following table lists the changes that have been made to the CVE-2025-27134 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0 Apr. 30, 2025 Action Type […]
A Shift From Browsers to Enterprise Targets: 2024 Zero-Day Exploitation Analysis Google’s Threat Intelligence Group (GTIG) released its annual analysis of zero-day exploitation, detailing how 2024 saw attackers increasingly target enterprise software and infrastructure over tradit … Read more Published Date: Apr 30, 2025 (1 hour, 38 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2024-44309 […]
Critical Viasat Firmware Vulnerability Let Attackers Execute Remote Code A critical security flaw (CVE-2024-6198) in widely deployed Viasat satellite modems allows unauthenticated attackers to execute arbitrary code on affected devices via a stack buffer overflow in the “S … Read more Published Date: Apr 30, 2025 (2 hours, 8 minutes ago) Vulnerabilities has been mentioned in this […]
The following table lists the changes that have been made to the CVE-2025-4121 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Apr. 30, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-4119 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Apr. 30, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-4120 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Apr. 30, 2025 Action […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
