Multiple GitLab Vulnerabilities Enables Account Takeover and Stored XSS Exploitation GitLab has released emergency security patches addressing multiple critical vulnerabilities that could enable attackers to perform account takeovers and execute stored cross-site scripting (XSS) attac … Read more Published Date: Aug 14, 2025 (1 hour, 53 minutes ago) Vulnerabilities has been mentioned in this article.
CVE-2025-25256 affects FortiSIEM August 14, 20251. Vulnerability OverviewCVE-2025-25256 is a critical command injection bug in Fortinet FortiSIEM’s phMonitor service, exposed on TCP port 7900. It enables unauthenticated remote attack … Read more Published Date: Aug 14, 2025 (2 hours, 37 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2025-25256
Critical WordPress Plugin Flaw (CVE-2025-7384, CVSS 9.8) Exposes 70,000+ Sites to RCE and Data Loss A critical security vulnerability has been disclosed in the widely used Database for Contact Form 7, WPforms, Elementor Forms plugin for WordPress. Tracked as CVE-2025-7384 and carrying a CVSS score o … Read more Published Date: Aug 14, 2025 (5 hours, […]
CVE-2025-40746: Critical Vulnerability Found in Siemens SIMATIC RTLS Locating Manager Siemens ProductCERT has issued a high-severity security advisory (SSA-493787) warning of a critical vulnerability in its SIMATIC RTLS Locating Manager prior to version 3.2. The flaw, tracked as CVE-20 … Read more Published Date: Aug 14, 2025 (5 hours, 20 minutes ago) Vulnerabilities has been mentioned in […]
The following table lists the changes that have been made to the CVE-2025-55199 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Aug. 14, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-55198 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Aug. 14, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-55197 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Aug. 13, 2025 Action […]
External Secrets Operator is a Kubernetes operator that integrates external secret management systems. From version 0.15.0 to before 0.19.2, a vulnerability was discovered where the List() calls for Kubernetes Secret and SecretStore resources performed by the PushSecret controller did not apply a namespace selector. This flaw allowed an attacker to use label selectors to list […]
The following table lists the changes that have been made to the CVE-2025-55194 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Aug. 13, 2025 Action […]
Active Record connects classes to relational database tables. Prior to versions 7.1.5.2, 7.2.2.2, and 8.0.2.1, the ID passed to find or similar methods may be logged without escaping. If this is directly to the terminal it may include unescaped ANSI sequences. This issue has been patched in versions 7.1.5.2, 7.2.2.2, and 8.0.2.1.
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
