** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Expression/Command Delimiters vulnerability in Apache Commons OGNL. This issue affects Apache Commons OGNL: all versions. When using the API Ognl.getValue, the OGNL engine parses and evaluates the provided expression with powerful capabilities, including accessing and invoking related methods, etc. Although OgnlRuntime attempts to restrict certain dangerous classes […]
The following table lists the changes that have been made to the CVE-2025-4371 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Aug. 18, 2025 Action […]
New HTTP/2 DoS Vulnerability Prompts Vendor and Project Fixes A new HTTP/2 denial of service (DoS) vulnerability that circumvents mitigations put in place after 2023’s “Rapid Reset” vulnerability is largely being addressed by affected vendors and projects, thank … Read more Published Date: Aug 18, 2025 (19 minutes ago) Vulnerabilities has been mentioned in this article. […]
A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.8, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allows an remote authenticated user to inject JavaScript in message board threads and categories.
Fake ChatGPT Desktop App Delivering PipeMagic Backdoor, Microsoft Microsoft warns that a fake ChatGPT desktop app was used to deliver PipeMagic malware, linked to ransomware attacks exploiting a Windows zero-day. Cybersecurity researchers at Microsoft discovered a n … Read more Published Date: Aug 18, 2025 (14 hours, 32 minutes ago) Vulnerabilities has been mentioned in this article. […]
The following table lists the changes that have been made to the CVE-2025-7693 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Aug. 18, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-55300 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Aug. 18, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-55299 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Aug. 18, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-55296 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Aug. 18, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-55293 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Aug. 18, 2025 Action […]
