Aggregator

CVE-2025-47116 | Adobe Experience Manager up to 6.5.22 cross site scripting (apsb25-48 / Nessus ID 238053)

Vuldb Updates
3 months ago
A vulnerability, which was classified as problematic, has been found in Adobe Experience Manager up to 6.5.22. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-47116. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-47115 | Adobe Experience Manager up to 6.5.22 cross site scripting (apsb25-48 / EUVD-2025-17871)

Vuldb Updates
3 months ago
A vulnerability was found in Adobe Experience Manager up to 6.5.22 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-47115. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-47114 | Adobe Experience Manager up to 6.5.22 cross site scripting (apsb25-48 / EUVD-2025-17880)

Vuldb Updates
3 months ago
A vulnerability classified as problematic has been found in Adobe Experience Manager up to 6.5.22. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-47114. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Improving Java Container Security with Chainguard and Azul

Security Boulevard
3 months ago

Chainguard provides hardened, zero-CVE container images (Chainguard Containers) that enable companies to achieve speed, security and scalability. Now, through a strategic partnership between Azul and Chainguard,  Chainguard will build from source Java container images that incorporate Azul’s commercially supported build of OpenJDK that’s part of Azul Platform Core. This integration enables enterprises to continue to […]

The post Improving Java Container Security with Chainguard and Azul appeared first on Azul | Better Java Performance, Superior Java Support.

The post Improving Java Container Security with Chainguard and Azul appeared first on Security Boulevard.

Azul

Identifying high-risk APIs across thousands of code repositories

Help Net Security
3 months ago

In this Help Net Security interview, Joni Klippert, CEO of StackHawk, discusses why API visibility is a major blind spot for security teams, how legacy tools fall short, and how StackHawk identifies risky APIs and sensitive data directly from code before anything is deployed. API visibility is often cited as a major blind spot for security teams. Why do you think so many organizations still struggle to identify their full API attack surface, and how … More →

The post Identifying high-risk APIs across thousands of code repositories appeared first on Help Net Security.

Mirko Zorz

Is IT Infrastructure Growing Too Fast to Manage?

Netscout
3 months ago
According to Mordor Intelligence, the IT infrastructure market is expected to grow from $230.11 billion to $433.43 billion by 2030. A strong infrastructure supports expansion, new technologies, virtualization, and growing customer demands. But that same growth often leads to infrastructure sprawl, where operational...
Anthony Cote

From Trust to Threat: Hijacked Discord Invites Used for Multi-Stage Malware Delivery

Check Point Research
3 months ago

Key Takeaways Introduction Discord is a heavily used, widely trusted platform favored by gamers, communities, businesses and others who need to connect securely and quickly. But what if your trusted platform unknowingly becomes a trap? Check Point Research uncovered a flaw in Discord’s invitation system which allows attackers to hijack expired or deleted invite links and secretly redirect unsuspecting […]

The post From Trust to Threat: Hijacked Discord Invites Used for Multi-Stage Malware Delivery appeared first on Check Point Research.

alexeybu

CVE-2025-4278 | GitLab Community Edition/Enterprise Edition up to 18.0.1 cross site scripting (Issue 539198 / EUVD-2025-18169)

Vuldb Updates
3 months ago
A vulnerability, which was classified as problematic, has been found in GitLab Community Edition and Enterprise Edition up to 18.0.1. This issue affects some unknown processing. The manipulation leads to basic cross site scripting. The identification of this vulnerability is CVE-2025-4278. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-1516 | GitLab Community Edition/Enterprise Edition up to 17.10.7/17.11.3/18.0.1 allocation of resources (Issue 520553 / EUVD-2025-18167)

Vuldb Updates
3 months ago
A vulnerability classified as problematic was found in GitLab Community Edition and Enterprise Edition up to 17.10.7/17.11.3/18.0.1. This vulnerability affects unknown code. The manipulation leads to allocation of resources. This vulnerability was named CVE-2025-1516. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Privilege Escalation in PAN-OS Web Interface Allows Admin Users to Perform Root Actions

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
3 months ago

Palo Alto Networks disclosed a medium-severity command injection vulnerability on June 11, 2025, designated as CVE-2025-4231, affecting the management web interface of its PAN-OS operating system. The vulnerability enables authenticated administrative users to escalate privileges and execute commands as the root user, potentially compromising the entire firewall system24. The security flaw carries a CVSS score […]

The post Privilege Escalation in PAN-OS Web Interface Allows Admin Users to Perform Root Actions appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Anupriya

CVE-2005-4527 | Direct News 4.9 Search Module index.php setLang sql injection (EDB-26897 / XFDB-23727)

Vuldb Updates
3 months ago
A vulnerability classified as critical has been found in Direct News 4.9. Affected is an unknown function of the file index.php of the component Search Module. The manipulation of the argument setLang leads to sql injection. This vulnerability is traded as CVE-2005-4527. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

Command Injection Flaw in Palo Alto PAN-OS Allows Root-Level Code Execution

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
3 months ago

A newly disclosed command injection vulnerability (CVE-2025-4230) in Palo Alto Networks PAN-OS software enables authenticated administrators to bypass restrictions and execute arbitrary commands with root privileges. With a CVSS v4.0 score of 5.7 (Medium severity), this flaw highlights risks in privileged access management for network security appliances. Vulnerability Overview and Attack Vector The vulnerability stems […]

The post Command Injection Flaw in Palo Alto PAN-OS Allows Root-Level Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Anupriya

INC

Dark Feed IO
3 months ago

You must login to view this content

cohenido

CVE-2025-2254 | GitLab Community Edition/Enterprise Edition up to 17.10.7/17.11.3/18.0.1 cross site scripting (Issue 524636 / EUVD-2025-18168)

VulDB Recent Entries
3 months ago
A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 17.10.7/17.11.3/18.0.1. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-2254. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad