CVE ID : CVE-2025-22535 Published : Jan. 9, 2025, 4:16 p.m. | 21 hours, 36 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Jonathan Kern WPListCal allows SQL Injection.This issue affects WPListCal: from n/a through 1.3.5. Severity: 8.5 | HIGH Visit the link for more details, such…

CVE ID : CVE-2025-22505 Published : Jan. 9, 2025, 4:16 p.m. | 21 hours, 36 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Nabaraj Chapagain NC Wishlist for Woocommerce allows SQL Injection.This issue affects NC Wishlist for Woocommerce: from n/a through 1.0.1. Severity: 8.5 | HIGH Visit…

CVE ID : CVE-2025-22508 Published : Jan. 9, 2025, 4:16 p.m. | 21 hours, 36 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in Roninwp FAT Event Lite allows PHP Local File Inclusion.This issue affects FAT Event Lite: from n/a through 1.1. Severity: 8.1 | HIGH…

CVE ID : CVE-2023-24012 Published : Jan. 9, 2025, 3:15 p.m. | 22 hours, 37 minutes ago Description : An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s…

CVE ID : CVE-2025-22504 Published : Jan. 9, 2025, 4:16 p.m. | 21 hours, 36 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in jumpdemand 4ECPS Web Forms allows Upload a Web Shell to a Web Server.This issue affects 4ECPS Web Forms: from n/a through 0.2.18. Severity: 10.0 | CRITICAL Visit the link…

CVE ID : CVE-2023-24010 Published : Jan. 9, 2025, 3:15 p.m. | 22 hours, 37 minutes ago Description : An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s…

CVE ID : CVE-2023-24011 Published : Jan. 9, 2025, 3:15 p.m. | 22 hours, 37 minutes ago Description : An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s…

‘Nederland telt bijna zestig waarschijnlijk kwetsbare Ivanti vpn-servers’ Nederland telt bijna zestig Ivanti vpn-servers die een beveiligingslek bevatten waarvan al weken actief misbruik wordt gemaakt, zo stelt The Shadowserver Foundation op basis van een internetscan. Were … Read more Published Date: Jan 10, 2025 (46 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2025-0283 CVE-2025-0282…

Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey’s Audio (APE) decoder on Samsung smartphones that could lead to code execution. The high-severity vulnerability, tr … Read more Published Date: Jan 10, 2025 (4 hours, 5 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2024-49415…