CVE Alert: CVE-2025-5047
Vulnerability Summary: CVE-2025-5047 A maliciously crafted DGN file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A...
CVE Alert: CVE-2025-5048
Vulnerability Summary: CVE-2025-5048 A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force a Memory Corruption...
CVE Alert: CVE-2025-49898
Vulnerability Summary: CVE-2025-49898 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xolluteon Dropshix allows DOM-Based XSS.This...
CVE Alert: CVE-2025-8361
Vulnerability Summary: CVE-2025-8361 Missing Authorization vulnerability in Drupal Config Pages allows Forceful Browsing.This issue affects Config Pages: from 0.0.0 before...
CVE Alert: CVE-2025-8675
Vulnerability Summary: CVE-2025-8675 Server-Side Request Forgery (SSRF) vulnerability in Drupal AI SEO Link Advisor allows Server Side Request Forgery.This issue...
CVE Alert: CVE-2025-49432
Vulnerability Summary: CVE-2025-49432 Missing Authorization vulnerability in FWDesign Ultimate Video Player allows Exploiting Incorrectly Configured Access Control Security Levels. This...
CVE Alert: CVE-2025-8362
Vulnerability Summary: CVE-2025-8362 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal GoogleTag Manager allows Cross-Site...
CVE Alert: CVE-2025-8092
Vulnerability Summary: CVE-2025-8092 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal COOKiES Consent Management allows...
CVE Alert: CVE-2025-9060
Vulnerability Summary: CVE-2025-9060 A vulnerability has been found in the MSoft MFlash application that allows execution of arbitrary code on...
CVE Alert: CVE-2025-55285
Vulnerability Summary: CVE-2025-55285 @backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. Prior to version 2.1.1, duplicate logging of...
CVE Alert: CVE-2025-8996
Vulnerability Summary: CVE-2025-8996 Missing Authorization vulnerability in Drupal Layout Builder Advanced Permissions allows Forceful Browsing.This issue affects Layout Builder Advanced...
CVE Alert: CVE-2025-8995
Vulnerability Summary: CVE-2025-8995 Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue...
CVE Alert: CVE-2025-36088
Vulnerability Summary: CVE-2025-36088 IBM TS4500 1.11.0.0-D00, 1.11.0.1-C00, 1.11.0.2-C00, and 1.10.00-F00 web GUI is vulnerable to cross-site scripting. This vulnerability allows...
CVE Alert: CVE-2025-52619
Vulnerability Summary: CVE-2025-52619 HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. Under certain conditions, error messages...
CVE Alert: CVE-2025-52618
Vulnerability Summary: CVE-2025-52618 HCL BigFix SaaS Authentication Service is affected by a SQL injection vulnerability. The vulnerability allows potential attackers...
CVE Alert: CVE-2025-8959
Vulnerability Summary: CVE-2025-8959 HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond...
CVE Alert: CVE-2025-52621
Vulnerability Summary: CVE-2025-52621 HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. The BigFix SaaS's HTTP responses were observed...
CVE Alert: CVE-2025-52620
Vulnerability Summary: CVE-2025-52620 HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting (XSS) vulnerability. The image upload functionality...
The £9 Billion Question: To Microsoft Or Not To Microsoft?
Register debate series The UK government's five-year Strategic Partnership Agreement (SPA24) with Microsoft is set to see public sector bodies...
Desktop As A Service Now Often Cheaper To Run Than Laptops Even After Thinclient Costs
Analyst firm Gartner has declared hosted PCs are now often cheaper to operate than on-prem laptops, and two years away...
CVE Alert: CVE-2025-53330
Vulnerability Summary: CVE-2025-53330 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpEstate WP Rentals allows Stored...
CVE Alert: CVE-2025-52771
Vulnerability Summary: CVE-2025-52771 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bcupham Video Expander allows Stored...
CVE Alert: CVE-2025-53341
Vulnerability Summary: CVE-2025-53341 Missing Authorization vulnerability in Themovation Stratus allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects...
CVE Alert: CVE-2025-53343
Vulnerability Summary: CVE-2025-53343 Missing Authorization vulnerability in GoodLayers Modernize allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects...
