Overview A security vulnerability, identified as CVE-2025-9191, has been discovered in the Houzez theme for WordPress. This vulnerability affects all versions up to and including 4.1.6. It stems from a PHP Object Injection flaw within the saved-search-item.php file, caused by the deserialization of untrusted input. While the Houzez theme itself doesn’t contain a readily exploitable POP chain, the presence of one in another plugin or theme could significantly amplify the risk. Technical Details The vulnerability resides in the way the Houzez theme handles user-provided data during the processing of saved searches. Specifically, the saved-search-item.php file deserializes potentially malicious data without…

A security flaw has been discovered in the popular Houzez WordPress theme, potentially exposing websites using the theme to Stored Cross-Site Scripting (XSS) attacks. This vulnerability, identified as CVE-2025-9163, allows unauthenticated attackers to inject malicious scripts that execute when a user accesses a crafted SVG file. Overview CVE-2025-9163 affects versions of the Houzez theme up to and including 4.1.6. The vulnerability stems from inadequate input sanitization and output escaping during SVG file uploads via the houzez_property_img_upload() and houzez_property_attachment_upload() functions. This allows attackers to embed malicious JavaScript code within SVG files, which can then be executed in a victim’s browser, potentially…

Overview CVE-2025-13674 is a medium severity vulnerability affecting Wireshark version 4.6.0. This vulnerability resides in the BPv7 (Bundle Protocol version 7) dissector, and a specially crafted packet can cause Wireshark to crash, leading to a denial-of-service (DoS) condition. This means an attacker could potentially disrupt network analysis by repeatedly sending malicious packets to a Wireshark instance, effectively preventing it from functioning correctly. Technical Details The vulnerability exists within the BPv7 dissector’s parsing logic. An improperly formatted or malicious BPv7 packet can trigger an unhandled exception or memory access violation within the dissector, causing Wireshark to terminate unexpectedly. The specific details…

Published: 2025-11-26T09:15:46.293 Overview This article details CVE-2025-62728, a SQL injection vulnerability discovered in Apache Hive Metastore Server (HMS). This vulnerability can be exploited by authorized users who have access to the HMS Thrift APIs. While its exploitability in typical deployments is limited, understanding the vulnerability and applying the recommended mitigations is crucial for maintaining a secure Hive environment. Technical Details CVE-2025-62728 stems from insufficient input sanitization when processing delete column statistics requests via the Thrift APIs in Hive Metastore Server. Specifically, an attacker with access to the Thrift APIs could potentially inject malicious SQL code into the delete column statistics…

Overview This article discusses CVE-2025-59390, a security vulnerability affecting Apache Druid versions up to 34.0.0. This vulnerability exposes Druid clusters utilizing Kerberos authentication to a potential authentication bypass. The issue stems from the use of a weak, predictable fallback secret used to sign authentication cookies when the `druid.auth.authenticator.kerberos.cookieSignatureSecret` configuration is not explicitly set. Technical Details The core of the vulnerability lies within Druid’s Kerberos authenticator. When the `druid.auth.authenticator.kerberos.cookieSignatureSecret` configuration parameter isn’t explicitly defined, Druid resorts to a fallback secret. This fallback secret is generated using `ThreadLocalRandom`, a pseudo-random number generator that is not cryptographically secure. The predictable nature of `ThreadLocalRandom`…

Overview CVE-2025-13735 describes a high-severity out-of-bounds read vulnerability discovered in ASR Lapwing_Linux, specifically affecting ASR1903 and ASR3901 devices. This vulnerability resides within the nr_fw modules on Linux and stems from an issue in the Code/nr_fw/DLP/src/NrCgi.C program file. This flaw could potentially allow an attacker to read sensitive information from system memory, leading to further exploitation. The vulnerability affects Lapwing_Linux versions prior to the patch released on 2025/11/26. Technical Details The root cause of CVE-2025-13735 lies in how the NrCgi.C file handles certain input parameters within the DLP (Data Loss Prevention) component of the nr_fw modules. Specifically, the code lacks proper…

Overview CVE-2025-9558 is a high-severity out-of-bounds (OOB) write vulnerability found in the gen_prov_start function within the pb_adv.c file of the Zephyr Real-Time Operating System (RTOS). This flaw can allow an attacker to potentially overwrite arbitrary memory locations, leading to system crashes, denial of service, or potentially even arbitrary code execution on affected devices. Technical Details The vulnerability stems from a lack of input validation within the gen_prov_start function. Specifically, the function copies the full length of received data into the link.rx.buf receiver buffer without checking if the data size exceeds the buffer’s allocated capacity. This unchecked copy operation creates an…

Overview CVE-2025-9557 is a high-severity vulnerability involving an out-of-bounds write. This flaw could potentially allow an attacker to execute arbitrary code or cause a denial-of-service (DoS) condition. This vulnerability highlights the risks associated with improper memory handling in software and the importance of robust security measures. Technical Details The vulnerability stems from an out-of-bounds write condition. This occurs when a program attempts to write data beyond the allocated memory buffer. This can overwrite adjacent memory locations, potentially corrupting data, hijacking program control flow, or leading to a crash. While memory protection mechanisms exist, exploitation remains possible, potentially resulting in code…

Overview CVE-2025-59820 is a medium-severity security vulnerability affecting KDE Krita versions prior to 5.2.13. This vulnerability resides in the TGA image import functionality and can be exploited by loading a specially crafted TGA file, leading to a heap-based buffer overflow. Successful exploitation could result in application crash, arbitrary code execution, or information disclosure. Users of Krita are strongly advised to upgrade to version 5.2.13 or later to mitigate this risk. Technical Details The vulnerability is located in the plugins/impex/tga/kis_tga_import.cpp file, specifically within the KisTgaImport component responsible for parsing and processing TGA image files. The core issue is that the code…

Overview CVE-2025-55174 is a low-severity vulnerability affecting KDE Skanpage versions prior to 25.08.0. This vulnerability relates to a potential file overwrite issue where an attempted overwrite can result in a corrupted file. Instead of completely replacing the old file with the new content, the resulting file may contain the new content at the beginning followed by fragments of the original file appended to the end. This occurs because Skanpage incorrectly uses `QIODevice::ReadWrite` instead of the intended `QIODevice::WriteOnly` when writing the new file. The vulnerability was published on 2025-11-26. Technical Details The core of the problem lies in the improper usage…