CVE-2025-10158 - Exploiting Out-of-Bounds Read in rsync with Malicious Client and Negative Array Index
Summary:
In early 2024, security researchers uncovered a bug in the popular file transfer tool, rsync, that can lead to sensitive information disclosure if exploited
CVE-2025-48593 - Remote Code Execution in bta_hf_client_cb_init – Use-After-Free in Android Bluetooth
On June 21, 2025, Google disclosed a critical vulnerability, CVE-2025-48593, in the Bluetooth Hands-Free Profile Client implementation—specifically in the bta_hf_client_cb_init
CVE-2025-64756 - Command Injection in Glob CLI via `-c/--cmd` Option
*Published: 2024-06-17 | Exploitation Level: Easy | Affected Versions: glob 10.2. up to (not including) 10.5. and 11.1.*
Introduction
The glob package is one
CVE-2025-13193 - Information Disclosure in libvirt Due to World-Readable Inactive Snapshots
In early 2025, security researchers uncovered a serious vulnerability—CVE-2025-13193—affecting libvirt, a popular virtualization management toolkit. This flaw, tied directly to how libvirt handles
CVE-2025-64446 - Relative Path Traversal in Fortinet FortiWeb – How Attackers Can Run Admin Commands
In the world of cybersecurity, path traversal vulnerabilities allow attackers to reach files and commands outside their intended limits. In 2025, researchers discovered such a
Episode
00:00:00
00:00:00