CVE-2025-31324 - SAP NetWeaver Visual Composer Metadata Uploader Unauthenticated File Upload – Deep Dive and Exploit
Summary:
A new vulnerability, CVE-2025-31324, has been identified in SAP NetWeaver Visual Composer. This flaw allows anyone—without any login or authentication—to upload files,
CVE-2025-27820 - How a Tiny Bug in Apache HttpClient 5.4.x Broke Cookie Security and Hostname Checks
In early 2025, the Apache HttpClient team uncovered a subtle but critical bug in their popular HTTP communication library, culminating in the vulnerability tracked as
CVE-2024-41446 - Stored XSS Vulnerability in Alkacon OpenCMS v17. — How Attackers Can Steal Your Session
A critical security bug, CVE-2024-41446, has been discovered in Alkacon OpenCMS v17.—a popular open-source content management system. This vulnerability allows hackers to run any
CVE-2025-30706 - Remote Code Execution in Oracle MySQL Connector/J (9..-9.2.) — Deep Dive and Exploit Example
Published: June 2024
Affected Products: Oracle MySQL (Connector/J versions 9.. to 9.2.)
CVSS Base Score: 7.5 (High)
Vector: CVSS:3.1/AV:
CVE-2025-30698 - Oracle Java SE 2D Component Flaw Explained with Code Example and Exploit Details
*Last updated: June 2024*
Introduction
A new vulnerability tracked as CVE-2025-30698 was discovered in *Oracle Java SE*, *Oracle GraalVM for JDK*, and *Oracle GraalVM Enterprise
Episode
00:00:00
00:00:00