CVE ID :CVE-2018-25379 Published : May 25, 2026, 2:15 p.m. | 5 hours, 18 minutes ago Description :Collectric CMU 1.0 contains a boolean-based blind SQL injection vulnerability in the lang parameter that allows unauthenticated attackers to manipulate database queries during authentication. Attackers…
CVE ID :CVE-2018-25377 Published : May 25, 2026, 2:15 p.m. | 5 hours, 18 minutes ago Description :Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured…
CVE ID :CVE-2018-25376 Published : May 25, 2026, 2:15 p.m. | 5 hours, 18 minutes ago Description :Socusoft 3GP Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured…
CVE ID :CVE-2018-25375 Published : May 25, 2026, 2:15 p.m. | 5 hours, 18 minutes ago Description :SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by overwriting the…
CVE ID :CVE-2018-25374 Published : May 25, 2026, 2:15 p.m. | 5 hours, 18 minutes ago Description :Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers…
ThreatNote Briefing | Week of May 18–24, 2026
Weekly intelligence for Indian cybersecurity practitioners.
Strong cybersecurity maturity does not automatically translate into strong privacy maturity.
A mature SOC, advanced detection engineering, and DLP controls still cannot answer the question privacy requires: should this data exist here at all?
DPDPA is not a tooling problem. It is a lawful processing problem. And the two are not the same conversation.
CVE ID :CVE-2018-25357 Published : May 23, 2026, 6:32 p.m. | 53 minutes ago Description :Dolibarr ERP CRM 7.0.3 contains a remote code evaluation vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the db_name parameter.…
CVE ID :CVE-2018-25358 Published : May 23, 2026, 6:30 p.m. | 54 minutes ago Description :D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the table_name parameter in POST requests. Attackers…
CVE ID :CVE-2018-25356 Published : May 23, 2026, 6:30 p.m. | 54 minutes ago Description :SIPp 3.6 and earlier contains a local buffer overflow vulnerability in command-line argument handling that allows local attackers to crash the application or execute arbitrary code.…