CVE-2025-46805 – Screen Privilege Escalation TOCTOU Vulnerability

May 26, 2025

CVE ID : CVE-2025-46805

Published : May 26, 2025, 2:15 p.m. | 2 hours, 42 minutes ago

Description : Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5196 – Wing FTP Server Lua Admin Console Privilege Escalation Vulnerability

Next Article CVE-2025-46804 – Screen Information Disclosure Vulnerability

Highlights

CVE-2025-5701 – HyperComments WordPress Privilege Escalation Vulnerability

June 5, 2025

CVE ID : CVE-2025-5701

Published : June 5, 2025, 12:15 p.m. | 2 hours, 14 minutes ago

Description : The HyperComments plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the hc_request_handler function in all versions up to, and including, 1.2.2. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-46805 – Screen Privilege Escalation TOCTOU Vulnerability

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

This iconic Xbox RPG is just $25 in an anti-Prime Day deal — don’t miss out on a physical copy while they last

CVE-2025-42964 – SAP NetWeaver Enterprise Portal Remote Code Execution Vulnerability

CVE-2025-7620 – Digitware System Integration Corporation Cross-Browser Document Creation Remote Code Execution

GPT-5 is Coming: Revolutionizing Software Testing

CVE-2025-5701 – HyperComments WordPress Privilege Escalation Vulnerability

CVE-2025-47730 – TeleMessage API Authentication Token Disclosure

PHP Fatal Error Backtraces in PHP 8.5

Playbook: Transforming Your Cybersecurity Practice Into An MRR Machine

CVE-2025-46805 – Screen Privilege Escalation TOCTOU Vulnerability

Related Posts