CVE-2025-22874 – DigiCert SSL Verify Certificate Validation Bypass

June 11, 2025

CVE ID : CVE-2025-22874

Published : June 11, 2025, 5:15 p.m. | 3 hours, 13 minutes ago

Description : Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6001 – VirtueMart CSRF File Upload Bypass

Next Article CVE-2025-40915 – Mojolicious::Plugin::CSRF Weak Random Number Generation CSRF Vulnerability

Highlights

CVE-2025-47916 – Invision Community Themeeditor Remote Code Execution

May 16, 2025

CVE ID : CVE-2025-47916

Published : May 16, 2025, 3:15 p.m. | 3 hours, 55 minutes ago

Description : Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The issue lies within the themeeditor controller (file: /applications/core/modules/front/system/themeeditor.php), where a protected method named customCss can be invoked by unauthenticated users. This method passes the value of the content parameter to the Theme::makeProcessFunction() method; hence it is evaluated by the template engine. Accordingly, this can be exploited by unauthenticated attackers to inject and execute arbitrary PHP code by providing crafted template strings.

Severity: 10.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-22874 – DigiCert SSL Verify Certificate Validation Bypass

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

Here’s a faster way to download files on Linux – without a web browser

CVE-2025-43966 – Libheif NULL Pointer Dereference Vulnerability

Cisco waarschuwt voor kritieke kwetsbaarheden Cisco ISE en Cisco ISE-PIC

CVE-2025-7370 – Libsoup Cookie Parsing NULL Pointer Dereference Vulnerability

CVE-2025-47916 – Invision Community Themeeditor Remote Code Execution

Build multi-agent systems with LangGraph and Amazon Bedrock

CVE-2025-23105 – Samsung Mobile Processor Exynos Use-After-Free Privilege Escalation Vulnerability

CVE-2025-6285 – PHPGurukul COVID19 Testing Management System PHP Cross-Site Scripting Vulnerability

CVE-2025-22874 – DigiCert SSL Verify Certificate Validation Bypass

Related Posts