{"vulnerability": "CVE-2025-3067", "sightings": [{"uuid": "fd3066ba-f9de-41b4-9fec-237a9bd37042", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3067", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114269153588775954", "content": "", "creation_timestamp": "2025-04-02T15:48:31.702949Z"}, {"uuid": "33bbac76-f840-4277-ba11-f9c5c33dbc5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30676", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3llrelgyax32r", "content": "", "creation_timestamp": "2025-04-01T17:12:06.750985Z"}, {"uuid": "f547fc84-3118-4554-b988-6aaeb99f0fcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3067", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114269153588775954", "content": "", "creation_timestamp": "2025-04-02T15:48:31.706378Z"}, {"uuid": "f3b9ffc0-f7fb-45ac-b77a-af612fdbf812", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30679", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-237/", "content": "", "creation_timestamp": "2025-04-09T03:00:00.000000Z"}, {"uuid": "bde06db2-1cee-4230-a3b0-5230e140ce57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30670", "type": "seen", "source": "https://bsky.app/profile/ripjyr.bsky.social/post/3lmcenvxscq22", "content": "", "creation_timestamp": "2025-04-08T11:28:44.400221Z"}, {"uuid": "4f042637-e846-4235-924e-3bee42821dc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30671", "type": "seen", "source": "https://bsky.app/profile/ripjyr.bsky.social/post/3lmcenvxscq22", "content": "", "creation_timestamp": "2025-04-08T11:28:44.477298Z"}, {"uuid": "d18b7fa3-d22d-4736-a51e-57b7240f4cc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30672", "type": "seen", "source": "https://bsky.app/profile/ripjyr.bsky.social/post/3lmcenvxscq22", "content": "", "creation_timestamp": "2025-04-08T11:28:44.551954Z"}, {"uuid": "64ae76d8-e889-4a60-999c-a52e8fca60c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30678", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-236/", "content": "", "creation_timestamp": "2025-04-09T03:00:00.000000Z"}, {"uuid": "4b11c8d3-eada-4ae4-8f3b-0224b301b686", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30670", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmjranocq22m", "content": "", "creation_timestamp": "2025-04-11T10:02:37.710719Z"}, {"uuid": "66bb3506-5e97-4575-b2a8-361c027c7bf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3067", "type": "seen", "source": "https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review", "content": "", "creation_timestamp": "2025-04-08T16:14:25.000000Z"}, {"uuid": "f6d3d06b-d37e-4442-a48e-9de48b743e86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30671", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmjranocq22m", "content": "", "creation_timestamp": "2025-04-11T10:02:37.772945Z"}, {"uuid": "29c7e408-49df-44d8-8397-8980bbc8bf61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30672", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmjranocq22m", "content": "", "creation_timestamp": "2025-04-11T10:02:37.830404Z"}, {"uuid": "02ed784d-15ff-4c29-90ce-3d4247215b89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30675", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrcfgo4zbn2s", "content": "", "creation_timestamp": "2025-06-11T02:48:33.439619Z"}, {"uuid": "69a8be5d-b283-4631-931c-0298949469b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30672", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9817", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30673\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory ('.') to be loaded similar to CVE-2016-1238.\n\nIf an attacker can place a malicious file in current working directory, it may be\u00a0loaded instead of the intended file, potentially leading to arbitrary\u00a0code execution.\n\nSub::HandlesVia uses Mite to produce the affected code section due to\u00a0CVE-2025-30672\n\ud83d\udccf Published: 2025-04-01T02:02:25.594Z\n\ud83d\udccf Modified: 2025-04-01T02:11:14.285Z\n\ud83d\udd17 References:\n1. https://metacpan.org/dist/Sub-HandlesVia/changes#L12\n2. https://metacpan.org/release/TOBYINK/Sub-HandlesVia-0.050001/source/lib/Sub/HandlesVia/Mite.pm#L114\n3. https://blogs.perl.org/users/todd_rinaldo/2016/11/what-happened-to-dot-in-inc.html", "creation_timestamp": "2025-04-01T02:32:17.000000Z"}, {"uuid": "6ace2f5f-9c2a-4611-bb99-84bff0cd8fe7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30672", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9818", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30672\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Mite for Perl before 0.013000 generates code with the current working directory ('.') added to the @INC path similar to CVE-2016-1238.\n\nIf an attacker can place a malicious file in current working directory, it may be \nloaded instead of the intended file, potentially leading to arbitrary \ncode execution.\n\nThis affects the Mite distribution itself, and other distributions that contain code generated by Mite.\n\ud83d\udccf Published: 2025-04-01T01:51:08.494Z\n\ud83d\udccf Modified: 2025-04-01T01:51:08.494Z\n\ud83d\udd17 References:\n1. https://metacpan.org/release/TOBYINK/Mite-0.013000/changes\n2. https://wiki.gentoo.org/wiki/Project:Perl/Dot-In-INC-Removal\n3. https://perldoc.perl.org/perlrun#PERL_USE_UNSAFE_INC\n4. https://blogs.perl.org/users/todd_rinaldo/2016/11/what-happened-to-dot-in-inc.html", "creation_timestamp": "2025-04-01T02:32:18.000000Z"}, {"uuid": "8ee3e242-3ca7-49c1-b75d-f0b3ece8d3b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30676", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9992", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30676\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache OFBiz.\n\nThis issue affects Apache OFBiz: before 18.12.19.\n\nUsers are recommended to upgrade to version 18.12.19, which fixes the issue.\n\ud83d\udccf Published: 2025-04-01T14:43:49.721Z\n\ud83d\udccf Modified: 2025-04-01T19:19:46.284Z\n\ud83d\udd17 References:\n1. https://ofbiz.apache.org/download.html\n2. https://ofbiz.apache.org/security.html\n3. https://issues.apache.org/jira/browse/OFBIZ-13219\n4. https://lists.apache.org/thread/8d718qt8dqthnw1gmyxsq8glfdjklnjf", "creation_timestamp": "2025-04-01T19:32:31.000000Z"}, {"uuid": "3bf1b644-7f36-4468-a66f-6688a2e329de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30672", "type": "seen", "source": "https://t.me/cvedetector/21716", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30673 - Perl Sub::HandlesVia Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30673 \nPublished : April 1, 2025, 3:15 a.m. | 2\u00a0hours, 1\u00a0minute ago \nDescription : Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory ('.') to be loaded similar to CVE-2016-1238.  \n  \nIf an attacker can place a malicious file in current working directory, it may be\u00a0loaded instead of the intended file, potentially leading to arbitrary\u00a0code execution.  \n  \nSub::HandlesVia uses Mite to produce the affected code section due to\u00a0CVE-2025-30672 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T07:46:13.000000Z"}, {"uuid": "2bdc35f8-5ff7-4105-875c-2c4363d47ec5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30672", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9816", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3051\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Linux::Statm::Tiny for Perl before 0.0701 allows untrusted code from the current working directory ('.') to be loaded similar to CVE-2016-1238.\n\nIf an attacker can place a malicious file in current working directory, it may be\u00a0loaded instead of the intended file, potentially leading to arbitrary\u00a0code execution.\n\nLinux::Statm::Tiny uses Mite to produce the affected code section due to\u00a0CVE-2025-30672\n\ud83d\udccf Published: 2025-04-01T02:20:40.971Z\n\ud83d\udccf Modified: 2025-04-01T02:20:40.971Z\n\ud83d\udd17 References:\n1. https://metacpan.org/release/RRWO/Linux-Statm-Tiny-0.0701/changes\n2. https://metacpan.org/release/RRWO/Linux-Statm-Tiny-0.0700/source/lib/Linux/Statm/Tiny/Mite.pm#L82\n3. https://blogs.perl.org/users/todd_rinaldo/2016/11/what-happened-to-dot-in-inc.html", "creation_timestamp": "2025-04-01T02:32:16.000000Z"}, {"uuid": "1c5b7a90-98e9-4c22-ace3-bd9d22de2519", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30673", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9817", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30673\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory ('.') to be loaded similar to CVE-2016-1238.\n\nIf an attacker can place a malicious file in current working directory, it may be\u00a0loaded instead of the intended file, potentially leading to arbitrary\u00a0code execution.\n\nSub::HandlesVia uses Mite to produce the affected code section due to\u00a0CVE-2025-30672\n\ud83d\udccf Published: 2025-04-01T02:02:25.594Z\n\ud83d\udccf Modified: 2025-04-01T02:11:14.285Z\n\ud83d\udd17 References:\n1. https://metacpan.org/dist/Sub-HandlesVia/changes#L12\n2. https://metacpan.org/release/TOBYINK/Sub-HandlesVia-0.050001/source/lib/Sub/HandlesVia/Mite.pm#L114\n3. https://blogs.perl.org/users/todd_rinaldo/2016/11/what-happened-to-dot-in-inc.html", "creation_timestamp": "2025-04-01T02:32:17.000000Z"}, {"uuid": "16155d14-9330-4afa-84a4-ee678f9c7e81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30670", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10946", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30670\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.\n\ud83d\udccf Published: 2025-04-08T16:20:54.607Z\n\ud83d\udccf Modified: 2025-04-08T16:20:54.607Z\n\ud83d\udd17 References:\n1. https://www.zoom.com/en/trust/security-bulletin/zsb-25015", "creation_timestamp": "2025-04-08T16:46:38.000000Z"}, {"uuid": "dd7b7395-56d8-487d-94b4-20ef7a8d244d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30671", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10945", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30671\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.\n\ud83d\udccf Published: 2025-04-08T16:21:01.713Z\n\ud83d\udccf Modified: 2025-04-08T16:21:01.713Z\n\ud83d\udd17 References:\n1. https://www.zoom.com/en/trust/security-bulletin/zsb-25015", "creation_timestamp": "2025-04-08T16:46:33.000000Z"}, {"uuid": "216ec36f-e16e-4bf8-94f6-eff31533390f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30677", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11044", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30677\n\ud83d\udd25 CVSS Score: 6.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N)\n\ud83d\udd39 Description: Apache Pulsar contains multiple connectors for integrating with Apache Kafka. The Pulsar IO Apache Kafka Source Connector, Sink Connector, and Kafka Connect Adaptor Sink Connector log sensitive configuration properties in plain text in application logs.\n\n\nThis vulnerability can lead to unintended exposure of credentials in log files, potentially allowing attackers with access to these logs to obtain Apache Kafka credentials. The vulnerability's impact is limited by the fact that an attacker would need access to the application logs to exploit this issue.\n\nThis issue affects Apache Pulsar IO's Apache Kafka connectors in all versions before 3.0.11, 3.3.6, and 4.0.4.\n\n\n3.0.x version users should upgrade to at least 3.0.11.\n\n3.3.x version users should upgrade to at least 3.3.6.\n\n4.0.x version users should upgrade to at least 4.0.4.\n\n\nUsers operating versions prior to those listed above should upgrade to the aforementioned patched versions or newer versions.\n\ud83d\udccf Published: 2025-04-09T11:58:11.716Z\n\ud83d\udccf Modified: 2025-04-09T11:58:11.716Z\n\ud83d\udd17 References:\n1. https://pulsar.apache.org/security/\n2. https://lists.apache.org/thread/zv5fwwrh374r1p5cmksxcd40ssxxko3d", "creation_timestamp": "2025-04-09T12:47:58.000000Z"}, {"uuid": "5d4ee173-fe99-4db3-b5fd-99e1c979cb8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30671", "type": "seen", "source": "https://t.me/cvedetector/22477", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30671 - Zoom Workplace Apps for Windows Null Pointer Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2025-30671 \nPublished : April 8, 2025, 5:15 p.m. | 17\u00a0minutes ago \nDescription : Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T19:51:25.000000Z"}, {"uuid": "e2a2574e-f636-497f-866c-8396a480dfc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30670", "type": "seen", "source": "https://t.me/cvedetector/22476", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30670 - Zoom Workplace Apps for Windows Null Pointer Dereference Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2025-30670 \nPublished : April 8, 2025, 5:15 p.m. | 17\u00a0minutes ago \nDescription : Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T19:51:21.000000Z"}, {"uuid": "d8c351b3-4008-4a3f-b755-f383c0a2f924", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30678", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18956", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30678\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modTMSM component could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations.\n\ud83d\udccf Published: 2025-06-17T19:56:01.476Z\n\ud83d\udccf Modified: 2025-06-20T13:12:57.801Z\n\ud83d\udd17 References:\n1. https://success.trendmicro.com/en-US/solution/KA-0019355\n2. https://www.zerodayinitiative.com/advisories/ZDI-25-236/", "creation_timestamp": "2025-06-20T13:43:15.000000Z"}, {"uuid": "15071ca0-222b-490c-a965-8a638b3bc02d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30677", "type": "seen", "source": "https://t.me/cvedetector/22559", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30677 - Apache Pulsar Apache Kafka Log Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30677 \nPublished : April 9, 2025, 12:15 p.m. | 2\u00a0hours ago \nDescription : Apache Pulsar contains multiple connectors for integrating with Apache Kafka. The Pulsar IO Apache Kafka Source Connector, Sink Connector, and Kafka Connect Adaptor Sink Connector log sensitive configuration properties in plain text in application logs.  \n  \n  \nThis vulnerability can lead to unintended exposure of credentials in log files, potentially allowing attackers with access to these logs to obtain Apache Kafka credentials. The vulnerability's impact is limited by the fact that an attacker would need access to the application logs to exploit this issue.  \n  \nThis issue affects Apache Pulsar IO's Apache Kafka connectors in all versions before 3.0.11, 3.3.6, and 4.0.4.  \n  \n  \n3.0.x version users should upgrade to at least 3.0.11.  \n  \n3.3.x version users should upgrade to at least 3.3.6.  \n  \n4.0.x version users should upgrade to at least 4.0.4.  \n  \n  \nUsers operating versions prior to those listed above should upgrade to the aforementioned patched versions or newer versions. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-09T16:46:25.000000Z"}, {"uuid": "1bbe7142-95f4-4144-80f6-13d8f0a7684f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3067", "type": "seen", "source": "https://t.me/cvedetector/21828", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3067 - Google Chrome Android Custom Tabs Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3067 \nPublished : April 2, 2025, 1:15 a.m. | 32\u00a0minutes ago \nDescription : Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted app. (Chromium security severity: Medium) \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T04:06:55.000000Z"}, {"uuid": "359eba15-d542-4403-81a1-7834ec2a006a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30673", "type": "seen", "source": "https://t.me/cvedetector/21716", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30673 - Perl Sub::HandlesVia Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30673 \nPublished : April 1, 2025, 3:15 a.m. | 2\u00a0hours, 1\u00a0minute ago \nDescription : Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory ('.') to be loaded similar to CVE-2016-1238.  \n  \nIf an attacker can place a malicious file in current working directory, it may be\u00a0loaded instead of the intended file, potentially leading to arbitrary\u00a0code execution.  \n  \nSub::HandlesVia uses Mite to produce the affected code section due to\u00a0CVE-2025-30672 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T07:46:13.000000Z"}, {"uuid": "f174d363-36be-41c9-a31e-8bb01b1fedce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30672", "type": "seen", "source": "https://t.me/cvedetector/21713", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3051 - Linux::Statm::Tiny Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3051 \nPublished : April 1, 2025, 3:15 a.m. | 2\u00a0hours, 1\u00a0minute ago \nDescription : Linux::Statm::Tiny for Perl before 0.0701 allows untrusted code from the current working directory ('.') to be loaded similar to CVE-2016-1238.  \n  \nIf an attacker can place a malicious file in current working directory, it may be\u00a0loaded instead of the intended file, potentially leading to arbitrary\u00a0code execution.  \n  \nLinux::Statm::Tiny uses Mite to produce the affected code section due to\u00a0CVE-2025-30672 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T07:46:11.000000Z"}, {"uuid": "b5b3990a-5807-4e34-8d16-830ca40c99f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30672", "type": "seen", "source": "https://t.me/cvedetector/21697", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30672 - Mite for Perl Arbitrary Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30672 \nPublished : April 1, 2025, 2:15 a.m. | 55\u00a0minutes ago \nDescription : Mite for Perl before 0.013000 generates code with the current working directory ('.') added to the @INC path similar to CVE-2016-1238.  \n  \nIf an attacker can place a malicious file in current working directory, it may be   \nloaded instead of the intended file, potentially leading to arbitrary   \ncode execution.  \n  \nThis affects the Mite distribution itself, and other distributions that contain code generated by Mite. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T05:15:40.000000Z"}]}