High Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source Info |
|---|---|---|---|---|
| Acer–ControlCenter | Acer ControlCenter contains Remote Code Execution vulnerability. The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing remote users with low privileges to interact with it and access its features. One such feature enables the execution of arbitrary programs as NT AUTHORITY/SYSTEM. By leveraging this, remote attackers can execute arbitrary code on the target system with elevated privileges. | 2025-06-13 | 8.8 | CVE-2025-5491 |
| Adobe–Acrobat Reader | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 7.8 | CVE-2025-43550 |
| Adobe–Acrobat Reader | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 7.8 | CVE-2025-43573 |
| Adobe–Acrobat Reader | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 7.8 | CVE-2025-43574 |
| Adobe–Acrobat Reader | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 7.8 | CVE-2025-43575 |
| Adobe–Acrobat Reader | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 7.8 | CVE-2025-43576 |
| Adobe–Acrobat Reader | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 7.8 | CVE-2025-43577 |
| Adobe–Adobe Commerce | Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 9.1 | CVE-2025-47110 |
| Adobe–Adobe Commerce | Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access leading to a limited impact to confidentiality and a high impact to integrity. Exploitation of this issue does not require user interaction. | 2025-06-10 | 8.2 | CVE-2025-43585 |
| Adobe–Adobe Commerce | Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized elevated access. Exploitation of this issue does not require user interaction. | 2025-06-10 | 8.1 | CVE-2025-43586 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. | 2025-06-10 | 8.7 | CVE-2025-46837 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. A low privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue requires user interaction. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. | 2025-06-10 | 8.7 | CVE-2025-46840 |
| Adobe–InCopy | InCopy versions 20.2, 19.5.3 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 7.8 | CVE-2025-30327 |
| Adobe–InCopy | InCopy versions 20.2, 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 7.8 | CVE-2025-47107 |
| Adobe–InDesign Desktop | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 7.8 | CVE-2025-30317 |
| Adobe–InDesign Desktop | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 7.8 | CVE-2025-43558 |
| Adobe–InDesign Desktop | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 7.8 | CVE-2025-43589 |
| Adobe–InDesign Desktop | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 7.8 | CVE-2025-43590 |
| Adobe–InDesign Desktop | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 7.8 | CVE-2025-43593 |
| Adobe–Substance3D – Painter | Substance3D – Painter versions 11.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 7.8 | CVE-2025-47108 |
| Adobe–Substance3D – Sampler | Substance3D – Sampler versions 5.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 7.8 | CVE-2025-43581 |
| Adobe–Substance3D – Sampler | Substance3D – Sampler versions 5.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 7.8 | CVE-2025-43588 |
| Alex Zaytseff–Multi CryptoCurrency Payments | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Alex Zaytseff Multi CryptoCurrency Payments allows SQL Injection. This issue affects Multi CryptoCurrency Payments: from n/a through 2.0.3. | 2025-06-09 | 9.3 | CVE-2025-48141 |
| Amazon–Cloud Cam | Amazon Cloud Cam is a home security camera that was deprecated on December 2, 2022, is end of life, and is no longer actively supported. When a user powers on the Amazon Cloud Cam, the device attempts to connect to a remote service infrastructure that has been deprecated due to end-of-life status. The device defaults to a pairing status in which an arbitrary user can bypass SSL pinning to associate the device to an arbitrary network, allowing for network traffic interception and modification. We recommend customers discontinue usage of any remaining Amazon Cloud Cams. | 2025-06-12 | 7.5 | CVE-2025-6031 |
| AMD–AMD EPYC 7002 Series Processors | Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto Co-Processor (CCP) registers from x86, resulting in potential loss of control of cryptographic key pointer/index, leading to loss of integrity or confidentiality. | 2025-06-10 | 7.9 | CVE-2023-20599 |
| AmentoTech–Workreap | The Workreap plugin for WordPress, used by the Workreap – Freelance Marketplace WordPress Theme, is vulnerable to authentication bypass in all versions up to, and including, 3.3.1. This is due to the plugin not properly verifying a user’s identity prior to logging them in when verifying an account with an email address. This makes it possible for unauthenticated attackers to log in as registered users, including administrators, if they know user’s email address. This is only exploitable fi the user’s confirmation_key has not already been set by the plugin. | 2025-06-12 | 9.8 | CVE-2025-4973 |
| AmentoTech–Workreap | The Workreap plugin for WordPress, used by the Workreap – Freelance Marketplace WordPress Theme, is vulnerable to arbitrary file uploads due to missing file type validation in the ‘workreap_temp_upload_to_media’ function in all versions up to, and including, 3.3.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site’s server which may make remote code execution possible. | 2025-06-12 | 8.8 | CVE-2025-5012 |
| AmentoTech–WP Guppy | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in AmentoTech WP Guppy allows SQL Injection. This issue affects WP Guppy: from n/a through 4.3.3. | 2025-06-09 | 8.5 | CVE-2025-31920 |
| AncoraThemes–Inset | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in AncoraThemes Inset allows PHP Local File Inclusion. This issue affects Inset: from n/a through 1.18.0. | 2025-06-09 | 8.1 | CVE-2025-26592 |
| appthaplugins–Apptha Slider Gallery | Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in appthaplugins Apptha Slider Gallery allows Path Traversal. This issue affects Apptha Slider Gallery: from n/a through 2.5. | 2025-06-09 | 7.5 | CVE-2025-31050 |
| Arcadia Technology, LLC–Crafty Controller | An input neutralization vulnerability in the Server Name form and API Key form components of Crafty Controller allows a remote, authenticated attacker to perform stored XSS via malicious form input. | 2025-06-15 | 7.6 | CVE-2025-5990 |
| Archify–Archify | The Archify application contains a local privilege escalation vulnerability due to insufficient client validation in its privileged helper tool, com.oct4pie.archifyhelper, which is exposed via XPC. Archify follows the “factored applications” model, delegating privileged operations-such as arbitrary file deletion and file permission changes-to this helper running as root. However, the helper does not verify the code signature, entitlements, or signing flags of the connecting client. Although macOS provides secure validation mechanisms like auditToken, these are not implemented. As a result, any local process can establish a connection to the helper and invoke privileged functionality, leading to unauthorized execution of actions with root-level privileges. | 2025-06-10 | 7.8 | CVE-2024-9062 |
| Autodesk–Installer | A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the Autodesk Installer application. Exploitation of this vulnerability may lead to code execution. | 2025-06-10 | 7.8 | CVE-2025-5335 |
| Avaya–Avaya Call Management System | An improper input validation discovered in Avaya Call Management System could allow an unauthorized remote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0. | 2025-06-10 | 9.9 | CVE-2025-1041 |
| AVEVA–PI Data Archive | AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if exploited, could allow an authenticated user to shut down certain necessary PI Data Archive subsystems, resulting in a denial of service. Depending on the timing of the crash, data present in snapshots/write cache may be lost. | 2025-06-12 | 7.1 | CVE-2025-44019 |
| BlackBerry–QNX Software Development Platform (SDP) | Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec. | 2025-06-10 | 9.8 | CVE-2025-2474 |
| Broadcom–BCM5820X | An out-of-bounds read vulnerability exists in the cv_send_blockdata functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an information leak. An attacker can issue an API call to trigger this vulnerability. | 2025-06-13 | 8.4 | CVE-2025-24311 |
| Broadcom–BCM5820X | A deserialization of untrusted input vulnerability exists in the cvhDecapsulateCmd functionality of Dell ControlVault3 prior to 5.15.10.14 and ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault response to a command can lead to arbitrary code execution. An attacker can compromise a ControlVault firmware and have it craft a malicious response to trigger this vulnerability. | 2025-06-13 | 8.1 | CVE-2025-24919 |
| Broadcom–BCM5820X | A stack-based buffer overflow vulnerability exists in the securebio_identify functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted malicious cv_object can lead to a arbitrary code execution. An attacker can issue an API call to trigger this vulnerability. | 2025-06-13 | 8.8 | CVE-2025-24922 |
| Broadcom–BCM5820X | An out-of-bounds write vulnerability exists in the cv_upgrade_sensor_firmware functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault 3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an out-of-bounds write. An attacker can issue an API call to trigger this vulnerability. | 2025-06-13 | 8.8 | CVE-2025-25050 |
| Broadcom–BCM5820X | An arbitrary free vulnerability exists in the cv_close functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an arbitrary free. An attacker can forge a fake session to trigger this vulnerability. | 2025-06-13 | 8.8 | CVE-2025-25215 |
| BZOTheme–CraftXtore | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in BZOTheme CraftXtore allows PHP Local File Inclusion. This issue affects CraftXtore: from n/a through 1.7. | 2025-06-09 | 8.1 | CVE-2025-24770 |
| BZOTheme–Fitrush | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in BZOTheme Fitrush allows PHP Local File Inclusion. This issue affects Fitrush: from n/a through 1.3.4. | 2025-06-09 | 8.1 | CVE-2023-26005 |
| BZOTheme–GiftXtore | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in BZOTheme GiftXtore allows PHP Local File Inclusion. This issue affects GiftXtore: from n/a through 1.7.4. | 2025-06-09 | 8.1 | CVE-2025-28888 |
| BZOTheme–Petito | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in BZOTheme Petito allows PHP Local File Inclusion. This issue affects Petito: from n/a through 1.6.2. | 2025-06-09 | 8.1 | CVE-2025-27362 |
| BZOTheme–Zagg – Electronics & Accessories WooCommerce WordPress Theme | The Zagg – Electronics & Accessories WooCommerce WordPress Theme theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.1 via the load_view() function that is called via at least three AJAX actions: ‘load_more_post’, ‘load_shop’, and ‘load_more_product. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. | 2025-06-14 | 8.1 | CVE-2025-4200 |
| caido–caido | Caido is a web security auditing toolkit. Prior to version 0.48.0, due to the lack of protection for DNS rebinding, Caido can be loaded on an attacker-controlled domain. This allows a malicious website to hijack the authentication flow of Caido and achieve code execution. A malicious website loaded in the browser can hijack the locally running Caido instance and achieve remote command execution during the initial setup. Even if the Caido instance is already configured, an attacker can initiate the authentication flow by performing DNS rebinding. In this case, the victim needs to authorize the request on dashboard.caido.io. Users should upgrade to version 0.48.0 to receive a patch. | 2025-06-09 | 7.5 | CVE-2025-49004 |
| code-projects–Laundry System | A vulnerability classified as critical has been found in code-projects Laundry System 1.0. This affects an unknown part of the file /data/. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 7.3 | CVE-2025-5906 |
| code-projects–Restaurant Order System | A vulnerability classified as critical was found in code-projects Restaurant Order System 1.0. This vulnerability affects unknown code of the file /order.php. The manipulation of the argument tabidNoti leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 7.3 | CVE-2025-5980 |
| code-projects–School Fees Payment System | A vulnerability was found in code-projects School Fees Payment System 1.0 and classified as critical. This issue affects some unknown processing of the file /datatable.php. The manipulation of the argument sSortDir_0 leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 7.3 | CVE-2025-5977 |
| code-projects–School Fees Payment System | A vulnerability classified as critical has been found in code-projects School Fees Payment System 1.0. This affects an unknown part of the file /branch.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 7.3 | CVE-2025-5979 |
| code-projects–School Fees Payment System | A vulnerability was found in code-projects School Fees Payment System 1.0 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to improper authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 7.3 | CVE-2025-5985 |
| codesiddhant–Jasmin Ransomware | A vulnerability, which was classified as critical, was found in codesiddhant Jasmin Ransomware 1.0.1. Affected is an unknown function of the file /checklogin.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-15 | 7.3 | CVE-2025-6095 |
| cubewp1211–CubeWP All-in-One Dynamic Content Framework | The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.23. This is due to the plugin allowing a user to update arbitrary user meta through the update_user_meta() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to elevate their privileges to that of an administrator. | 2025-06-11 | 8.8 | CVE-2025-4315 |
| CyberData–011209 SIP Emergency Intercom | CyberData 011209 Intercom could allow an unauthenticated user access to the Web Interface through an alternate path. | 2025-06-09 | 9.8 | CVE-2025-30184 |
| CyberData–011209 SIP Emergency Intercom | CyberData 011209 Intercom could allow an authenticated attacker to upload arbitrary files to multiple locations within the system. | 2025-06-09 | 9.8 | CVE-2025-30515 |
| CyberData–011209 SIP Emergency Intercom | CyberData 011209 Intercom exposes features that could allow an unauthenticated to gain access and cause a denial-of-service condition or system disruption. | 2025-06-09 | 7.5 | CVE-2025-26468 |
| CyberData–011209 SIP Emergency Intercom | CyberData 011209 Intercom does not properly store or protect web server admin credentials. | 2025-06-09 | 7.5 | CVE-2025-30183 |
| D-Link–DIR-632 | A vulnerability was found in D-Link DIR-632 FW103B08. It has been declared as critical. This vulnerability affects the function do_file of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | 2025-06-10 | 8.8 | CVE-2025-5912 |
| D-Link–DIR-632 | A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function FUN_00425fd8 of the file /biurl_grou of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | 2025-06-10 | 8.8 | CVE-2025-5969 |
| Dell–iDRAC Tools | Dell iDRAC Tools, version(s) prior to 11.3.0.0, contain(s) an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | 2025-06-12 | 7.8 | CVE-2025-27689 |
| Dell–Smart Dock | Dell Smart Dock Firmware, versions prior to 01.00.08.01, contain an Insertion of Sensitive Information into Log File vulnerability. A user with local access could potentially exploit this vulnerability, leading to Information disclosure. | 2025-06-12 | 7.1 | CVE-2025-36573 |
| Dell–Wyse Management Suite | Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Absolute Path Traversal vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and Unauthorized access. | 2025-06-10 | 8.2 | CVE-2025-36574 |
| Dell–Wyse Management Suite | Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | 2025-06-10 | 7.5 | CVE-2025-36575 |
| discourse–discourse | Discourse is an open-source discussion platform. Prior to version 3.4.4 of the `stable` branch, version 3.5.0.beta5 of the `beta` branch, and version 3.5.0.beta6-dev of the `tests-passed` branch, certain invites via email may result in HTML injection in the email body if the topic title includes HTML. This includes inviting someone (without an account) to a PM and inviting someone (without an account) to a topic with a custom message. This issue is patched in version 3.4.4 of the `stable` branch, version 3.5.0.beta5 of the `beta` branch, and version 3.5.0.beta6-dev of the `tests-passed` branch. This can be worked around if the relevant templates are overridden without `{topic_title}`. | 2025-06-09 | 7.1 | CVE-2025-48062 |
| Elastic–Kibana | Improper authorization in Kibana can lead to privilege abuse via a direct HTTP request to a Synthetic monitor endpoint. | 2025-06-10 | 7.6 | CVE-2024-43706 |
| elfsight–elfsight Contact Form widget | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in elfsight elfsight Contact Form widget allows Retrieve Embedded Sensitive Data. This issue affects elfsight Contact Form widget: from n/a through 2.3.1. | 2025-06-09 | 7.5 | CVE-2025-31045 |
| facturaone–TicketBAI Facturas para WooCommerce | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in facturaone TicketBAI Facturas para WooCommerce allows Blind SQL Injection. This issue affects TicketBAI Facturas para WooCommerce: from n/a through 3.19. | 2025-06-09 | 9.3 | CVE-2025-24767 |
| Fahad Mahmood–Stock Locations for WooCommerce | Missing Authorization vulnerability in Fahad Mahmood Stock Locations for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Stock Locations for WooCommerce: from n/a through 2.8.6. | 2025-06-09 | 7.1 | CVE-2025-47463 |
| FantasticPlugins–SUMO Affiliates Pro | Unrestricted Upload of File with Dangerous Type vulnerability in FantasticPlugins SUMO Affiliates Pro allows Using Malicious Files. This issue affects SUMO Affiliates Pro: from n/a through 10.7.0. | 2025-06-09 | 10 | CVE-2025-32291 |
| Fortinet–FortiADC | An Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability [CWE-78] in FortiADC 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2.0 through 7.2.7, 7.1.0 through 7.1.4, 7.0 all versions, 6.2 all versions, 6.1 all versions may allow an authenticated attacker to execute unauthorized code via crafted HTTP requests. | 2025-06-10 | 7 | CVE-2025-31104 |
| Frenify–Arlo | Path Traversal vulnerability in Frenify Arlo allows PHP Local File Inclusion. This issue affects Arlo: from n/a through 6.0.3. | 2025-06-09 | 8.1 | CVE-2025-39475 |
| g5theme–Essential Real Estate | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in g5theme Essential Real Estate allows PHP Local File Inclusion. This issue affects Essential Real Estate: from n/a through 5.2.1. | 2025-06-09 | 8.1 | CVE-2025-48126 |
| gamerz–WP-DownloadManager | The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on the directory a file can be deleted from in all versions up to, and including, 1.68.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This vulnerability can be paired with CVE-2025-4798 to delete any file within the WordPress root directory. | 2025-06-11 | 7.2 | CVE-2025-4799 |
| gavias–Krowd | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in gavias Krowd allows PHP Local File Inclusion. This issue affects Krowd: from n/a through 1.4.1. | 2025-06-09 | 8.1 | CVE-2025-32595 |
| geoserver–geoserver | GeoServer is an open source server that allows users to share and edit geospatial data. An improper URI validation vulnerability exists that enables an unauthorized attacker to perform XML External Entities (XEE) attack, then send GET request to any HTTP server. By default, GeoServer use PreventLocalEntityResolver class from GeoTools to filter out malicious URIs in XML entities before resolving them. The URI must match the regex (?i)(jar:file|http|vfs)[^?#;]*\.xsd. But the regex leaves a chance for attackers to request to any HTTP server or limited file. Attacker can abuse this to scan internal networks and gain information about them then exploit further. GeoServer 2.25.0 and greater default to the use of ENTITY_RESOLUTION_ALLOWLIST and does not require you to provide a system property. | 2025-06-10 | 9.3 | CVE-2024-34711 |
| geoserver–geoserver | GeoServer is an open source server that allows users to share and edit geospatial data. GeoTools Schema class use of Eclipse XSD library to represent schema data structure is vulnerable to XML External Entity (XXE) exploit. This impacts whoever exposes XML processing with gt-xsd-core involved in parsing, when the documents carry a reference to an external XML schema. The gt-xsd-core Schemas class is not using the EntityResolver provided by the ParserHandler (if any was configured). This also impacts users of gt-wfs-ng DataStore where the ENTITY_RESOLVER connection parameter was not being used as intended. This vulnerability is fixed in GeoTools 33.1, 32.3, 31.7, and 28.6.1, GeoServer 2.27.1, 2.26.3, and 2.25.7, and GeoNetwork 4.4.8 and 4.2.13. | 2025-06-10 | 9.9 | CVE-2025-30220 |
| geoserver–geoserver | GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. It possible to achieve Service Side Request Forgery (SSRF) via the Demo request endpoint if Proxy Base URL has not been set. Upgrading to GeoServer 2.24.4, or 2.25.2, removes the TestWfsPost servlet resolving this issue. | 2025-06-10 | 7.5 | CVE-2024-29198 |
| geoserver–geoserver | GeoServer is an open source server that allows users to share and edit geospatial data. Malicious Jiffle scripts can be executed by GeoServer, either as a rendering transformation in WMS dynamic styles or as a WPS process, that can enter an infinite loop to trigger denial of service. This vulnerability is fixed in 2.27.0, 2.26.3, and 2.25.7. This vulnerability can be mitigated by disabling WMS dynamic styling and the Jiffle process. | 2025-06-10 | 7.5 | CVE-2025-30145 |
| GFI–Archiver | The ArchiverSpaApi ASP.NET application uses a hard-coded JWT signing key. An unauthenticated remote attacker can generate and use a verifiable JWT token to access protected ArchiverSpaApi URL endpoints. | 2025-06-10 | 8.1 | CVE-2025-35940 |
| GitLab–GitLab | An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Improper output encoding in the snipper viewer functionality lead to Cross-Site scripting attacks. | 2025-06-12 | 8.7 | CVE-2025-2254 |
| GitLab–GitLab | An issue has been discovered in GitLab CE/EE affecting all versions starting with 18.0 before 18.0.2. Under certain conditions html injection in new search page could lead to account takeover. | 2025-06-12 | 8.7 | CVE-2025-4278 |
| GitLab–GitLab | An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2, allow an attacker to trigger an infinite redirect loop, potentially leading to a denial of service condition. | 2025-06-12 | 7.5 | CVE-2025-0673 |
| H3C–GR-3000AX | A vulnerability was found in H3C GR-3000AX V100R007L50. It has been classified as critical. Affected is the function UpdateWanParamsMulti/UpdateIpv6Params of the file /routing/goform/aspForm. The manipulation of the argument param leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor confirms the existence of this issue. Because they assess the risk as low, they do not have immediate plans for remediation. | 2025-06-15 | 8.8 | CVE-2025-6091 |
| H3C–GR-5400AX | A vulnerability was found in H3C GR-5400AX V100R009L50 and classified as critical. This issue affects the function UpdateWanparamsMulti/UpdateIpv6params of the file /routing/goform/aspForm. The manipulation of the argument param leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor confirms the existence of this issue. Because they assess the risk as low, they do not have immediate plans for remediation. | 2025-06-15 | 8.8 | CVE-2025-6090 |
| HashiCorp–Nomad | Nomad Community and Nomad Enterprise (“Nomad”) prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14. | 2025-06-11 | 8.1 | CVE-2025-4922 |
| haxtheweb–issues | HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, the application does not sufficiently sanitize user input, allowing for the execution of arbitrary JavaScript code. The ‘saveNode’ and ‘saveManifest’ endpoints take user input and store it in the JSON schema for the site. This content is then rendered in the generated HAX site. Although the application does not allow users to supply a `script` tag, it does allow the use of other HTML tags to run JavaScript. Version 11.0.0 fixes the issue. | 2025-06-09 | 8.5 | CVE-2025-49137 |
| haxtheweb–issues | HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.3, the `gitImportSite` functionality obtains a URL string from a POST request and insufficiently validates user input. The `set_remote` function later passes this input into `proc_open`, yielding OS command injection. An authenticated attacker can craft a URL string that bypasses the validation checks employed by the `filter_var` and `strpos` functions in order to execute arbitrary OS commands on the backend server. The attacker can exfiltrate command output via an HTTP request. Version 11.0.3 contains a patch for the issue. | 2025-06-09 | 8.6 | CVE-2025-49141 |
| Hewlett Packard Enterprise (HPE)–HPE Aruba Networking Private 5G Core | A vulnerability in the APIs of HPE Aruba Networking Private 5G Core could potentially expose sensitive information to unauthorized users. A successful exploitation could allow an attacker to iteratively navigate through the filesystem and ultimately download protected system files containing sensitive information. | 2025-06-10 | 7.7 | CVE-2025-37100 |
| Hikvision–DS-3WAP622G-SI | Some Hikvision Wireless Access Point are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution. | 2025-06-13 | 7.2 | CVE-2025-39240 |
| Holest Engineering–Spreadsheet Price Changer for WooCommerce and WP E-commerce Light | Improper Control of Generation of Code (‘Code Injection’) vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light allows Code Injection. This issue affects Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light: from n/a through 2.4.37. | 2025-06-09 | 10 | CVE-2025-48123 |
| Holest Engineering–Spreadsheet Price Changer for WooCommerce and WP E-commerce Light | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light allows SQL Injection. This issue affects Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light: from n/a through 2.4.37. | 2025-06-09 | 9.3 | CVE-2025-48122 |
| Holest Engineering–Spreadsheet Price Changer for WooCommerce and WP E-commerce Light | Incorrect Privilege Assignment vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light allows Privilege Escalation. This issue affects Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light: from n/a through 2.4.37. | 2025-06-09 | 9.8 | CVE-2025-48129 |
| Holest Engineering–Spreadsheet Price Changer for WooCommerce and WP E-commerce Light | Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light allows Path Traversal. This issue affects Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light: from n/a through 2.4.37. | 2025-06-09 | 7.5 | CVE-2025-48124 |
| Honding Technology–Smart Parking Management System | Smart Parking Management System from Honding Technology has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to access a specific page and obtain plaintext administrator credentials. | 2025-06-09 | 9.8 | CVE-2025-5893 |
| Honding Technology–Smart Parking Management System | Smart Parking Management System from Honding Technology has a Missing Authorization vulnerability, allowing remote attackers with regular privileges to access a specific functionality to create administrator accounts, and subsequently log into the system using those accounts. | 2025-06-09 | 8.8 | CVE-2025-5894 |
| IBM–AIX | IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary code due to improper neutralization of pathname input. | 2025-06-10 | 8.4 | CVE-2025-33112 |
| IBM–Backup Recovery and Media Services for i | IBM Backup, Recovery and Media Services for i 7.4 and 7.5 could allow a user with the capability to compile or restore a program to gain elevated privileges due to a library unqualified call made by a BRMS program. A malicious actor could cause user-controlled code to run with component access to the host operating system. | 2025-06-14 | 8.5 | CVE-2025-33108 |
| IBM–Cognos Analytics | IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 could allow an authenticated user to cause a denial of service by sending a specially crafted request that would exhaust memory resources. | 2025-06-11 | 7.5 | CVE-2025-25032 |
| IBM–Security Verify Directory | IBM Security Verify Directory Container 10.0.0.0 through 10.0.3.1 could allow a local user to execute commands as root due to execution with unnecessary privileges. | 2025-06-15 | 7.8 | CVE-2025-1411 |
| Icegram–Icegram Collect Easy Form, Lead Collection and Subscription plugin | Missing Authorization vulnerability in Icegram Icegram Collect – Easy Form, Lead Collection and Subscription plugin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Icegram Collect – Easy Form, Lead Collection and Subscription plugin: from n/a through 1.3.18. | 2025-06-09 | 7.1 | CVE-2025-47527 |
| ifkooo–One-Login | Incorrect Privilege Assignment vulnerability in ifkooo One-Login allows Privilege Escalation. This issue affects One-Login: from n/a through 1.4. | 2025-06-09 | 8.1 | CVE-2025-23974 |
| Infility–Infility Global | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Infility Infility Global allows SQL Injection. This issue affects Infility Global: from n/a through 2.12.4. | 2025-06-09 | 8.5 | CVE-2025-47651 |
| InspiryThemes–RH – Real Estate WordPress Theme | The “RH – Real Estate WordPress Theme” theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 4.4.0. This is due to the theme not properly restricting user roles that can be updated as part of the inspiry_update_profile() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to set their role to that of an administrator. The vulnerability was partially patched in version 4.4.0, and fully patched in version 4.4.1. | 2025-06-10 | 8.8 | CVE-2025-4601 |
| Insyde Software–InsydeH2O | Running the provided utility changes the certificate on any Insyde BIOS and then the attached .efi file can be launched. | 2025-06-11 | 7.8 | CVE-2025-4275 |
| Ivanti–Workspace Control | A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials. | 2025-06-10 | 8.8 | CVE-2025-22455 |
| Ivanti–Workspace Control | A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL credentials. | 2025-06-10 | 8.8 | CVE-2025-5353 |
| Ivanti–Workspace Control | A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password. | 2025-06-10 | 7.3 | CVE-2025-22463 |
| kamleshyadav–WP Lead Capturing Pages | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in kamleshyadav WP Lead Capturing Pages allows Blind SQL Injection. This issue affects WP Lead Capturing Pages: from n/a through 2.3. | 2025-06-09 | 9.3 | CVE-2025-31424 |
| KDE–Konsole | KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet:// or rlogin:// URL. This can be executed regardless of whether the ssh, telnet, or rlogin binary is available. In this mode, there is a code path where if that binary is not available, Konsole falls back to using /bin/bash for the given arguments (i.e., the URL) provided. This allows an attacker to execute arbitrary code. | 2025-06-11 | 8.2 | CVE-2025-49091 |
| knadh–listmonk | listmonk is a standalone, self-hosted, newsletter and mailing list manager. Starting in version 4.0.0 and prior to version 5.0.2, the `env` and `expandenv` template functions which is enabled by default in Sprig enables capturing of env variables on host. While this may not be a problem on single-user (super admin) installations, on multi-user installations, this allows non-super-admin users with campaign or template permissions to use the `{{ env }}` template expression to capture sensitive environment variables. Users should upgrade to v5.0.2 to mitigate the issue. | 2025-06-09 | 9.1 | CVE-2025-49136 |
| Lablup–BackendAI | Missing Authentication in the registration feature of Lablup’s BackendAI allows arbitrary users to create user accounts that can access private data even when registration is disabled. | 2025-06-09 | 9.8 | CVE-2025-49652 |
| Lablup–BackendAI | Missing Authorization in Lablup’s BackendAI allows attackers to takeover all active sessions; Accessing, stealing, or altering any data accessible in the session. This vulnerability exists in all current versions of BackendAI. | 2025-06-09 | 8.1 | CVE-2025-49651 |
| Lablup–BackendAI | Exposure of sensitive data in active sessions in Lablup’s BackendAI allows attackers to retrieve credentials for users on the management platform. | 2025-06-09 | 8 | CVE-2025-49653 |
| LambertGroup–CLEVER | Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in LambertGroup CLEVER allows Path Traversal. This issue affects CLEVER: from n/a through 2.6. | 2025-06-09 | 7.5 | CVE-2025-31635 |
| LambertGroup–Revolution Video Player | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in LambertGroup Revolution Video Player allows Reflected XSS. This issue affects Revolution Video Player: from n/a through 2.9.2. | 2025-06-09 | 7.1 | CVE-2025-31058 |
| LambertGroup–SHOUT | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in LambertGroup SHOUT allows Reflected XSS. This issue affects SHOUT: from n/a through 3.5.3. | 2025-06-09 | 7.1 | CVE-2025-31925 |
| LambertGroup–Sticky Radio Player | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in LambertGroup Sticky Radio Player allows Reflected XSS. This issue affects Sticky Radio Player: from n/a through 3.4. | 2025-06-09 | 7.1 | CVE-2025-31426 |
| LambertGroup–Universal Video Player | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in LambertGroup Universal Video Player allows Reflected XSS. This issue affects Universal Video Player: from n/a through 1.4.0. | 2025-06-09 | 7.1 | CVE-2025-31057 |
| LambertGroup–Universal Video Player | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in LambertGroup Universal Video Player allows Reflected XSS. This issue affects Universal Video Player: from n/a through 3.8.3. | 2025-06-09 | 7.1 | CVE-2025-31917 |
| LoftOcean–CozyStay | Deserialization of Untrusted Data vulnerability in LoftOcean CozyStay allows Object Injection.This issue affects CozyStay: from n/a before 1.7.1. | 2025-06-10 | 9.8 | CVE-2025-49507 |
| LoftOcean–TinySalt | Deserialization of Untrusted Data vulnerability in LoftOcean TinySalt allows Object Injection.This issue affects TinySalt: from n/a before 3.10.0. | 2025-06-10 | 9.8 | CVE-2025-49455 |
| LoftOcean–TinySalt | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in LoftOcean TinySalt allows PHP Local File Inclusion.This issue affects TinySalt: from n/a before 3.10.0. | 2025-06-10 | 8.1 | CVE-2025-49454 |
| looks_awesome–Team Builder | Missing Authorization vulnerability in looks_awesome Team Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Team Builder: from n/a through 1.5.7. | 2025-06-09 | 7.6 | CVE-2025-32308 |
| magentech–Revo | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in magentech Revo allows PHP Local File Inclusion. This issue affects Revo: from n/a through 4.0.26. | 2025-06-09 | 7.5 | CVE-2025-39476 |
| ManageEngine–ADAudit Plus | Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the Service Account Auditing reports. | 2025-06-09 | 8.3 | CVE-2025-27709 |
| ManageEngine–ADAudit Plus | Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in Service Account Auditing reports. | 2025-06-09 | 8.3 | CVE-2025-36528 |
| ManageEngine–ADAudit Plus | Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the alerts module. | 2025-06-09 | 8.3 | CVE-2025-41444 |
| ManageEngine–Exchange Reporter Plus | Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote code execution in the Content Search module. | 2025-06-09 | 9.6 | CVE-2025-3835 |
| metalpriceapi–MetalpriceAPI | Improper Control of Generation of Code (‘Code Injection’) vulnerability in metalpriceapi MetalpriceAPI allows Code Injection. This issue affects MetalpriceAPI: from n/a through 1.1.4. | 2025-06-09 | 9.9 | CVE-2025-48140 |
| MicroDicom–DICOM Viewer | MicroDicom DICOM Viewer suffers from an out-of-bounds write vulnerability. Remote attackers are able to exploit this issue to potentially execute arbitrary code on affected installations of DICOM Viewer. User interaction is required to exploit the vulnerability in that the user must either visit a malicious website or open a malicious DICOM file locally. | 2025-06-10 | 8.8 | CVE-2025-5943 |
| Microsoft–.NET 8.0 | Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network. | 2025-06-13 | 7.5 | CVE-2025-30399 |
| Microsoft–Microsoft 365 Apps for Enterprise | Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. | 2025-06-10 | 8.4 | CVE-2025-32717 |
| Microsoft–Microsoft 365 Apps for Enterprise | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | 2025-06-10 | 8.4 | CVE-2025-47957 |
| Microsoft–Microsoft 365 Apps for Enterprise | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | 2025-06-10 | 7.8 | CVE-2025-47170 |
| Microsoft–Microsoft 365 Apps for Enterprise | Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | 2025-06-10 | 7.8 | CVE-2025-47174 |
| Microsoft–Microsoft 365 Apps for Enterprise | ‘…/…//’ in Microsoft Office Outlook allows an authorized attacker to execute code locally. | 2025-06-10 | 7.8 | CVE-2025-47176 |
| Microsoft–Microsoft 365 Copilot | Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. | 2025-06-11 | 9.3 | CVE-2025-32711 |
| Microsoft–Microsoft AutoUpdate for Mac | Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. | 2025-06-10 | 7.8 | CVE-2025-47968 |
| Microsoft–Microsoft Office 2019 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | 2025-06-10 | 8.4 | CVE-2025-47162 |
| Microsoft–Microsoft Office 2019 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | 2025-06-10 | 8.4 | CVE-2025-47164 |
| Microsoft–Microsoft Office 2019 | Access of resource using incompatible type (‘type confusion’) in Microsoft Office allows an unauthorized attacker to execute code locally. | 2025-06-10 | 8.4 | CVE-2025-47167 |
| Microsoft–Microsoft Office 2019 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | 2025-06-10 | 8.4 | CVE-2025-47953 |
| Microsoft–Microsoft Office 2019 | Improper input validation in Microsoft Office allows an unauthorized attacker to execute code locally. | 2025-06-10 | 7.8 | CVE-2025-47173 |
| Microsoft–Microsoft Office 2019 | Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | 2025-06-10 | 7.8 | CVE-2025-47175 |
| Microsoft–Microsoft SharePoint Enterprise Server 2016 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | 2025-06-10 | 8.8 | CVE-2025-47163 |
| Microsoft–Microsoft SharePoint Enterprise Server 2016 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | 2025-06-10 | 8.8 | CVE-2025-47166 |
| Microsoft–Microsoft SharePoint Enterprise Server 2016 | Improper neutralization of special elements used in an sql command (‘sql injection’) in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | 2025-06-10 | 8.8 | CVE-2025-47172 |
| Microsoft–Microsoft SharePoint Enterprise Server 2016 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | 2025-06-10 | 7.8 | CVE-2025-47168 |
| Microsoft–Microsoft SharePoint Enterprise Server 2016 | Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. | 2025-06-10 | 7.8 | CVE-2025-47169 |
| Microsoft–Microsoft Visual Studio 2022 version 17.12 | Improper neutralization of special elements used in a command (‘command injection’) in Visual Studio allows an authorized attacker to execute code over a network. | 2025-06-13 | 7.1 | CVE-2025-47959 |
| Microsoft–Nuance Digital Engagement Platform | Improper neutralization of input during web page generation (‘cross-site scripting’) in Nuance Digital Engagement Platform allows an unauthorized attacker to perform spoofing over a network. | 2025-06-10 | 8.2 | CVE-2025-47977 |
| Microsoft–Office Online Server | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | 2025-06-10 | 7.8 | CVE-2025-47165 |
| Microsoft–Windows 10 Version 1809 | External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network. | 2025-06-10 | 8.8 | CVE-2025-33053 |
| Microsoft–Windows 10 Version 1809 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | 2025-06-10 | 8.8 | CVE-2025-33064 |
| Microsoft–Windows 10 Version 1809 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | 2025-06-10 | 8.8 | CVE-2025-33066 |
| Microsoft–Windows 10 Version 1809 | Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally. | 2025-06-10 | 8.4 | CVE-2025-33067 |
| Microsoft–Windows 10 Version 1809 | Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network. | 2025-06-10 | 8.1 | CVE-2025-33070 |
| Microsoft–Windows 10 Version 1809 | Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network. | 2025-06-10 | 8.8 | CVE-2025-33073 |
| Microsoft–Windows 10 Version 1809 | Use after free in Windows Win32K – GRFX allows an authorized attacker to elevate privileges locally. | 2025-06-10 | 7.8 | CVE-2025-32712 |
| Microsoft–Windows 10 Version 1809 | Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | 2025-06-10 | 7.8 | CVE-2025-32713 |
| Microsoft–Windows 10 Version 1809 | Improper access control in Windows Installer allows an authorized attacker to elevate privileges locally. | 2025-06-10 | 7.8 | CVE-2025-32714 |
| Microsoft–Windows 10 Version 1809 | Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally. | 2025-06-10 | 7.8 | CVE-2025-32716 |
| Microsoft–Windows 10 Version 1809 | Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally. | 2025-06-10 | 7.8 | CVE-2025-32718 |
| Microsoft–Windows 10 Version 1809 | Improper link resolution before file access (‘link following’) in Windows Recovery Driver allows an authorized attacker to elevate privileges locally. | 2025-06-10 | 7.3 | CVE-2025-32721 |
| Microsoft–Windows 10 Version 1809 | Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network. | 2025-06-10 | 7.5 | CVE-2025-32724 |
| Microsoft–Windows 10 Version 1809 | Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized attacker to deny service over a network. | 2025-06-10 | 7.5 | CVE-2025-33056 |
| Microsoft–Windows 10 Version 1809 | Improper link resolution before file access (‘link following’) in Windows Installer allows an authorized attacker to elevate privileges locally. | 2025-06-10 | 7.8 | CVE-2025-33075 |
| Microsoft–Windows 10 Version 1809 | Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. | 2025-06-10 | 7.8 | CVE-2025-47955 |
| Microsoft–Windows SDK | Improper access control in Windows SDK allows an authorized attacker to elevate privileges locally. | 2025-06-10 | 7.8 | CVE-2025-47962 |
| Microsoft–Windows Server 2019 | Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. | 2025-06-10 | 8.1 | CVE-2025-32710 |
| Microsoft–Windows Server 2019 | Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. | 2025-06-10 | 8.1 | CVE-2025-33071 |
| Microsoft–Windows Server 2019 | Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network. | 2025-06-10 | 7.5 | CVE-2025-32725 |
| Microsoft–Windows Server 2019 | Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network. | 2025-06-10 | 7.5 | CVE-2025-33050 |
| Microsoft–Windows Server 2019 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | 2025-06-10 | 7.5 | CVE-2025-33068 |
| Microsoft–Windows Server 2022 | Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a network. | 2025-06-10 | 8.1 | CVE-2025-29828 |
| Mikado-Themes–GrandPrix | Path Traversal vulnerability in Mikado-Themes GrandPrix allows PHP Local File Inclusion. This issue affects GrandPrix: from n/a through 1.6. | 2025-06-09 | 8.1 | CVE-2025-49296 |
| Mikado-Themes–Grill and Chow | Path Traversal vulnerability in Mikado-Themes Grill and Chow allows PHP Local File Inclusion. This issue affects Grill and Chow: from n/a through 1.6. | 2025-06-09 | 8.1 | CVE-2025-49297 |
| Mikado-Themes–MediClinic | Path Traversal vulnerability in Mikado-Themes MediClinic allows PHP Local File Inclusion. This issue affects MediClinic: from n/a through 2.1. | 2025-06-09 | 8.1 | CVE-2025-49295 |
| miniOrange–Password Policy Manager | Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Password Policy Manager password-policy-manager allows Authentication Abuse.This issue affects Password Policy Manager: from n/a through 2.0.4. | 2025-06-09 | 8.8 | CVE-2025-31019 |
| moreconvert–MC Woocommerce Wishlist | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in moreconvert MC Woocommerce Wishlist allows Reflected XSS. This issue affects MC Woocommerce Wishlist: from n/a through 1.9.1. | 2025-06-09 | 7.1 | CVE-2025-47487 |
| MultiVendorX–MultiVendorX | Insertion of Sensitive Information Into Sent Data vulnerability in MultiVendorX MultiVendorX allows Retrieve Embedded Sensitive Data. This issue affects MultiVendorX: from n/a through 4.2.22. | 2025-06-09 | 7.5 | CVE-2025-48261 |
| mystyleplatform–MyStyle Custom Product Designer | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in mystyleplatform MyStyle Custom Product Designer allows Blind SQL Injection. This issue affects MyStyle Custom Product Designer: from n/a through 3.21.1. | 2025-06-09 | 9.3 | CVE-2025-48281 |
| n/a–RT-Thread | A vulnerability was found in RT-Thread 5.1.0. It has been rated as critical. Affected by this issue is the function sys_select of the file rt-thread/components/lwp/lwp_syscall.c of the component Parameter Handler. The manipulation of the argument timeout leads to memory corruption. The vendor explains, that “[t]he timeout parameter should be checked to check if it can be accessed correctly in kernel mode and used temporarily in kernel memory.” | 2025-06-09 | 8 | CVE-2025-5865 |
| n/a–RT-Thread | A vulnerability classified as critical has been found in RT-Thread 5.1.0. This affects the function sys_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index. | 2025-06-09 | 8 | CVE-2025-5866 |
| n/a–RT-Thread | A vulnerability classified as critical was found in RT-Thread 5.1.0. This vulnerability affects the function csys_sendto of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument to leads to null pointer dereference. | 2025-06-09 | 8 | CVE-2025-5867 |
| n/a–RT-Thread | A vulnerability, which was classified as critical, has been found in RT-Thread 5.1.0. This issue affects the function sys_thread_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index. | 2025-06-09 | 8 | CVE-2025-5868 |
| n/a–RT-Thread | A vulnerability, which was classified as critical, was found in RT-Thread 5.1.0. Affected is the function sys_recvfrom of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument from leads to memory corruption. | 2025-06-09 | 8 | CVE-2025-5869 |
| n/a–Zend.To | A vulnerability, which was classified as critical, has been found in Zend.To up to 6.10-6 Beta. This issue affects the function exec of the file NSSDropoff.php. The manipulation of the argument file_1 leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 6.10-7 is able to address this issue. It is recommended to upgrade the affected component. This affects a rather old version of the software. The vendor recommends updating to the latest release. Additional countermeasures have been added in 6.15-8. | 2025-06-10 | 7.3 | CVE-2025-5952 |
| Netgear–EX3700 | A vulnerability was found in Netgear EX3700 up to 1.0.0.88. It has been classified as critical. Affected is the function sub_41619C of the file /mtd. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.0.98 is able to address this issue. It is recommended to upgrade the affected component. This vulnerability only affects products that are no longer supported by the maintainer. | 2025-06-10 | 8.8 | CVE-2025-5934 |
| ninjateam–File Manager Pro Filester | The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.8.8. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site’s server which may make remote code execution possible. Administrators have the ability to extend file manager usage privileges to lower-level users including subscribers, which would make this vulnerability more severe on such sites. | 2025-06-14 | 7.2 | CVE-2025-3234 |
| Nozomi Networks–Guardian | An OS command injection vulnerability within the update functionality may allow an authenticated administrator to execute unauthorized arbitrary OS commands. Users with administrative privileges may upload update packages to upgrade the versions of Nozomi Networks Guardian and CMC. While these updates are signed and their signatures are validated prior to installation, an improper signature validation check has been identified. This issue could potentially enable users to execute commands remotely on the appliance, thereby impacting confidentiality, integrity, and availability. | 2025-06-10 | 7.2 | CVE-2024-13089 |
| Nozomi Networks–Guardian | A privilege escalation vulnerability may enable a service account to elevate its privileges. The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as that account. It is important to note that no such vector has been identified in this instance. | 2025-06-10 | 7 | CVE-2024-13090 |
| PayU India–PayU India | Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU India PayU India allows Authentication Abuse. This issue affects PayU India: from n/a through 3.8.5. | 2025-06-09 | 9.8 | CVE-2025-31022 |
| pgjdbc–pgjdbc | pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding set to required (default value is prefer), the driver would incorrectly allow connections to proceed with authentication methods that do not support channel binding (such as password, MD5, GSS, or SSPI authentication). This could allow a man-in-the-middle attacker to intercept connections that users believed were protected by channel binding requirements. This vulnerability is fixed in 42.7.7. | 2025-06-11 | 8.2 | CVE-2025-49146 |
| PHPGurukul–BP Monitoring Management System | A vulnerability has been found in PHPGurukul BP Monitoring Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /registration.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 7.3 | CVE-2025-5856 |
| PHPGurukul–Maid Hiring Management System | A vulnerability, which was classified as critical, was found in PHPGurukul Maid Hiring Management System 1.0. This affects an unknown part of the file /admin/search-booking-request.php. The manipulation of the argument searchdata leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 7.3 | CVE-2025-5860 |
| PHPGurukul–Vehicle Record Management System | A vulnerability was found in PHPGurukul Vehicle Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/search-vehicle.php. The manipulation of the argument searchinputdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 7.3 | CVE-2025-5913 |
| pion–interceptor | Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should upgrade to v0.1.39 or later, which validates that: `padLen > 0 && padLen <= payloadLength` and return error on overflow, avoiding panic. If upgrading is not possible, apply the patch from the pull request manually or drop packets whose P-bit is set but whose padLen is zero or larger than the remaining payload. | 2025-06-09 | 7.5 | CVE-2025-49140 |
| pixelgrade–Category Icon | Improper Restriction of XML External Entity Reference vulnerability in pixelgrade Category Icon allows XML Entity Linking. This issue affects Category Icon: from n/a through 1.0.2. | 2025-06-09 | 9.1 | CVE-2025-31039 |
| quitenicestuff–Soho Hotel | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in quitenicestuff Soho Hotel allows Reflected XSS. This issue affects Soho Hotel: from n/a through 4.2.5. | 2025-06-09 | 7.1 | CVE-2025-39539 |
| Red Hat–Red Hat | Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05.47.01, 5.5 before 05.55.01, 5.6 before 05.62.01, and 5.7 before 05.71.01. The SMM module has an SMM call out vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level. | 2025-06-12 | 7.5 | CVE-2024-55567 |
| Red Hat–Red Hat Enterprise Linux 10 | A flaw was found in libxml2’s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. | 2025-06-12 | 7.5 | CVE-2025-6021 |
| redqteam–Wishlist | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in redqteam Wishlist allows Reflected XSS. This issue affects Wishlist: from n/a through 2.1.0. | 2025-06-09 | 7.1 | CVE-2025-31061 |
| revmakx–Backup and Staging by WP Time Capsule | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in revmakx Backup and Staging by WP Time Capsule allows Reflected XSS. This issue affects Backup and Staging by WP Time Capsule: from n/a through 1.22.23. | 2025-06-09 | 7.1 | CVE-2025-47477 |
| Richard Perdaan–WC MyParcel Belgium | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Richard Perdaan WC MyParcel Belgium allows Reflected XSS. This issue affects WC MyParcel Belgium: from 4.5.5 through beta. | 2025-06-09 | 7.1 | CVE-2025-48279 |
| RomanCode–MapSVG | Incorrect Privilege Assignment vulnerability in RomanCode MapSVG allows Privilege Escalation. This issue affects MapSVG: from n/a through 8.5.34. | 2025-06-09 | 8.8 | CVE-2025-47561 |
| rubengc–AutomatorWP Automator plugin for no-code automations, webhooks & custom integrations in WordPress | The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the field_conditions parameter in all versions up to, and including, 5.2.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Administrators can configure the plugin to allow access to this functionality to authors and higher. | 2025-06-14 | 7.2 | CVE-2025-5487 |
| salesup2019–Formulario de contacto SalesUp! | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in salesup2019 Formulario de contacto SalesUp! allows Reflected XSS. This issue affects Formulario de contacto SalesUp!: from n/a through 1.0.14. | 2025-06-09 | 7.1 | CVE-2025-48143 |
| SAP_SE–SAP Business Warehouse and SAP Plug-In Basis | SAP Business Warehouse and SAP Plug-In Basis allows an authenticated attacker to drop arbitrary SAP database tables, potentially resulting in a loss of data or rendering the system unusable. On successful exploitation, an attacker can completely delete database entries but is not able to read any data. | 2025-06-10 | 8.5 | CVE-2025-42983 |
| SAP_SE–SAP BusinessObjects Business Intelligence (BI Workspace) | SAP BusinessObjects Business Intelligence (BI Workspace) allows an unauthenticated attacker to craft and store malicious script within a workspace. When the victim accesses the workspace, the script will execute in their browser enabling the attacker to potentially access sensitive session information, modify or make browser information unavailable. This leads to a high impact on confidentiality and low impact on integrity, availability. | 2025-06-10 | 8.2 | CVE-2025-23192 |
| SAP_SE–SAP GRC (AC Plugin) | SAP GRC allows a non-administrative user to access and initiate transaction which could allow them to modify or control the transmitted system credentials. This causes high impact on confidentiality, integrity and availability of the application. | 2025-06-10 | 8.8 | CVE-2025-42982 |
| SAP_SE–SAP MDM Server | SAP MDM Server ReadString function allows an attacker to send specially crafted packets which could trigger a memory read access violation in the server process that would then fail and exit unexpectedly causing high impact on availability with no impact on confidentiality and integrity of the application. | 2025-06-10 | 7.5 | CVE-2025-42994 |
| SAP_SE–SAP MDM Server | SAP MDM Server Read function allows an attacker to send specially crafted packets which could trigger a memory read access violation in the server process that would then fail and exit unexpectedly causing high impact on availability with no impact on confidentiality and integrity of the application. | 2025-06-10 | 7.5 | CVE-2025-42995 |
| SAP_SE–SAP NetWeaver Application Server for ABAP | RFC inbound processing�does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation the attacker could critically impact both integrity and availability of the application. | 2025-06-10 | 9.6 | CVE-2025-42989 |
| SAP_SE–SAP NetWeaver Visual Composer | SAP NetWeaver Visual Composer contains a Directory Traversal vulnerability caused by insufficient validation of input paths provided by a high-privileged user. This allows an attacker to read or modify arbitrary files, resulting in a high impact on confidentiality and a low impact on integrity. | 2025-06-10 | 7.6 | CVE-2025-42977 |
| Schneider Electric–EVLink WallBox | CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists that could cause arbitrary file writes when an unauthenticated user on the web server manipulates file path. | 2025-06-10 | 7.2 | CVE-2025-5740 |
| SICK AG–SICK Field Analytics | The backup ZIPs are not signed by the application, leading to the possibility that an attacker can download a backup ZIP, modify and re-upload it. This allows the attacker to disrupt the application by configuring the services in a way that they are unable to run, making the application unusable. They can redirect traffic that is meant to be internal to their own hosted services and gathering information. | 2025-06-12 | 8.8 | CVE-2025-49199 |
| SICK AG–SICK Field Analytics | A remote unauthorized attacker may gather sensitive information of the application, due to missing authorization of configuration settings of the product. | 2025-06-12 | 7.5 | CVE-2025-49184 |
| SICK AG–SICK Media Server | Due to missing authorization of an API endpoint, unauthorized users can send HTTP GET requests to gather sensitive information. An attacker could also send HTTP POST requests to modify the log files’ root path as well as the TCP ports the service is running on, leading to a Denial of Service attack. | 2025-06-12 | 8.6 | CVE-2025-49181 |
| SICK AG–SICK Media Server | Files in the source code contain login credentials for the admin user and the property configuration password, allowing an attacker to get full access to the application. | 2025-06-12 | 7.5 | CVE-2025-49182 |
| SICK AG–SICK Media Server | All communication with the REST API is unencrypted (HTTP), allowing an attacker to intercept traffic between an actor and the webserver. This leads to the possibility of information gathering and downloading media files. | 2025-06-12 | 7.5 | CVE-2025-49183 |
| SICK AG–SICK Media Server | The server supports authentication methods in which credentials are sent in plaintext over unencrypted channels. If an attacker were to intercept traffic between a client and this server, the credentials would be exposed. | 2025-06-12 | 7.5 | CVE-2025-49194 |
| Siemens–Energy Services | A vulnerability has been identified in Energy Services (All versions with G5DFR). Affected solutions using G5DFR contain default credentials. This could allow an attacker to gain control of G5DFR component and tamper with outputs from the device. | 2025-06-10 | 9.9 | CVE-2025-40585 |
| Siemens–RUGGEDCOM ROX MX5000 | A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), RUGGEDCOM ROX RX1400 (All versions < V2.16.5), RUGGEDCOM ROX RX1500 (All versions < V2.16.5), RUGGEDCOM ROX RX1501 (All versions < V2.16.5), RUGGEDCOM ROX RX1510 (All versions < V2.16.5), RUGGEDCOM ROX RX1511 (All versions < V2.16.5), RUGGEDCOM ROX RX1512 (All versions < V2.16.5), RUGGEDCOM ROX RX1524 (All versions < V2.16.5), RUGGEDCOM ROX RX1536 (All versions < V2.16.5), RUGGEDCOM ROX RX5000 (All versions < V2.16.5). The ‘Log Viewers’ tool in the web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allow an authenticated remote attacker to execute the ‘tail’ command with root privileges and disclose contents of all files in the filesystem. | 2025-06-10 | 7.7 | CVE-2025-40591 |
| SinoTrack–IOT PC Platform | A username and password are required to authenticate to the central SinoTrack device management interface. The username for all devices is an identifier printed on the receiver. The default password is well-known and common to all devices. Modification of the default password is not enforced during device setup. A malicious actor can retrieve device identifiers with either physical access or by capturing identifiers from pictures of the devices posted on publicly accessible websites such as eBay. | 2025-06-12 | 8.3 | CVE-2025-5484 |
| SinoTrack–IOT PC Platform | User names used to access the web management interface are limited to the device identifier, which is a numerical identifier no more than 10 digits. A malicious actor can enumerate potential targets by incrementing or decrementing from known identifiers or through enumerating random digit sequences. | 2025-06-12 | 8.6 | CVE-2025-5485 |
| Sneeit–FlatNews | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Sneeit FlatNews allows Reflected XSS. This issue affects FlatNews: from n/a through 5.8. | 2025-06-09 | 7.1 | CVE-2025-32305 |
| snstheme–Avaz | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in snstheme Avaz allows PHP Local File Inclusion. This issue affects Avaz: from n/a through 2.8. | 2025-06-09 | 8.1 | CVE-2025-28944 |
| snstheme–BodyCenter – Gym, Fitness WooCommerce WordPress Theme | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in snstheme BodyCenter – Gym, Fitness WooCommerce WordPress Theme allows PHP Local File Inclusion. This issue affects BodyCenter – Gym, Fitness WooCommerce WordPress Theme: from n/a through 2.4. | 2025-06-09 | 8.1 | CVE-2023-25999 |
| snstheme–Nitan | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in snstheme Nitan allows PHP Local File Inclusion. This issue affects Nitan: from n/a through 2.9. | 2025-06-09 | 8.1 | CVE-2025-24768 |
| snstheme–SNS Anton | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in snstheme SNS Anton allows PHP Local File Inclusion. This issue affects SNS Anton: from n/a through 4.1. | 2025-06-09 | 8.1 | CVE-2025-28992 |
| snstheme–Valen – Sport, Fashion WooCommerce WordPress Theme | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in snstheme Valen – Sport, Fashion WooCommerce WordPress Theme allows PHP Local File Inclusion. This issue affects Valen – Sport, Fashion WooCommerce WordPress Theme: from n/a through 2.4. | 2025-06-09 | 8.1 | CVE-2025-28945 |
| SolarWinds–SolarWinds Observability Self-Hosted | SolarWinds Observability Self-Hosted was susceptible to a cross-site scripting (XSS) vulnerability due to an unsanitized field in the URL. The attack requires authentication using an administrator-level account and user interaction is required. | 2025-06-10 | 7.1 | CVE-2025-26395 |
| sonalsinha21–Recover abandoned cart for WooCommerce | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in sonalsinha21 Recover abandoned cart for WooCommerce allows SQL Injection. This issue affects Recover abandoned cart for WooCommerce: from n/a through 2.5. | 2025-06-09 | 9.3 | CVE-2025-47608 |
| spicethemes–Spice Blocks | Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in spicethemes Spice Blocks allows Path Traversal. This issue affects Spice Blocks: from n/a through 2.0.7.2. | 2025-06-09 | 7.5 | CVE-2025-48130 |
| Stash–Stash | The ws.stash.app.mac.daemon.helper tool contains a vulnerability caused by an incorrect use of macOS’s authorization model. Instead of validating the client’s authorization reference, the helper invokes AuthorizationCopyRights() using its own privileged context (root), effectively authorizing itself rather than the client. As a result, it grants the system.preferences.admin right internally, regardless of the requesting client’s privileges. This flawed logic allows unprivileged clients to invoke privileged operations via XPC, including unauthorized changes to system-wide network preferences such as SOCKS, HTTP, and HTTPS proxy settings. The absence of proper code-signing checks further enables arbitrary processes to exploit this flaw, leading to man-in-the-middle (MITM) attacks through traffic redirection. | 2025-06-10 | 7.8 | CVE-2024-7457 |
| Telex–Remote Dispatch Console Server | Remote code execution that allows unauthorized users to execute arbitrary code on the server machine. | 2025-06-13 | 10 | CVE-2025-29902 |
| Tenable–Agent | In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege. | 2025-06-13 | 8.4 | CVE-2025-36631 |
| Tenable–Agent | In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could arbitrarily delete local system files with SYSTEM privilege, potentially leading to local privilege escalation. | 2025-06-13 | 8.8 | CVE-2025-36633 |
| Tenda–AC5 | A vulnerability was found in Tenda AC5 15.03.06.47. It has been classified as critical. Affected is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 8.8 | CVE-2025-5863 |
| Tenda–AC6 | A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 8.8 | CVE-2025-5852 |
| Tenda–AC6 | A vulnerability classified as critical was found in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg. The manipulation of the argument remoteIp leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 8.8 | CVE-2025-5853 |
| Tenda–AC6 | A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 8.8 | CVE-2025-5854 |
| Tenda–AC6 | A vulnerability, which was classified as critical, was found in Tenda AC6 15.03.05.16. This affects the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 8.8 | CVE-2025-5855 |
| Tenda–AC7 | A vulnerability has been found in Tenda AC7 15.03.06.44 and classified as critical. This vulnerability affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 8.8 | CVE-2025-5861 |
| Tenda–AC7 | A vulnerability was found in Tenda AC7 15.03.06.44 and classified as critical. This issue affects the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 8.8 | CVE-2025-5862 |
| Tenda–FH1202 | A vulnerability was found in Tenda FH1202 1.2.0.14. It has been classified as critical. Affected is the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 8.8 | CVE-2025-5978 |
| themeton–FLAP – Business WordPress Theme | Deserialization of Untrusted Data vulnerability in themeton FLAP – Business WordPress Theme allows Object Injection. This issue affects FLAP – Business WordPress Theme: from n/a through 1.5. | 2025-06-09 | 9.8 | CVE-2025-31396 |
| themeton–PIMP – Creative MultiPurpose | Deserialization of Untrusted Data vulnerability in themeton PIMP – Creative MultiPurpose allows Object Injection. This issue affects PIMP – Creative MultiPurpose: from n/a through 1.7. | 2025-06-09 | 9.8 | CVE-2025-31398 |
| themeton–PressGrid – Frontend Publish Reaction & Multimedia Theme | Deserialization of Untrusted Data vulnerability in themeton PressGrid – Frontend Publish Reaction & Multimedia Theme allows Object Injection. This issue affects PressGrid – Frontend Publish Reaction & Multimedia Theme: from n/a through 1.3.1. | 2025-06-09 | 9.8 | CVE-2025-31429 |
| themeton–Spare | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in themeton Spare allows Reflected XSS. This issue affects Spare: from n/a through 1.7. | 2025-06-09 | 7.1 | CVE-2025-31638 |
| themeton–The Fashion – Model Agency One Page Beauty Theme | Deserialization of Untrusted Data vulnerability in themeton The Fashion – Model Agency One Page Beauty Theme allows Object Injection. This issue affects The Fashion – Model Agency One Page Beauty Theme: from n/a through 1.4.4. | 2025-06-09 | 9.8 | CVE-2025-31052 |
| thevindu-w–clip_share_server | ClipShare is a lightweight and cross-platform tool for clipboard sharing. Prior to 3.8.5, ClipShare Server for Windows uses the default Windows DLL search order and loads system libraries like CRYPTBASE.dll and WindowsCodecs.dll from its own directory before the system path. A local, non-privileged user who can write to the folder containing clip_share.exe can place malicious DLLs there, leading to arbitrary code execution in the context of the server, and, if launched by an Administrator (or another elevated user), it results in a reliable local privilege escalation. This vulnerability is fixed in 3.8.5. | 2025-06-11 | 7.3 | CVE-2025-49148 |
| ThimPress–WP Pipes | Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in ThimPress WP Pipes allows Path Traversal. This issue affects WP Pipes: from n/a through 1.4.2. | 2025-06-09 | 8.6 | CVE-2025-48267 |
| TOTOLINK–EX1200T | A vulnerability classified as critical was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 8.8 | CVE-2025-5907 |
| TOTOLINK–EX1200T | A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 8.8 | CVE-2025-5908 |
| TOTOLINK–EX1200T | A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 8.8 | CVE-2025-5909 |
| TOTOLINK–EX1200T | A vulnerability has been found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWsc of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 8.8 | CVE-2025-5910 |
| TOTOLINK–EX1200T | A vulnerability was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 8.8 | CVE-2025-5911 |
| TOTOLINK–T10 | A vulnerability has been found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument File leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 8.8 | CVE-2025-5901 |
| TOTOLINK–T10 | A vulnerability was found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This issue affects the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument slaveIpList leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 8.8 | CVE-2025-5902 |
| TOTOLINK–T10 | A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been classified as critical. Affected is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument desc leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 8.8 | CVE-2025-5903 |
| TOTOLINK–T10 | A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. Affected by this vulnerability is the function setWiFiMeshName of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument device_name leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 8.8 | CVE-2025-5904 |
| TOTOLINK–T10 | A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been rated as critical. Affected by this issue is the function setWiFiRepeaterCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument Password leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 8.8 | CVE-2025-5905 |
| TP-LINK Technologies–TL-IPC544EP-W4 | A vulnerability classified as critical has been found in TP-LINK Technologies TL-IPC544EP-W4 1.0.9 Build 240428 Rel 69493n. Affected is the function sub_69064 of the file /bin/main. The manipulation of the argument text leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-09 | 8.8 | CVE-2025-5875 |
| TRENDnet–TV-IP121W | A vulnerability has been found in TRENDnet TV-IP121W 1.1.1 Build 36 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/setup.cgi of the component Web Interface. The manipulation leads to improper authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-09 | 7.3 | CVE-2025-5870 |
| Tyche Softwares–Abandoned Cart Pro for WooCommerce | The Abandoned Cart Pro for WooCommerce plugin contains an authenticated arbitrary file upload vulnerability due to missing file type validation in the wcap_add_to_cart_popup_upload_files function in all versions up to, and including, 9.16.0. This makes it possible for an authenticated attacker, with subscriber-level access and above, to upload arbitrary files on the affected site’s server which may allow for either remote or local code execution depending on the server configuration. | 2025-06-10 | 8.8 | CVE-2025-4387 |
| Unfoldwp–Blogbyte | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in Unfoldwp Blogbyte allows PHP Local File Inclusion. This issue affects Blogbyte: from n/a through 1.1.1. | 2025-06-09 | 8.1 | CVE-2025-49275 |
| Unfoldwp–Blogmine | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in Unfoldwp Blogmine allows PHP Local File Inclusion. This issue affects Blogmine: from n/a through 1.1.7. | 2025-06-09 | 8.1 | CVE-2025-49276 |
| Unfoldwp–Blogprise | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in Unfoldwp Blogprise allows PHP Local File Inclusion. This issue affects Blogprise: from n/a through 1.0.9. | 2025-06-09 | 8.1 | CVE-2025-49277 |
| Unfoldwp–Blogty | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in Unfoldwp Blogty allows PHP Local File Inclusion. This issue affects Blogty: from n/a through 1.0.11. | 2025-06-09 | 8.1 | CVE-2025-49278 |
| Unfoldwp–Blogvy | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in Unfoldwp Blogvy allows PHP Local File Inclusion. This issue affects Blogvy: from n/a through 1.0.7. | 2025-06-09 | 8.1 | CVE-2025-49279 |
| Unfoldwp–Magty | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in Unfoldwp Magty allows PHP Local File Inclusion. This issue affects Magty: from n/a through 1.0.6. | 2025-06-09 | 8.1 | CVE-2025-49280 |
| Unfoldwp–Magways | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in Unfoldwp Magways allows PHP Local File Inclusion. This issue affects Magways: from n/a through 1.2.1. | 2025-06-09 | 8.1 | CVE-2025-49281 |
| Unfoldwp–Magze | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in Unfoldwp Magze allows PHP Local File Inclusion. This issue affects Magze: from n/a through 1.0.9. | 2025-06-09 | 8.1 | CVE-2025-49282 |
| uxper–Civi Framework | Cross-Site Request Forgery (CSRF) vulnerability in uxper Civi Framework allows Cross Site Request Forgery.This issue affects Civi Framework: from n/a through 2.1.6. | 2025-06-10 | 7.1 | CVE-2025-49511 |
| ValvePress–WordPress Automatic Plugin | The WordPress Automatic Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the ‘core.php’ file in all versions up to, and including, 3.115.0. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site’s server which may make remote code execution possible. | 2025-06-11 | 8.8 | CVE-2025-5395 |
| VirtueMart–VirtueMart | A Cross-Site Request Forgery (CSRF) vulnerability exists in the product image upload function of VirtueMart that bypasses the CSRF protection token. An attacker is able to craft a special CSRF request which will allow unrestricted file upload into the VirtueMart media manager. | 2025-06-11 | 8.3 | CVE-2025-6001 |
| VirtueMart–VirtueMart | An unrestricted file upload vulnerability exists in the Product Image section of the VirtueMart backend. Authenticated attackers can upload files with arbitrary extensions, including executable or malicious files, potentially leading to remote code execution or other security impacts depending on server configuration. | 2025-06-11 | 7.2 | CVE-2025-6002 |
| VMware–SALT | Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory. | 2025-06-13 | 9.6 | CVE-2024-38824 |
| VMware–SALT | Minion event bus authorization bypass. An attacker with access to a minion key can craft a message which may be able to execute a job on other minions (>= 3007.0). | 2025-06-13 | 8.1 | CVE-2025-22236 |
| VMware–SALT | Arbitrary event injection on Salt Master. The master’s “_minion_event” method can be used by and authorized minion to send arbitrary events onto the master’s event bus. | 2025-06-13 | 8.1 | CVE-2025-22239 |
| WebGeniusLab–Seofy Core | Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in WebGeniusLab Seofy Core allows PHP Local File Inclusion. This issue affects Seofy Core: from n/a through 1.4.5. | 2025-06-09 | 8.1 | CVE-2025-39473 |
| weboccults–REST API | Custom API Generator For Cross Platform And Import Export In WP | The REST API | Custom API Generator For Cross Platform And Import Export In WP plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the process_handler() function in versions 1.0.0 to 2.0.3. This makes it possible for unauthenticated attackers to POST an arbitrary import_api URL, import specially crafted JSON, and thereby create a new user with full Administrator privileges. | 2025-06-13 | 9.8 | CVE-2025-5288 |
| Weidmueller–IE-SR-2TX-WL | An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of Cross-Site Request Forgery (CSRF) protection in the Main Web Interface (endpoint event_mail_test). | 2025-06-11 | 8.8 | CVE-2025-41661 |
| Weidmueller–IE-SR-2TX-WL | An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of Cross-Site Request Forgery (CSRF) protection in the Main Web Interface (endpoint tls_iotgen_setting). | 2025-06-11 | 8.8 | CVE-2025-41662 |
| Weidmueller–IE-SR-2TX-WL | An unauthenticated remote attacker in a man-in-the-middle position can inject arbitrary commands in responses returned by WWH servers and gain arbitrary command execution with elevated privileges. | 2025-06-11 | 8.1 | CVE-2025-41663 |
| wework4web–Image Resizer On The Fly | The Image Resizer On The Fly plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the ‘delete’ task in all versions up to, and including, 1.1. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). | 2025-06-14 | 9.1 | CVE-2025-6065 |
| WilderForge–WilderForge | WilderForge is a Wildermyth coremodding API. A critical vulnerability has been identified in multiple projects across the WilderForge organization. The issue arises from unsafe usage of `${{ github.event.review.body }}` and other user controlled variables directly inside shell script contexts in GitHub Actions workflows. This introduces a code injection vulnerability: a malicious actor submitting a crafted pull request review containing shell metacharacters or commands could execute arbitrary shell code on the GitHub Actions runner. This can lead to arbitrary command execution with the permissions of the workflow, potentially compromising CI infrastructure, secrets, and build outputs. Developers who maintain or contribute to the repos WilderForge/WilderForge, WilderForge/ExampleMod, WilderForge/WilderWorkspace, WilderForge/WildermythGameProvider, WilderForge/AutoSplitter, WilderForge/SpASM, WilderForge/thrixlvault, WilderForge/MassHash, and/or WilderForge/DLC_Disabler; as well as users who fork any of the above repositories and reuse affected GitHub Actions workflows, are affected. End users of any the above software and users who only install pre-built releases or artifacts are not affected. This vulnerability does not impact runtime behavior of the software or compiled outputs unless those outputs were produced during exploitation of this vulnerability. A current workaround is to disable GitHub Actions in affected repositories, or remove the affected workflows. | 2025-06-09 | 10 | CVE-2025-49013 |
| woobewoo–WBW Product Table PRO | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in woobewoo WBW Product Table PRO allows SQL Injection. This issue affects WBW Product Table PRO: from n/a through 2.1.3. | 2025-06-09 | 9.3 | CVE-2025-31059 |
| WP Event Manager–WP Event Manager | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in WP Event Manager WP Event Manager allows PHP Local File Inclusion. This issue affects WP Event Manager: from n/a through 3.1.49. | 2025-06-09 | 8.1 | CVE-2025-48125 |
| WP Swings–Membership For WooCommerce | Missing Authorization vulnerability in WP Swings Membership For WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Membership For WooCommerce: from n/a through 2.8.1. | 2025-06-09 | 7.5 | CVE-2025-49265 |
| wptravelengine–WP Travel Engine Tour Booking Plugin Tour Operator Software | The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the delete_package() function in all versions up to, and including, 6.5.1. This makes it possible for unauthenticated attackers to delete arbitrary posts. | 2025-06-13 | 7.5 | CVE-2025-5282 |
| xagio–Xagio SEO AI Powered SEO | The Xagio SEO – AI Powered SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘HTTP_REFERER’ parameter in all versions up to, and including, 7.1.0.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in version 7.1.0.0. | 2025-06-11 | 7.2 | CVE-2025-3302 |
Medium Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source Info |
|---|---|---|---|---|
| a3rev–Contact Us Page Contact People | The Contact Us Page – Contact People plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ parameter in all versions up to, and including, 3.7.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-13 | 6.4 | CVE-2025-5123 |
| actions–toolkit | A vulnerability classified as problematic has been found in actions toolkit 0.5.0. This affects the function globEscape of the file toolkit/packages/glob/src/internal-pattern.ts of the component glob. The manipulation leads to inefficient regular expression complexity. It is possible to initiate the attack remotely. | 2025-06-09 | 4.3 | CVE-2025-5890 |
| Adobe–Acrobat Reader | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 5.5 | CVE-2025-43578 |
| Adobe–Acrobat Reader | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an Information Exposure vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain unauthorized access to sensitive information. Exploitation of this issue does not require user interaction. | 2025-06-10 | 5.5 | CVE-2025-43579 |
| Adobe–Acrobat Reader | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 5.5 | CVE-2025-47111 |
| Adobe–Acrobat Reader | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 5.5 | CVE-2025-47112 |
| Adobe–Adobe Commerce | Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction. | 2025-06-10 | 6.5 | CVE-2025-27207 |
| Adobe–Adobe Commerce | Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited write access. Exploitation of this issue does not require user interaction. | 2025-06-10 | 5.3 | CVE-2025-27206 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim’s browser. Exploitation of this issue requires user interaction in that a victim must visit a specially crafted web page. | 2025-06-10 | 6.1 | CVE-2025-47049 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser. | 2025-06-10 | 6.1 | CVE-2025-47094 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46838 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46841 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46842 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46843 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46844 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46845 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46846 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46847 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46848 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46850 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46851 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46853 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46854 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46855 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser. | 2025-06-10 | 5.4 | CVE-2025-46857 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46858 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46859 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46860 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46861 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46862 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46863 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46864 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46865 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46866 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46870 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46871 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46872 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46873 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser. | 2025-06-10 | 5.4 | CVE-2025-46874 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser. | 2025-06-10 | 5.4 | CVE-2025-46875 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46876 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46877 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46878 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46879 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46880 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46881 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46882 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46883 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46885 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46886 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46887 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46888 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low privileged attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized elevated access. Exploitation of this issue does not require user interaction. | 2025-06-10 | 5.4 | CVE-2025-46889 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46890 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46891 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46892 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46893 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46894 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46895 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46898 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46899 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46900 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46901 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46902 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46903 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46904 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46905 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46906 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46907 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46908 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46909 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46910 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46912 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46914 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46915 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46916 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46917 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46918 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46919 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46922 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46923 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46924 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46926 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46927 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46929 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46930 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46931 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46933 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46934 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46935 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46939 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46940 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46941 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46942 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46943 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46944 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46945 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46946 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46947 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46948 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46949 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46950 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46951 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46952 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46953 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46954 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46955 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46956 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46957 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46960 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46963 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46964 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46965 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46966 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46967 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46968 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46970 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46971 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46972 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46973 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46974 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46975 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46976 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46977 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46978 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46979 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46981 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46982 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46983 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46984 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46985 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46986 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46987 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46988 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46989 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46990 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46991 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46992 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46995 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46997 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-46999 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47000 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47002 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47003 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47004 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47005 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47006 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47007 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47008 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47010 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47011 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47012 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47013 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47014 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47015 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47016 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47017 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47019 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47020 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47021 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47022 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47025 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47026 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47027 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47029 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47030 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47031 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47032 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47033 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47034 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47035 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47036 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47037 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47038 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47039 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47040 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47041 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47042 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47044 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47045 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47047 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47048 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47050 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47051 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47052 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47055 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47056 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47057 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47060 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47062 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47063 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47065 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47066 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47067 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47068 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47069 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47070 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47071 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47072 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47073 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47074 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47075 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47076 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47077 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47078 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47079 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47080 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47081 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47082 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47083 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47084 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47085 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47086 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47087 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47088 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47089 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47090 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47091 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47092 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47093 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47113 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47114 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47115 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47116 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 5.4 | CVE-2025-47117 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 4.8 | CVE-2025-46884 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 4.8 | CVE-2025-46911 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 4.8 | CVE-2025-46913 |
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | 2025-06-10 | 4.6 | CVE-2025-46920 |
| Adobe–InDesign Desktop | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 5.5 | CVE-2025-30321 |
| Adobe–InDesign Desktop | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 5.5 | CVE-2025-47104 |
| Adobe–InDesign Desktop | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 5.5 | CVE-2025-47105 |
| Adobe–InDesign Desktop | InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2025-06-10 | 5.5 | CVE-2025-47106 |
| AMD–Platform Loader and Manager (PLM) | In AMD Versal Adaptive SoC devices, the lack of address validation when executing PLM runtime services through the PLM firmware can allow access to isolated or protected memory spaces, resulting in the loss of integrity and confidentiality. | 2025-06-09 | 6.6 | CVE-2025-0037 |
| amir-mousavi–Telegram for WP | The Telegram for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | 2025-06-13 | 4.4 | CVE-2025-5939 |
| andremacola–ACF Onyx Poll | The ACF Onyx Poll plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class’ parameter in all versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-13 | 6.4 | CVE-2025-5841 |
| Apache Software Foundation–Apache CloudStack | In Apache CloudStack, a flaw in access control affects the listTemplates and listIsos APIs. A malicious Domain Admin or Resource Admin can exploit this issue by intentionally specifying the ‘domainid’ parameter along with the ‘filter=self’ or ‘filter=selfexecutable’ values. This allows the attacker to gain unauthorized visibility into templates and ISOs under the ROOT domain. A malicious admin can enumerate and extract metadata of templates and ISOs that belong to unrelated domains, violating isolation boundaries and potentially exposing sensitive or internal configuration details. This vulnerability has been fixed by ensuring the domain resolution strictly adheres to the caller’s scope rather than defaulting to the ROOT domain. Affected users are recommended to upgrade to Apache CloudStack 4.19.3.0 or 4.20.1.0. | 2025-06-10 | 4.7 | CVE-2025-30675 |
| aspengrovestudios–AI Image Lab Free AI Image Generator | The AI Image Lab – Free AI Image Generator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.6. This is due to missing or incorrect nonce validation on the ‘wpz-ai-images’ page. This makes it possible for unauthenticated attackers to update the plugin’s API key via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2025-06-14 | 4.3 | CVE-2025-4592 |
| Astun Technology–iShare Maps | A vulnerability has been found in Astun Technology iShare Maps 5.4.0 and classified as problematic. This vulnerability affects unknown code of the file atCheckJS.aspx. The manipulation of the argument ref leads to open redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-15 | 4.3 | CVE-2025-6089 |
| Auma–AC1.2 | Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker. | 2025-06-10 | 4.3 | CVE-2025-41657 |
| Autodesk–USD for Maya | A maliciously crafted .usdc file, when loaded through Autodesk Maya, can force an uncontrolled memory allocation vulnerability. A malicious actor may leverage this vulnerability to cause a denial-of-service (DoS), or cause data corruption. | 2025-06-11 | 5.5 | CVE-2025-4605 |
| AVEVA–PI Connector for CygNet | A cross-site scripting vulnerability exists in AVEVA PI Connector for CygNet Versions 1.6.14 and prior that, if exploited, could allow an administrator miscreant with local access to the connector admin portal to persist arbitrary JavaScript code that will be executed by other users who visit affected pages. | 2025-06-12 | 5.5 | CVE-2025-4417 |
| AVEVA–PI Connector for CygNet | An improper validation of integrity check value vulnerability exists in AVEVA PI Connector for CygNet Versions 1.6.14 and prior that, if exploited, could allow a miscreant with elevated privileges to modify PI Connector for CygNet local data files (cache and buffers) in a way that causes the connector service to become unresponsive. | 2025-06-12 | 4.4 | CVE-2025-4418 |
| AVEVA–PI Data Archive | AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if exploited, could allow an authenticated user to shut down certain necessary PI Data Archive subsystems, resulting in a denial of service. | 2025-06-12 | 6.5 | CVE-2025-36539 |
| AVEVA–PI Web API | A cross-site scripting vulnerability exists in AVEVA PI Web API version 2023 SP1 and prior that, if exploited, could allow an authenticated attacker (with privileges to create/update annotations or upload media files) to persist arbitrary JavaScript code that will be executed by users who were socially engineered to disable content security policy protections while rendering annotation attachments from within a web browser. | 2025-06-12 | 6.5 | CVE-2025-2745 |
| bhittani–kk Youtube Video | The kk Youtube Video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘kkytv’ shortcode in all versions up to, and including, 0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-14 | 6.4 | CVE-2025-6061 |
| bogdanding–Zen Sticky Social | The Zen Sticky Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.3. This is due to missing or incorrect nonce validation on the ‘zen-social-sticky/zen-sticky-social.php’ page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2025-06-14 | 6.1 | CVE-2025-6055 |
| click5–History Log by click5 | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in click5 History Log by click5 allows Stored XSS. This issue affects History Log by click5: from n/a through 1.0.13. | 2025-06-09 | 6.5 | CVE-2025-47598 |
| code-projects–Chat System | A vulnerability was found in code-projects Chat System up to 1.0 and classified as critical. This issue affects some unknown processing of the file /user/confirm_password.php. The manipulation of the argument cid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 6.3 | CVE-2025-5881 |
| code-projects–Patient Record Management System | A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /urinalysis_record.php. The manipulation of the argument itr_no leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 6.3 | CVE-2025-5857 |
| code-projects–School Fees Payment System | A vulnerability was found in code-projects School Fees Payment System 1.0. It has been classified as critical. This affects an unknown part of the file /ajx.php. The manipulation of the argument name_startsWith leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 6.3 | CVE-2025-5971 |
| codesiddhant–Jasmin Ransomware | A vulnerability has been found in codesiddhant Jasmin Ransomware up to 1.0.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard.php. The manipulation of the argument Search leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-15 | 6.3 | CVE-2025-6096 |
| comfyanonymous–comfyui | A vulnerability was found in comfyanonymous comfyui up to 0.3.39. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /upload/image of the component Incomplete Fix CVE-2024-10099. The manipulation of the argument image leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-15 | 4.3 | CVE-2025-6092 |
| croixhaug–Appointment Booking Calendar Simply Schedule Appointments Booking Plugin | The Appointment Booking Calendar – Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ssa_admin_upcoming_appointments, ssa_admin_upcoming_appointments, and ssa_past_appointments shortcodes in all versions up to, and including, 1.6.8.30 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-14 | 6.4 | CVE-2025-4667 |
| Crypto Cloud–CryptoCloud – Crypto Payment Gateway | Missing Authorization vulnerability in Crypto Cloud CryptoCloud – Crypto Payment Gateway allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CryptoCloud – Crypto Payment Gateway: from n/a through 2.1.2. | 2025-06-09 | 6.5 | CVE-2025-48147 |
| CyberData–011209 SIP Emergency Intercom | CyberData 011209 Intercom could allow an unauthenticated user to gather sensitive information through blind SQL injections. | 2025-06-09 | 5.3 | CVE-2025-30507 |
| cyberlord92–WordPress Single Sign-On (SSO) – Single Site Standard | The WordPress Single Sign-On (SSO) plugin for WordPress is vulnerable to unauthorized access due to a misconfigured capability check on a function in all versions up to, and including, the *.5.3 versions of the plugin. This makes it possible for unauthenticated attackers to extract sensitive data including site content that has been restricted to certain users and/or roles. | 2025-06-12 | 5.3 | CVE-2025-6003 |
| Dell–Wyse Management Suite | Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection. | 2025-06-10 | 6.1 | CVE-2025-36577 |
| Dell–Wyse Management Suite | Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Incorrect Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access. | 2025-06-10 | 6.8 | CVE-2025-36578 |
| Dell–Wyse Management Suite | Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection | 2025-06-10 | 6.1 | CVE-2025-36580 |
| digitalacornjp–WP2HTML | The WP2HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to missing or incorrect nonce validation on the save() function. This makes it possible for unauthenticated attackers to update plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2025-06-13 | 4.3 | CVE-2025-5930 |
| djerba–WP URL Shortener | The WP URL Shortener plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due to missing or incorrect nonce validation on the ‘url_shortener_settings’ page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2025-06-14 | 6.1 | CVE-2025-6064 |
| dmitriamartin–Traffic Monitor | The Traffic Monitor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tfcm_maybe_set_bot_flags() function in all versions up to, and including, 3.2.2. This makes it possible for unauthenticated attackers to disabled bot logging. | 2025-06-13 | 5.3 | CVE-2025-5815 |
| dmitry78–XiSearch bar | The XiSearch bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6. This is due to missing or incorrect nonce validation on the ‘xisearch-key-config’ page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2025-06-14 | 6.1 | CVE-2025-6063 |
| eCharge Hardy Barth–Salia PLCC | A vulnerability was found in eCharge Hardy Barth Salia PLCC 2.2.0. It has been declared as critical. This vulnerability affects unknown code of the file /firmware.php of the component Web UI. The manipulation of the argument media leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-09 | 6.3 | CVE-2025-5873 |
| eGauge–EG3000 Energy Monitor | A vulnerability was found in eGauge EG3000 Energy Monitor 3.6.3. It has been classified as problematic. This affects an unknown part of the component Setting Handler. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-09 | 5.3 | CVE-2025-5872 |
| fay-1–WP Sliding Login/Dashboard Panel | The WP Sliding Login/Dashboard Panel plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.1. This is due to missing or incorrect nonce validation on the wp_sliding_panel_user_options() function. This makes it possible for unauthenticated attackers to update plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2025-06-13 | 4.3 | CVE-2025-5928 |
| Fengoffice–Feng Office | A vulnerability, which was classified as problematic, has been found in Fengoffice Feng Office 3.2.2.1. Affected by this issue is some unknown functionality of the file /application/models/ApplicationDataObject.class.php of the component Document Upload Handler. The manipulation leads to xml external entity reference. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-09 | 6.3 | CVE-2025-5877 |
| Fortinet–FortiClientEMS | A server-side request forgery vulnerability [CWE-918] in Fortinet FortiClientEMS version 7.4.0 through 7.4.2 and before 7.2.6 may allow an authenticated attacker to perform internal requests via crafted HTTP or HTTPS requests. | 2025-06-10 | 4.1 | CVE-2023-48786 |
| Fortinet–FortiClientEMS | An improper authentication vulnerability [CWE-287] in Fortinet FortiClientEMS version 7.4.0 and before 7.2.4 allows an unauthenticated attacker with the knowledge of the targeted user’s FCTUID and VDOM to perform operations such as uploading or tagging on behalf of the targeted user via specially crafted TCP requests. | 2025-06-10 | 4.6 | CVE-2024-32119 |
| Fortinet–FortiClientWindows | A improper validation of certificate with host mismatch in Fortinet FortiClientWindows version 7.4.0, versions 7.2.0 through 7.2.6, and 7.0 all versions allow an unauthorized attacker to redirect VPN connections via DNS spoofing or another form of redirection. | 2025-06-10 | 4.4 | CVE-2024-54019 |
| Fortinet–FortiOS | An Improper Certificate Validation vulnerability [CWE-295] in FortiOS version 7.6.1 and below, version 7.4.7 and below may allow an EAP verified remote user to connect from FortiClient via revoked certificate. | 2025-06-10 | 6 | CVE-2025-24471 |
| Fortinet–FortiOS | A channel accessible by non-endpoint vulnerability [CWE-300] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7 and before 7.0.14 & FortiProxy version 7.4.0 through 7.4.3, 7.2.0 through 7.2.9 and before 7.0.16 allows an unauthenticated attacker with the knowledge of device specific data to spoof the identity of a downstream device of the security fabric via crafted TCP requests. | 2025-06-10 | 5.6 | CVE-2024-50568 |
| Fortinet–FortiOS | An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions may allow an attacker in possession of a cookie used to log in the SSL-VPN portal to log in again, although the session has expired or was logged out. | 2025-06-10 | 4.4 | CVE-2024-50562 |
| Fortinet–FortiPAM | A improper handling of insufficient permissions or privileges in Fortinet FortiPAM 1.4.0 through 1.4.1, 1.3.0, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSRA 1.4.0 through 1.4.1 allows attacker to improper access control via specially crafted HTTP requests | 2025-06-10 | 6 | CVE-2025-22256 |
| Fortinet–FortiWeb | An Improper Privilege Management vulnerability [CWE-269] affecting Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16 and before 6.4.15, FortiProxy version 7.6.0 through 7.6.1 and before 7.4.7 & FortiWeb version 7.6.0 through 7.6.1 and before 7.4.6 allows an authenticated attacker with at least read-only admin permissions to gain super-admin privileges via crafted requests to Node.js websocket module. | 2025-06-10 | 6.5 | CVE-2025-22254 |
| gamerz–WP-DownloadManager | The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator can select for storing downloads. This makes it possible for authenticated attackers, with Administrator-level access and above, to download and read any file on the server, including system and configuration files. | 2025-06-11 | 4.9 | CVE-2025-4798 |
| geoserver–geoserver | GeoServer is an open source server that allows users to share and edit geospatial data. org.geowebcache.GeoWebCacheDispatcher.handleFrontPage(HttpServletRequest, HttpServletResponse) has no check to hide potentially sensitive information from users except for a hidden system property to hide the storage locations that defaults to showing the locations. This vulnerability is fixed in 2.26.2 and 2.25.6. | 2025-06-10 | 5.3 | CVE-2024-38524 |
| geoserver–geoserver | GeoServer is an open source server that allows users to share and edit geospatial data. The Coverage rest api /workspaces/{workspaceName}/coveragestores/{storeName}/{method}.{format} allows attackers to upload files with a specified url (with {method} equals ‘url’) with no restrict. This vulnerability is fixed in 2.26.0. | 2025-06-10 | 5.5 | CVE-2024-40625 |
| geoserver–geoserver | GeoServer is an open source server that allows users to share and edit geospatial data. It is possible to bypass the default REST API security and access the index page. The REST API security handles rest and its subpaths but not rest with an extension (e.g., rest.html). The REST API index can disclose whether certain extensions are installed. This vulnerability is fixed in 2.26.3 and 2.25.6. As a workaround, in ${GEOSERVER_DATA_DIR}/security/config.xml, change the paths for the rest filter to /rest.*,/rest/** and change the paths for the gwc filter to /gwc/rest.*,/gwc/rest/** and restart GeoServer. | 2025-06-10 | 5.3 | CVE-2025-27505 |
| getcursor–cursor | Cursor is a code editor built for programming with AI. Prior to 0.51.0, by default, the setting json.schemaDownload.enable was set to True. This means that by writing a JSON file, an attacker can trigger an arbitrary HTTP GET request that does not require user confirmation. Since the Cursor Agent can edit JSON files, this means a malicious agent, for example, after a prompt injection attack already succeeded, could trigger a GET request to an attacker controlled URL, potentially exfiltrating other data the agent may have access to. This vulnerability is fixed in 0.51.0. | 2025-06-11 | 5.9 | CVE-2025-49150 |
| GitLab–GitLab | An issue has been discovered in GitLab CE/EE affecting all versions from 8.13 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input validation in Board Names could be used to trigger a denial of service. | 2025-06-12 | 6.5 | CVE-2025-1478 |
| GitLab–GitLab | An issue has been discovered in GitLab CE/EE affecting all versions from 8.7 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Improper input validation in Tokens Names could be used to trigger a denial of service. | 2025-06-12 | 6.5 | CVE-2025-1516 |
| GitLab–GitLab | An issue has been discovered in GitLab CE/EE affecting all versions from 2.1.0 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. A lack of input validation in HTTP responses could allow an authenticated user to cause denial of service. | 2025-06-12 | 6.5 | CVE-2025-5996 |
| GitLab–GitLab | An issue has been discovered in GitLab EE affecting all versions prior to 17.10.8, 17.11 prior to 17.11.4, and 18.0 prior to 18.0.2. It may have been possible for private repository to be cloned in case of race condition when a secondary node is out of sync. | 2025-06-12 | 5.3 | CVE-2024-9512 |
| GitLab–GitLab | An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. It was possible for authenticated users to access arbitrary compliance frameworks, leading to unauthorized data disclosure. | 2025-06-12 | 4.3 | CVE-2025-5195 |
| GNU–PSPP | A vulnerability classified as critical has been found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected is the function parse_variables_option of the file utilities/pspp-convert.c. The manipulation leads to out-of-bounds write. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 5.3 | CVE-2025-5898 |
| GNU–PSPP | A vulnerability classified as critical was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected by this vulnerability is the function parse_variables_option of the file utilities/pspp-convert.c. The manipulation leads to free of memory not on the heap. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 5.3 | CVE-2025-5899 |
| haxtheweb–issues | HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, an authenticated Local File Inclusion (LFI) vulnerability in the HAXCMS saveOutline endpoint allows a low-privileged user to read arbitrary files on the server by manipulating the location field written into site.json. This enables attackers to exfiltrate sensitive system files such as /etc/passwd, application secrets, or configuration files accessible to the web server (www-data). The vulnerability stems from the way the HAXCMS backend handles the location field in the site’s outline. When a user sends a POST request to /system/api/saveOutline, the backend stores the provided location value directly into the site.json file associated with the site, without validating or sanitizing the input. Later the location parameter is interpreted by the CMS to resolve and load the content for a given node. If the location field contains a relative path like `../../../etc/passwd`, the application will attempt to read and render that file. Version 11.0.0 fixes the issue. | 2025-06-09 | 6.5 | CVE-2025-49138 |
| haxtheweb–issues | HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, in the HAX site editor, users can create a website block to load another site in an iframe. The application allows users to supply a target URL in the website block. When the HAX site is visited, the client’s browser will query the supplied URL. An authenticated attacker can create a HAX site with a website block pointing at an attacker-controlled server running Responder or a similar tool. The attacker can then conduct a phishing attack by convincing another user to visit their malicious HAX site to harvest credentials. Version 11.0.0 contains a patch for the issue. | 2025-06-09 | 5.3 | CVE-2025-49139 |
| holithemes–Click to Chat HoliThemes | The Click to Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-no_number’ parameter in all versions up to, and including, 4.22 to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-14 | 6.4 | CVE-2025-5336 |
| https://elementor.com/–Elementor Website Builder Pro | The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘button_text’ parameter in all versions up to, and including, 3.29.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-10 | 6.4 | CVE-2025-3076 |
| IBM–Cognos Analytics | IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | 2025-06-11 | 5.5 | CVE-2025-0917 |
| IBM–Cognos Analytics | IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 stores source code on the web server that could aid in further attacks against the system. | 2025-06-11 | 5.3 | CVE-2025-0923 |
| IBM–MQ Operator | IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1 through 3.5.3, and MQ Operator SC2 3.2.0 through 3.2.12 Native HA CRR could be configured with a private key and chain other than the intended key which could disclose sensitive information or allow the attacker to perform unauthorized actions. | 2025-06-15 | 4.7 | CVE-2025-36041 |
| IBM–Security Guardium | IBM Security Guardium 12.1 could allow a local privileged user to escalate their privileges to root due to insecure inherited permissions created by the program. | 2025-06-11 | 6.7 | CVE-2025-3473 |
| IBM–Security Verify Access | IBM Security Verify Access Appliance and Docker 10.0 through 10.0.8 could allow a remote attacker to enumerate usernames due to an observable response discrepancy of disabled accounts. | 2025-06-11 | 5.3 | CVE-2025-0163 |
| Innomotics–Perfect Harmony GH180 | A vulnerability has been identified in Perfect Harmony GH180 (All versions >= V8.0 < V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025). The maintenance connection of affected devices fails to protect access to the device’s control unit configuration. This could allow an attacker with physical access to the maintenance connection’s door port to perform arbitrary configuration changes. | 2025-06-11 | 6.1 | CVE-2024-35295 |
| irmau–IRM Newsroom | The IRM Newsroom plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘irmeventlist’ shortcode in all versions up to, and including, 1.2.17 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-13 | 6.4 | CVE-2025-4584 |
| irmau–IRM Newsroom | The IRM Newsroom plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘irmflat’ shortcode in all versions up to, and including, 1.2.17 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-13 | 6.4 | CVE-2025-4585 |
| irmau–IRM Newsroom | The IRM Newsroom plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘irmcalendarview’ shortcode in all versions up to, and including, 1.2.17 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-13 | 6.4 | CVE-2025-4586 |
| janboddez–IndieBlocks | The IndieBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘kind’ parameter in all versions up to, and including, 0.13.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-13 | 6.4 | CVE-2025-5950 |
| jconti–Link Shield | The Link Shield plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5.4. This is due to missing or incorrect nonce validation on the link_shield_menu_options() function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2025-06-13 | 6.1 | CVE-2025-5926 |
| josxha–Restrict File Access | The Restrict File Access plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.2 via the output() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. | 2025-06-14 | 6.5 | CVE-2025-6070 |
| jsnjfz–WebStack-Guns | A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-09 | 4.3 | CVE-2025-5888 |
| K7 Security–K7 Security Anti-Malware | A vulnerability in the K7RKScan.sys driver, part of the K7 Security Anti-Malware suite, allows a local low-privilege user to send crafted IOCTL requests to terminate a wide range of processes running with administrative or system-level privileges, with the exception of those inherently protected by the operating system. This flaw stems from missing access control in the driver’s IOCTL handler, enabling unprivileged users to perform privileged actions in kernel space. Successful exploitation can lead to denial of service by disrupting critical services or privileged applications. | 2025-06-10 | 5.6 | CVE-2025-1055 |
| kaisercrazy–Auto Attachments | The Auto Attachments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.8.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | 2025-06-13 | 5.5 | CVE-2025-6012 |
| kiCode111–like-girl | A vulnerability classified as critical was found in kiCode111 like-girl 5.2.0. This vulnerability affects unknown code of the file /admin/aboutPost.php. The manipulation of the argument title/aboutimg/info1/info2/info3/btn1/btn2/infox1/infox2/infox3/infox4/infox5/infox6/btnx2/infof1/infof2/infof3/infof4/btnf3/infod1/infod2/infod3/infod4/infod5 leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-12 | 4.7 | CVE-2025-6005 |
| kiCode111–like-girl | A vulnerability, which was classified as critical, has been found in kiCode111 like-girl 5.2.0. This issue affects some unknown processing of the file /admin/ImgUpdaPost.php. The manipulation of the argument id/imgText/imgDatd/imgUrl leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-12 | 4.7 | CVE-2025-6006 |
| kiCode111–like-girl | A vulnerability, which was classified as critical, was found in kiCode111 like-girl 5.2.0. Affected is an unknown function of the file /admin/CopyadminPost.php. The manipulation of the argument icp/Copyright leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-12 | 4.7 | CVE-2025-6007 |
| kiCode111–like-girl | A vulnerability has been found in kiCode111 like-girl 5.2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/ImgAddPost.php. The manipulation of the argument imgDatd/imgText/imgUrl leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-12 | 4.7 | CVE-2025-6008 |
| kiCode111–like-girl | A vulnerability was found in kiCode111 like-girl 5.2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ipAddPost.php. The manipulation of the argument bz/ipdz leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-12 | 4.7 | CVE-2025-6009 |
| Konica Minolta–bizhub | A vulnerability has been found in Konica Minolta bizhub up to 20250202 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 4.3 | CVE-2025-5885 |
| kseaborn–Zotpress | The Zotpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘nickname’ parameter in all versions up to, and including, 7.3.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-11 | 6.4 | CVE-2025-4666 |
| labring–FastGPT | FastGPT is an open-source project that provides a platform for building, deploying, and operating AI-driven workflows and conversational agents. The Sandbox container (fastgpt-sandbox) is a specialized, isolated environment used by FastGPT to safely execute user-submitted or dynamically generated code in isolation. The sandbox before version 4.9.11 has insufficient isolation and inadequate restrictions on code execution by allowing overly permissive syscalls, which allows attackers to escape the intended sandbox boundaries. Attackers could exploit this to read and overwrite arbitrary files and bypass Python module import restrictions. This is patched in version 4.9.11 by restricting the allowed system calls to a safer subset and additional descriptive error messaging. | 2025-06-09 | 6.3 | CVE-2025-49131 |
| leap13–Premium Addons for Elementor | The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-countdown attribute of Countdown widget in all versions up to, and including, 4.11.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-10 | 6.4 | CVE-2025-4774 |
| Lucky–LM-520-SC | A vulnerability classified as problematic was found in Lucky LM-520-SC, LM-520-FSC and LM-520-FSC-SAM up to 20250321. Affected by this vulnerability is an unknown functionality. The manipulation leads to missing authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-09 | 5.3 | CVE-2025-5876 |
| ManageEngine–OpManager | Zohocorp ManageEngine OpManager, NetFlow Analyzer, Network Configuration Manager, Firewall Analyzer and OpUtils versions 128565 and below are vulnerable to Reflected XSS on the login page. | 2025-06-09 | 4.3 | CVE-2025-41437 |
| marcdk–Game Review Block | The Game Review Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘className’ parameter in all versions up to, and including, 4.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-13 | 6.4 | CVE-2025-5923 |
| matrix-org–matrix-rust-sdk | matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. matrix-sdk-crypto since version 0.8.0 and up to 0.11.0 does not correctly validate the sender of an encrypted event. Accordingly, a malicious homeserver operator can modify events served to clients, making those events appear to the recipient as if they were sent by another user. This vulnerability is fixed in 0.11.1 and 0.12.0. | 2025-06-10 | 4.9 | CVE-2025-48937 |
| Mattermost–Mattermost | Mattermost versions 10.7.x <= 10.7.1, 10.6.x <= 10.6.3, 10.5.x <= 10.5.4, 9.11.x <= 9.11.13 fail to properly validate LDAP group ID attributes, allowing an authenticated administrator with PermissionSysconsoleWriteUserManagementGroups permission to execute LDAP search filter injection via the PUT /api/v4/ldap/groups/{remote_id}/link API when objectGUID is configured as the Group ID Attribute. | 2025-06-11 | 4.1 | CVE-2025-4573 |
| metaslider–Slider, Gallery, and Carousel by MetaSlider Image Slider, Video Slider | The Slider, Gallery, and Carousel by MetaSlider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘aria-label’ parameter in all versions up to, and including, 3.98.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-14 | 6.4 | CVE-2025-5337 |
| Microsoft–Microsoft Office 2019 | Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally. | 2025-06-10 | 6.7 | CVE-2025-47171 |
| Microsoft–Windows 10 Version 1809 | Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network. | 2025-06-10 | 6.5 | CVE-2025-33057 |
| Microsoft–Windows 10 Version 1809 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | 2025-06-10 | 5.5 | CVE-2025-24065 |
| Microsoft–Windows 10 Version 1809 | Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | 2025-06-10 | 5.5 | CVE-2025-24068 |
| Microsoft–Windows 10 Version 1809 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | 2025-06-10 | 5.5 | CVE-2025-24069 |
| Microsoft–Windows 10 Version 1809 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | 2025-06-10 | 5.5 | CVE-2025-32719 |
| Microsoft–Windows 10 Version 1809 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | 2025-06-10 | 5.5 | CVE-2025-32720 |
| Microsoft–Windows 10 Version 1809 | Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally. | 2025-06-10 | 5.5 | CVE-2025-32722 |
| Microsoft–Windows 10 Version 1809 | Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally. | 2025-06-10 | 5.5 | CVE-2025-33052 |
| Microsoft–Windows 10 Version 1809 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | 2025-06-10 | 5.5 | CVE-2025-33055 |
| Microsoft–Windows 10 Version 1809 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | 2025-06-10 | 5.5 | CVE-2025-33058 |
| Microsoft–Windows 10 Version 1809 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | 2025-06-10 | 5.5 | CVE-2025-33059 |
| Microsoft–Windows 10 Version 1809 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | 2025-06-10 | 5.5 | CVE-2025-33060 |
| Microsoft–Windows 10 Version 1809 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | 2025-06-10 | 5.5 | CVE-2025-33061 |
| Microsoft–Windows 10 Version 1809 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | 2025-06-10 | 5.5 | CVE-2025-33062 |
| Microsoft–Windows 10 Version 1809 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | 2025-06-10 | 5.5 | CVE-2025-33063 |
| Microsoft–Windows 10 Version 1809 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | 2025-06-10 | 5.5 | CVE-2025-33065 |
| Microsoft–Windows 10 Version 1809 | Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network. | 2025-06-10 | 5.4 | CVE-2025-47160 |
| Microsoft–Windows 11 version 22H2 | Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information locally. | 2025-06-10 | 4.4 | CVE-2025-47969 |
| Microsoft–Windows App Client for Windows Desktop | Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network. | 2025-06-10 | 6.5 | CVE-2025-32715 |
| Microsoft–Windows Security App | External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally. | 2025-06-10 | 5.5 | CVE-2025-47956 |
| Microsoft–Windows Server 2025 (Server Core installation) | Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature locally. | 2025-06-10 | 5.1 | CVE-2025-33069 |
| mySCADA–myPRO | A password is exposed locally. | 2025-06-11 | 5.5 | CVE-2025-35941 |
| n/a–FoxCMS | A vulnerability, which was classified as critical, has been found in FoxCMS up to 1.2.5. This issue affects the function batchCope of the file app/admin/controller/Download.php. The manipulation of the argument ids leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-06-15 | 6.3 | CVE-2025-6094 |
| n/a–Metabase | A vulnerability was found in Metabase 54.10. It has been classified as problematic. This affects the function parseDataUri of the file frontend/src/metabase/lib/dom.js. The manipulation leads to inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The patch is named 4454ebbdc7719016bf80ca0f34859ce5cee9f6b0. It is recommended to apply a patch to fix this issue. | 2025-06-09 | 4.3 | CVE-2025-5895 |
| n/a–Open5GS | A vulnerability was found in Open5GS up to 2.7.3. It has been declared as problematic. Affected by this vulnerability is the function common_register_state of the file src/mme/emm-sm.c of the component AMF/MME. The manipulation of the argument ran_ue_id leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 62cb99755243c9c38e4c060c5d8d0e158fe8cdd5. It is recommended to apply a patch to fix this issue. | 2025-06-10 | 5.3 | CVE-2025-5935 |
| n/a–Redash | A vulnerability was found in Redash up to 10.1.0/25.1.0. It has been rated as critical. This issue affects the function run_query of the file /query_runner/python.py of the component getattr Handler. The manipulation leads to sandbox issue. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-09 | 5.5 | CVE-2025-5874 |
| n/a–RocketChat | A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1. This issue affects the function parseMessage of the file /apps/meteor/app/irc/server/servers/RFC2813/parseMessage.js. The manipulation of the argument line leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 4.3 | CVE-2025-5892 |
| n/a–UserPro – Community and User Profile WordPress Plugin | The UserPro – Community and User Profile WordPress Plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 5.1.10 via the userpro_fbconnect() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. | 2025-06-14 | 5.9 | CVE-2025-4187 |
| n/a–Whistle | A vulnerability has been found in Whistle 2.9.98 and classified as problematic. This vulnerability affects unknown code of the file /cgi-bin/sessions/get-temp-file. The manipulation of the argument filename leads to path traversal. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-09 | 4.3 | CVE-2025-5880 |
| nanbu–Welcart e-Commerce | Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in nanbu Welcart e-Commerce allows Path Traversal. This issue affects Welcart e-Commerce: from n/a through 2.11.13. | 2025-06-09 | 6.8 | CVE-2025-47511 |
| netlatch–Yougler Blogger Profile Page | The Yougler Blogger Profile Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, v1.01. This is due to missing or incorrect nonce validation on the ‘yougler-plugin.php’ page. This makes it possible for unauthenticated attackers to update the plugin’s settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2025-06-14 | 4.3 | CVE-2025-6062 |
| OctoPrint–OctoPrint | OctoPrint versions up until and including 1.11.1 contain a vulnerability that allows any unauthenticated attacker to send a manipulated broken multipart/form-data request to OctoPrint and through that make the web server component become unresponsive. The issue can be triggered by a broken multipart/form-data request lacking an end boundary to any of OctoPrint’s endpoints implemented through the octoprint.server.util.tornado.UploadStorageFallbackHandler request handler. The request handler will get stuck in an endless busy loop, looking for a part of the request that will never come. As Tornado is single-threaded, that will effectively block the whole web server. The vulnerability has been patched in version 1.11.2. | 2025-06-10 | 6.5 | CVE-2025-48879 |
| OctoPrint–OctoPrint | OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.11.1 contain a vulnerability that allows an attacker with the FILE_UPLOAD permission to exfiltrate files from the host that OctoPrint has read access to, by moving them into the upload folder where they then can be downloaded from. This vulnerability is fixed in 1.11.2. | 2025-06-10 | 5.4 | CVE-2025-48067 |
| Papendorf–SOL Connect Center | A vulnerability was found in Papendorf SOL Connect Center 3.3.0.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to missing authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-09 | 5.3 | CVE-2025-5871 |
| PHPGurukul–Nipah Virus Testing Management System | A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /patient-report.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 6.3 | CVE-2025-5858 |
| PHPGurukul–Nipah Virus Testing Management System | A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /test-details.php. The manipulation of the argument assignto leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 6.3 | CVE-2025-5859 |
| PHPGurukul–Rail Pass Management System | A vulnerability, which was classified as problematic, was found in PHPGurukul Rail Pass Management System 1.0. This affects an unknown part of the file /rpms/download-pass.php. The manipulation of the argument searchdata leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 4.3 | CVE-2025-5975 |
| psf–requests | Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one’s Requests Session. | 2025-06-09 | 5.3 | CVE-2024-47081 |
| Red Hat–Rad Hat | The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add callbacks to be executed to HTTP endpoints once the authorization process is completed. It was found that an attacker with developer persona access can add a large number of those callbacks to be executed by Authorino and as the authentication policy is enforced by a single instance of the service, this leada to a Denial of Service in Authorino while processing the post-authorization callbacks. | 2025-06-09 | 5.7 | CVE-2025-25207 |
| Red Hat–Red Hat | A Developer persona can bring down the Authorino service, preventing the evaluation of all AuthPolicies on the cluster | 2025-06-09 | 5.7 | CVE-2025-25208 |
| Red Hat–Red Hat | The AuthPolicy metadata on Red Hat Connectivity Link contains an object which stores secretes, however it assumes those secretes are already in the kuadrant-system instead of copying it to the referred namespace. This creates space for a malicious actor with a developer persona access to leak those secrets over HTTP connection, as long the attacker knows the name of the targeted secrets and those secrets are limited to one line only. | 2025-06-09 | 5.7 | CVE-2025-25209 |
| Red Hat–Red Hat Enterprise Linux 10 | There’s a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error, leading to a denial-of-service. | 2025-06-09 | 4.3 | CVE-2025-47711 |
| Red Hat–Red Hat Enterprise Linux 10 | A flaw exists in the nbdkit “blocksize” filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service. | 2025-06-09 | 4.3 | CVE-2025-47712 |
| Red Hat–Red Hat Enterprise Linux 6 | A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP “Despeckle” plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img_bpp), which can result in allocating insufficient memory and subsequently performing out-of-bounds writes. This issue could lead to heap corruption, a potential denial of service (DoS), or arbitrary code execution in certain scenarios. | 2025-06-13 | 6.6 | CVE-2025-6035 |
| relentlo–StyleAI | Missing Authorization vulnerability in relentlo StyleAI allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects StyleAI: from n/a through 1.0.4. | 2025-06-09 | 6.5 | CVE-2025-48139 |
| Rocket.Chat–Rocket.Chat Desktop | The macOS Rocket.Chat application is affected by a vulnerability that allows bypassing Transparency, Consent, and Control (TCC) policies, enabling the exploitation or abuse of permissions specified in its entitlements (e.g., microphone, camera, automation, network client). Since Rocket.Chat was not signed with the Hardened Runtime nor set to enforce Library Validation, it is vulnerable to DYLIB injection attacks, which can lead to unauthorized actions or escalation of permissions. Consequently, an attacker gains capabilities that are not permitted by default under the Sandbox and its application profile. | 2025-06-10 | 5.5 | CVE-2024-8270 |
| Roland Beaussant–Audio Editor & Recorder | Missing Authorization vulnerability in Roland Beaussant Audio Editor & Recorder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Audio Editor & Recorder: from n/a through 2.2.1. | 2025-06-10 | 5.3 | CVE-2025-49509 |
| sagesony–Easy Flashcards | The Easy Flashcards plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1. This is due to missing or incorrect nonce validation on the ‘ef_settings_submenu’ page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2025-06-14 | 6.1 | CVE-2025-6040 |
| SAP_SE–SAP Business One Integration Framework | The security settings in the SAP Business One Integration Framework are not adequately checked, allowing attackers to bypass the 403 Forbidden error and access restricted pages. This leads to low impact on confidentiality of the application, there is no impact on integrity and availability. | 2025-06-10 | 5.3 | CVE-2025-42998 |
| SAP_SE–SAP MDM Server | SAP MDM Server allows an attacker to gain control of existing client sessions and execute certain functions without having to re-authenticate giving the ability to access or modify non-sensitive information or consume sufficient resources which could degrade the performance of the server causing low impact on confidentiality, integrity and availibility of the application. | 2025-06-10 | 5.6 | CVE-2025-42996 |
| SAP_SE–SAP NetWeaver (ABAP Keyword Documentation) | Due to a Cross-Site Scripting vulnerability in SAP NetWeaver (ABAP Keyword Documentation), an unauthenticated attacker could inject malicious JavaScript into a web page through an unprotected parameter. When a victim accesses the affected page, the script executes in their browser, providing the attacker limited access to restricted information. The vulnerability does not affect data integrity or availability and operates entirely within the context of the client’s browser. | 2025-06-10 | 5.8 | CVE-2025-31325 |
| SAP_SE–SAP S/4HANA (Bank Account Application) | SAP S/4HANA (Bank Account Application) does not perform necessary authorization checks. This allows an authenticated ‘approver’ user to delete attachment from bank account application of other user, leading to a low impact on integrity, with no impact on the confidentiality of the data or the availability of the application. | 2025-06-10 | 4.3 | CVE-2025-42991 |
| SAP_SE–SAP S/4HANA (Enterprise Event Enablement) | Due to a missing authorization check vulnerability in SAP S/4HANA (Enterprise Event Enablement), an attacker with access to the Inbound Binding Configuration could create an RFC destination and assign an arbitrary high-privilege user. This allows the attacker to consume events via the RFC destination, leading to code execution under the privileges of the assigned high-privilege user. While the vulnerability has a low impact on Availability, it significantly poses a high risk to both Confidentiality and Integrity. | 2025-06-10 | 6.7 | CVE-2025-42993 |
| SAP_SE–SAP S/4HANA (Manage Central Purchase Contract application) | SAP S/4HANA Manage Central Purchase Contract does not perform necessary authorization checks for an authenticated user. Due to this, an attacker could execute the function import on the entity making it inaccessible for unrestricted user. This has low impact on confidentiality and availability of the application. | 2025-06-10 | 5.4 | CVE-2025-42984 |
| SAP_SE–SAP S/4HANA (Manage Processing Rules – For Bank Statement) | SAP Manage Processing Rules (For Bank Statement) allows an attacker with basic privileges to edit shared rules of any user by tampering the request parameter. Due to missing authorization check, the attacker can edit rules that should be restricted, compromising the integrity of the application. | 2025-06-10 | 4.3 | CVE-2025-42987 |
| scada–DIOT SCADA with MQTT | The DIOT SCADA with MQTT plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘diot’ shortcode in all versions up to, and including, 1.0.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-14 | 6.4 | CVE-2025-4216 |
| Schneider Electric–EVLink WallBox | CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability exists when an authenticated user modifies configuration parameters on the web server | 2025-06-10 | 5.4 | CVE-2025-5742 |
| Schneider Electric–EVLink WallBox | CWE-78: I Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability exists that could cause remote control over the charging station when an authenticated user modifies configuration parameters on the web server. | 2025-06-10 | 5.5 | CVE-2025-5743 |
| Schneider Electric–EVLink WallBox | CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists that could cause arbitrary file reads from the charging station. The exploitation of this vulnerability does require an authenticated session of the web server. | 2025-06-10 | 4.9 | CVE-2025-5741 |
| Schneider Electric–Modicon Controllers M241/M251 | CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause Denial of Service when an authenticated malicious user sends manipulated HTTPS Content-Length header to the webserver. | 2025-06-10 | 6.5 | CVE-2025-3112 |
| Schneider Electric–Modicon Controllers M241/M251 | CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends special malformed HTTPS request containing improper formatted body data to the controller. | 2025-06-10 | 6.5 | CVE-2025-3116 |
| Schneider Electric–Modicon Controllers M241/M251 | CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends HTTPS request containing invalid data type to the webserver. | 2025-06-10 | 6.5 | CVE-2025-3898 |
| Schneider Electric–Modicon Controllers M241/M251 | CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability exists impacting configuration file paths that could cause an unvalidated data injected by authenticated malicious user leading to modify or read data in a victim’s browser. | 2025-06-10 | 5.4 | CVE-2025-3117 |
| Schneider Electric–Modicon Controllers M241/M251 | CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability exists in Certificates page on Webserver that could cause an unvalidated data injected by authenticated malicious user leading to modify or read data in a victim’s browser. | 2025-06-10 | 5.4 | CVE-2025-3899 |
| Schneider Electric–Modicon Controllers M241/M251 | CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability exists impacting PLC system variables that could cause an unvalidated data injected by authenticated malicious user leading to modify or read data in a victim’s browser. | 2025-06-10 | 5.4 | CVE-2025-3905 |
| seraphinitesoft–Seraphinite Accelerator | The Seraphinite Accelerator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.27.21. This is due to missing or incorrect nonce validation on the ‘OnAdminApi_CacheOpBegin’ function. This makes it possible for unauthenticated attackers to perform several administrative actions, including deleting the cache, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2025-06-14 | 4.3 | CVE-2025-6059 |
| SICK AG–SICK Field Analytics | A service supports the use of a deprecated and unsafe TLS version. This could be exploited to expose sensitive information, modify data in unexpected ways or spoof identities of other users or devices, affecting the confidentiality and integrity of the device. | 2025-06-12 | 6.5 | CVE-2025-49196 |
| SICK AG–SICK Field Analytics | The created backup files are unencrypted, making the application vulnerable for gathering sensitive information by downloading and decompressing the backup files. | 2025-06-12 | 6.5 | CVE-2025-49200 |
| SICK AG–SICK Field Analytics | The web application is susceptible to cross-site-scripting attacks. An attacker who can create new dashboard widgets can inject malicious JavaScript code into the Transform Function which will be executed when the widget receives data from its data source. | 2025-06-12 | 5.5 | CVE-2025-49185 |
| SICK AG–SICK Field Analytics | The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susceptible to brute-force attacks. | 2025-06-12 | 5.3 | CVE-2025-49186 |
| SICK AG–SICK Field Analytics | For failed login attempts, the application returns different error messages depending on whether the login failed due to an incorrect password or a non-existing username. This allows an attacker to guess usernames until they find an existing one. | 2025-06-12 | 5.3 | CVE-2025-49187 |
| SICK AG–SICK Field Analytics | The application sends user credentials as URL parameters instead of POST bodies, making it vulnerable to information gathering. | 2025-06-12 | 5.3 | CVE-2025-49188 |
| SICK AG–SICK Field Analytics | The application is vulnerable to Server-Side Request Forgery (SSRF). An endpoint can be used to send server internal requests to other ports. | 2025-06-12 | 4.3 | CVE-2025-49190 |
| SICK AG–SICK Field Analytics | Linked URLs during the creation of iFrame widgets and dashboards are vulnerable to code execution. The URLs get embedded as iFrame widgets, making it possible to attack other users that access the dashboard by including malicious code. The attack is only possible if the attacker is authorized to create new dashboards or iFrame widgets. | 2025-06-12 | 4.8 | CVE-2025-49191 |
| SICK AG–SICK Field Analytics | The web application is vulnerable to clickjacking attacks. The site can be embedded into another frame, allowing an attacker to trick a user into clicking on something different from what the user perceives. This could potentially reveal confidential information or allow others to take control of their computer while clicking on seemingly innocuous objects. | 2025-06-12 | 4.3 | CVE-2025-49192 |
| SICK AG–SICK Field Analytics | The application fails to implement several security headers. These headers help increase the overall security level of the web application by e.g., preventing the application to be displayed in an iFrame (Clickjacking attacks) or not executing injected malicious JavaScript code (XSS attacks). | 2025-06-12 | 4.2 | CVE-2025-49193 |
| SICK AG–SICK Media Server | The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account. | 2025-06-12 | 6.5 | CVE-2025-49197 |
| SICK AG–SICK Media Server | The HttpOnlyflag of the session cookie “@@” is set to false. Since this flag helps preventing access to cookies via client-side scripts, setting the flag to false can lead to a higher possibility of Cross-Side-Scripting attacks which target the stored cookies. | 2025-06-12 | 5.3 | CVE-2025-49189 |
| SICK AG–SICK Media Server | The FTP server’s login mechanism does not restrict authentication attempts, allowing an attacker to brute-force user passwords and potentially compromising the FTP server. | 2025-06-12 | 5.3 | CVE-2025-49195 |
| Siemens–Mendix Studio Pro 10 | A vulnerability has been identified in Mendix Studio Pro 10 (All versions < V10.23.0), Mendix Studio Pro 10.12 (All versions < V10.12.17), Mendix Studio Pro 10.18 (All versions < V10.18.7), Mendix Studio Pro 10.6 (All versions < V10.6.24), Mendix Studio Pro 11 (All versions), Mendix Studio Pro 8 (All versions < V8.18.35), Mendix Studio Pro 9 (All versions < V9.24.35). A zip path traversal vulnerability exists in the module installation process of Studio Pro. By crafting a malicious module and distributing it via (for example) the Mendix Marketplace, an attacker could write or modify arbitrary files in directories outside a developer’s project directory upon module installation. | 2025-06-12 | 6.1 | CVE-2025-40592 |
| Siemens–RUGGEDCOM RST2428P | A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCALANCE XC316-8 (6GK5324-8TS00-2AC2) (All versions < V3.2), SCALANCE XC324-4 (6GK5328-4TS00-2AC2) (All versions < V3.2), SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) (All versions < V3.2), SCALANCE XC332 (6GK5332-0GA00-2AC2) (All versions < V3.2), SCALANCE XC416-8 (6GK5424-8TR00-2AC2) (All versions < V3.2), SCALANCE XC424-4 (6GK5428-4TR00-2AC2) (All versions < V3.2), SCALANCE XC432 (6GK5432-0GR00-2AC2) (All versions < V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions < V3.2), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (All versions < V3.2), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (All versions < V3.2), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-2AR3) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-3AR3) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-4AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-2AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-3AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-4AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-2AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-3AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-4AR3) (All versions < V3.2), SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-2AR3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-3AR3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-4AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-2AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-3AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-4AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-2AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-3AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-4AR3) (All versions < V3.2), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (2×230 V AC, 12xFO) (6GK5334-3TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2×230 V AC, 8xFO) (6GK5334-2TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) (All versions < V3.2). The “Load Rollback” functionality in the web interface of affected products contains an incorrect authorization check vulnerability. This could allow an authenticated remote attacker with “guest” role to make the affected product roll back configuration changes made by privileged users. | 2025-06-10 | 6.5 | CVE-2025-40567 |
| Siemens–RUGGEDCOM RST2428P | A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.1), SCALANCE XC316-8 (6GK5324-8TS00-2AC2) (All versions < V3.1), SCALANCE XC324-4 (6GK5328-4TS00-2AC2) (All versions < V3.1), SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) (All versions < V3.1), SCALANCE XC332 (6GK5332-0GA00-2AC2) (All versions < V3.1), SCALANCE XC416-8 (6GK5424-8TR00-2AC2) (All versions < V3.1), SCALANCE XC424-4 (6GK5428-4TR00-2AC2) (All versions < V3.1), SCALANCE XC432 (6GK5432-0GR00-2AC2) (All versions < V3.1), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions < V3.1), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (All versions < V3.1), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (All versions < V3.1), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (All versions < V3.1), SCALANCE XR302-32 (6GK5334-5TS00-2AR3) (All versions < V3.1), SCALANCE XR302-32 (6GK5334-5TS00-3AR3) (All versions < V3.1), SCALANCE XR302-32 (6GK5334-5TS00-4AR3) (All versions < V3.1), SCALANCE XR322-12 (6GK5334-3TS00-2AR3) (All versions < V3.1), SCALANCE XR322-12 (6GK5334-3TS00-3AR3) (All versions < V3.1), SCALANCE XR322-12 (6GK5334-3TS00-4AR3) (All versions < V3.1), SCALANCE XR326-8 (6GK5334-2TS00-2AR3) (All versions < V3.1), SCALANCE XR326-8 (6GK5334-2TS00-3AR3) (All versions < V3.1), SCALANCE XR326-8 (6GK5334-2TS00-4AR3) (All versions < V3.1), SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) (All versions < V3.1), SCALANCE XR502-32 (6GK5534-5TR00-2AR3) (All versions < V3.1), SCALANCE XR502-32 (6GK5534-5TR00-3AR3) (All versions < V3.1), SCALANCE XR502-32 (6GK5534-5TR00-4AR3) (All versions < V3.1), SCALANCE XR522-12 (6GK5534-3TR00-2AR3) (All versions < V3.1), SCALANCE XR522-12 (6GK5534-3TR00-3AR3) (All versions < V3.1), SCALANCE XR522-12 (6GK5534-3TR00-4AR3) (All versions < V3.1), SCALANCE XR526-8 (6GK5534-2TR00-2AR3) (All versions < V3.1), SCALANCE XR526-8 (6GK5534-2TR00-3AR3) (All versions < V3.1), SCALANCE XR526-8 (6GK5534-2TR00-4AR3) (All versions < V3.1), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (All versions < V3.1), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (All versions < V3.1), SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) (All versions < V3.1), SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (All versions < V3.1), SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) (All versions < V3.1), SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) (All versions < V3.1), SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) (All versions < V3.1), SCALANCE XRM334 (2×230 V AC, 12xFO) (6GK5334-3TS01-4AR3) (All versions < V3.1), SCALANCE XRM334 (2×230 V AC, 8xFO) (6GK5334-2TS01-4AR3) (All versions < V3.1), SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) (All versions < V3.1). Affected devices contain an incorrect authorization check vulnerability. This could allow an authenticated remote attacker with “guest” role to invoke an internal “do system” command which exceeds their privileges. This command allows the execution of certain low-risk actions, the most critical of which is clearing the local system log. | 2025-06-10 | 4.3 | CVE-2024-41797 |
| Siemens–RUGGEDCOM RST2428P | A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCALANCE XC316-8 (6GK5324-8TS00-2AC2) (All versions < V3.2), SCALANCE XC324-4 (6GK5328-4TS00-2AC2) (All versions < V3.2), SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) (All versions < V3.2), SCALANCE XC332 (6GK5332-0GA00-2AC2) (All versions < V3.2), SCALANCE XC416-8 (6GK5424-8TR00-2AC2) (All versions < V3.2), SCALANCE XC424-4 (6GK5428-4TR00-2AC2) (All versions < V3.2), SCALANCE XC432 (6GK5432-0GR00-2AC2) (All versions < V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions < V3.2), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (All versions < V3.2), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (All versions < V3.2), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-2AR3) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-3AR3) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-4AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-2AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-3AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-4AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-2AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-3AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-4AR3) (All versions < V3.2), SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-2AR3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-3AR3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-4AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-2AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-3AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-4AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-2AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-3AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-4AR3) (All versions < V3.2), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (2×230 V AC, 12xFO) (6GK5334-3TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2×230 V AC, 8xFO) (6GK5334-2TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) (All versions < V3.2). An internal session termination functionality in the web interface of affected products contains an incorrect authorization check vulnerability. This could allow an authenticated remote attacker with “guest” role to terminate legitimate users’ sessions. | 2025-06-10 | 4.3 | CVE-2025-40568 |
| Siemens–RUGGEDCOM RST2428P | A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCALANCE XC316-8 (6GK5324-8TS00-2AC2) (All versions < V3.2), SCALANCE XC324-4 (6GK5328-4TS00-2AC2) (All versions < V3.2), SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) (All versions < V3.2), SCALANCE XC332 (6GK5332-0GA00-2AC2) (All versions < V3.2), SCALANCE XC416-8 (6GK5424-8TR00-2AC2) (All versions < V3.2), SCALANCE XC424-4 (6GK5428-4TR00-2AC2) (All versions < V3.2), SCALANCE XC432 (6GK5432-0GR00-2AC2) (All versions < V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions < V3.2), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (All versions < V3.2), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (All versions < V3.2), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-2AR3) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-3AR3) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-4AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-2AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-3AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-4AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-2AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-3AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-4AR3) (All versions < V3.2), SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-2AR3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-3AR3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-4AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-2AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-3AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-4AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-2AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-3AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-4AR3) (All versions < V3.2), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (2×230 V AC, 12xFO) (6GK5334-3TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2×230 V AC, 8xFO) (6GK5334-2TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) (All versions < V3.2). The “Load Configuration from Local PC” functionality in the web interface of affected products contains a race condition vulnerability. This could allow an authenticated remote attacker to make the affected product load an attacker controlled configuration instead of the legitimate one. Successful exploitation requires that a legitimate administrator invokes the functionality and the attacker wins the race condition. | 2025-06-10 | 4.8 | CVE-2025-40569 |
| smub–Smash Balloon Social Post Feed Simple Social Feeds for WordPress | The Smash Balloon Social Post Feed – Simple Social Feeds for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-color attribute in all versions up to, and including, 4.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-10 | 6.4 | CVE-2025-4577 |
| SolarWinds–SolarWinds Observability Self-Hosted | SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required. | 2025-06-10 | 4.8 | CVE-2025-26394 |
| StarCitizenTools–mediawiki-skins-Citizen | Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1. | 2025-06-12 | 6.5 | CVE-2025-49575 |
| StarCitizenTools–mediawiki-skins-Citizen | Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The citizen-search-noresults-title and citizen-search-noresults-desc system messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1. | 2025-06-12 | 6.5 | CVE-2025-49576 |
| StarCitizenTools–mediawiki-skins-Citizen | Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various preferences messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1. | 2025-06-12 | 6.5 | CVE-2025-49577 |
| StarCitizenTools–mediawiki-skins-Citizen | Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various date messages returned by `Language::userDate` are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1. | 2025-06-12 | 6.5 | CVE-2025-49578 |
| StarCitizenTools–mediawiki-skins-Citizen | Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1. | 2025-06-12 | 6.5 | CVE-2025-49579 |
| stefanberger–libtpms | Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily into Qemu. Libtpms, which is derived from the TPM 2.0 reference implementation code published by the Trusted Computing Group, is prone to a potential out of bounds (OOB) read vulnerability. The vulnerability occurs in the ‘CryptHmacSign’ function with an inconsistent pairing of the signKey and signScheme parameters, where the signKey is ALG_KEYEDHASH key and inScheme is an ECC or RSA scheme. The reported vulnerability is in the ‘CryptHmacSign’ function, which is defined in the “Part 4: Supporting Routines – Code” document, section “7.151 – /tpm/src/crypt/CryptUtil.c “. This vulnerability can be triggered from user-mode applications by sending malicious commands to a TPM 2.0/vTPM (swtpm) whose firmware is based on an affected TCG reference implementation. The effect on libtpms is that it will cause an abort due to the detection of the out-of-bounds access, thus for example making a vTPM (swtpm) unavailable to a VM. This vulnerability is fixed in 0.7.12, 0.8.10, 0.9.7, and 0.10.1. | 2025-06-10 | 5.9 | CVE-2025-49133 |
| steph–Bunnys Print CSS | The Bunny’s Print CSS plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.95. This is due to missing or incorrect nonce validation on the pcss_options_subpanel() function. This makes it possible for unauthenticated attackers to update settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2025-06-10 | 4.3 | CVE-2025-5925 |
| streamweasels–StreamWeasels Kick Integration | The StreamWeasels Kick Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘status-classic-offline-text’ parameter in all versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-14 | 6.4 | CVE-2025-5589 |
| tarojs–taro | A vulnerability was found in tarojs taro up to 4.1.1. It has been declared as problematic. This vulnerability affects unknown code of the file taro/packages/css-to-react-native/src/index.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to version 4.1.2 is able to address this issue. The name of the patch is c2e321a8b6fc873427c466c69f41ed0b5e8814bf. It is recommended to upgrade the affected component. | 2025-06-09 | 4.3 | CVE-2025-5896 |
| Tenda–AC9 | A vulnerability, which was classified as problematic, was found in Tenda AC9 15.03.02.13. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 4.3 | CVE-2025-5900 |
| thatdevgirl–Color Palette | The Color Palette plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘hex’ parameter in all versions up to, and including, 4.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-13 | 6.4 | CVE-2025-5233 |
| theeventscalendar–The Events Calendar | The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-date-*’ parameters in all versions up to, and including, 6.13.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-11 | 6.4 | CVE-2025-5144 |
| themebon–Digital Marketing and Agency Templates Addons for Elementor | The Digital Marketing and Agency Templates Addons for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the import_templates() function. This makes it possible for unauthenticated attackers to trigger an import via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2025-06-13 | 5.3 | CVE-2025-5938 |
| ultimateblocks–Ultimate Blocks WordPress Blocks Plugin | The Ultimate Blocks – WordPress Blocks Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 3.3.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-10 | 6.4 | CVE-2025-2918 |
| Unitech–pm2 | A vulnerability classified as problematic was found in Unitech pm2 up to 6.0.6. This vulnerability affects unknown code of the file /lib/tools/Config.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 4.3 | CVE-2025-5891 |
| uYanki–board-stm32f103rc-berial | A vulnerability classified as critical was found in uYanki board-stm32f103rc-berial up to 84daed541609cb7b46854cc6672a275d1007e295. This vulnerability affects the function heartrate1_i2c_hal_write of the file 7.Example/hal/i2c/max30100/Manual/demo2/2/heartrate1_hal.c. The manipulation of the argument num leads to stack-based buffer overflow. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. | 2025-06-15 | 5.5 | CVE-2025-6093 |
| VMware–Avi Load Balancer | Description: VMware AVI Load Balancer contains an authenticated blind SQL Injection vulnerability. VMware has evaluated the severity of the issue to be in the Moderate severity range https://www.broadcom.com/support/vmware-services/security-response with a maximum CVSSv3 base score of 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N . Known Attack Vectors: An authenticated malicious user with network access may be able to use specially crafted SQL queries to gain database access. Resolution: To remediate CVE-2025-41233 apply the patches to the Avi Controller listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below. Workarounds: None. Additional Documentation: None. Acknowledgements: VMware would like to thank Alexandru Copaceanu https://www.linkedin.com/in/alexandru-copaceanu-b39aaa1a8/ for reporting this issue to us. Notes: None. Response Matrix: ProductVersionRunning OnCVECVSSv4SeverityFixed VersionWorkaroundsAdditional DocumentsVMware Avi Load Balancer30.1.1AnyCVE-2025-41233 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Moderate 30.1.2-2p3 https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/30-1/vmware-avi-load-balancer-release-notes/release-notes-30-1-2.html NoneNoneVMware Avi Load Balancer30.1.2AnyCVE-2025-41233 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Moderate 30.1.2-2p3 https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/30-1/vmware-avi-load-balancer-release-notes/release-notes-30-1-2.html NoneNoneVMware Avi Load Balancer30.2.1AnyCVE-2025-41233 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Moderate 30.2.1-2p6 https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/30-2/vmware-avi-load-balancer-release-notes/release-notes-for-avi-load-balancer-version-30-2-1.html NoneNoneVMware Avi Load Balancer30.2.2AnyCVE-2025-41233 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Moderate 30.2.2-2p5 https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/30-2/vmware-avi-load-balancer-release-notes/release-notes-for-avi-load-balancer-version-30-2-2.html NoneNoneVMware Avi Load Balancer30.2.3AnyCVE-2025-41233N/AN/AUnaffectedNoneNoneVMware Avi Load Balancer31.1.1AnyCVE-2025-41233 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Moderate 31.1.1-2p2 https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/31-1/vmware-avi-load-balancer-release-notes/Release-Note-Section-20627.html NoneNone CWE-89 in the Avi Load Balancer component of VMware allows an authenticated attacker to execute blind SQL injections in versions 30.1.1, 30.1.2, 30.2.1, and 30.2.2 due to improper input validation, enabling unauthorized database access. | 2025-06-12 | 6.8 | CVE-2025-41233 |
| VMware–SALT | The salt.auth.pki module does not properly authenticate callers. The “password” field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication, as the caller does not need access to the corresponding private key for the authentication attempt to be accepted. | 2025-06-13 | 6.4 | CVE-2024-38825 |
| VMware–SALT | An attacker with access to a minion key can exploit the ‘on demand’ pillar functionality with a specially crafted git url which could cause and arbitrary command to be run on the master with the same privileges as the master process. | 2025-06-13 | 6.7 | CVE-2025-22237 |
| VMware–SALT | Arbitrary directory creation or file deletion. In the find_file method of the GitFS class, a path is created using os.path.join using unvalidated input from the “tgt_env” variable. This can be exploited by an attacker to delete any file on the Master’s process has permissions to. | 2025-06-13 | 6.3 | CVE-2025-22240 |
| VMware–SALT | File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated input to create paths to the “pki directory”. The functionality is used to auto-accept Minion authentication keys based on a pre-placed “authorization file” at a specific location and is present in the default configuration. | 2025-06-13 | 5.6 | CVE-2025-22241 |
| VMware–SALT | Worker process denial of service through file read operation. .A vulnerability exists in the Master’s “pub_ret” method which is exposed to all minions. The un-sanitized input value “jid” is used to construct a path which is then opened for reading. An attacker could exploit this vulnerabilities by attempting to read from a filename that will not return any data, e.g. by targeting a pipe node on the proc file system. | 2025-06-13 | 5.6 | CVE-2025-22242 |
| VMware–SALT | Directory traversal attack in minion file cache creation. The master’s default cache is vulnerable to a directory traversal attack. Which could be leveraged to write or overwrite ‘cache’ files outside of the cache directory. | 2025-06-13 | 4.2 | CVE-2025-22238 |
| VMware–Spring Framework | Description In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a reflected file download (RFD) attack when it sets a “Content-Disposition” header with a non-ASCII charset, where the filename attribute is derived from user-supplied input. Specifically, an application is vulnerable when all the following are true: * The header is prepared with org.springframework.http.ContentDisposition. * The filename is set via ContentDisposition.Builder#filename(String, Charset). * The value for the filename is derived from user-supplied input. * The application does not sanitize the user-supplied input. * The downloaded content of the response is injected with malicious commands by the attacker (see RFD paper reference for details). An application is not vulnerable if any of the following is true: * The application does not set a “Content-Disposition” response header. * The header is not prepared with org.springframework.http.ContentDisposition. * The filename is set via one of: * ContentDisposition.Builder#filename(String), or * ContentDisposition.Builder#filename(String, ASCII) * The filename is not derived from user-supplied input. * The filename is derived from user-supplied input but sanitized by the application. * The attacker cannot inject malicious content in the downloaded content of the response. Affected Spring Products and VersionsSpring Framework: * 6.2.0 – 6.2.7 * 6.1.0 – 6.1.20 * 6.0.5 – 6.0.28 * Older, unsupported versions are not affected MitigationUsers of affected versions should upgrade to the corresponding fixed version. Affected version(s)Fix versionAvailability6.2.x6.2.8OSS6.1.x6.1.21OSS6.0.x6.0.29 Commercial https://enterprise.spring.io/ No further mitigation steps are necessary. CWE-113 in `Content-Disposition` handling in VMware Spring Framework versions 6.0.5 to 6.2.7 allows remote attackers to launch Reflected File Download (RFD) attacks via unsanitized user input in `ContentDisposition.Builder#filename(String, Charset)` with non-ASCII charsets. | 2025-06-12 | 6.5 | CVE-2025-41234 |
| vuejs–vue-cli | A vulnerability was found in vuejs vue-cli up to 5.0.8. It has been rated as problematic. This issue affects the function HtmlPwaPlugin of the file packages/@vue/cli-plugin-pwa/lib/HtmlPwaPlugin.js of the component Markdown Code Handler. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely. | 2025-06-09 | 4.3 | CVE-2025-5897 |
| WPFactory–Min Max Step Quantity Limits Manager for WooCommerce | Cross-Site Request Forgery (CSRF) vulnerability in WPFactory Min Max Step Quantity Limits Manager for WooCommerce allows Cross Site Request Forgery.This issue affects Min Max Step Quantity Limits Manager for WooCommerce: from n/a through 5.1.0. | 2025-06-10 | 4.3 | CVE-2025-49510 |
| yithemes–YITH WooCommerce Wishlist | The YITH WooCommerce Wishlist plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2025-06-14 | 6.4 | CVE-2025-5238 |
Low Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source Info |
|---|---|---|---|---|
| Adobe–Adobe Experience Manager | Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Low privileges are required. | 2025-06-10 | 3.5 | CVE-2025-47096 |
| AMD–Platform Loader and Manager (PLM) | In AMD Versal Adaptive SoC devices, the incorrect configuration of the SSS during runtime (post-boot) cryptographic operations could cause data to be incorrectly written to and read from invalid locations as well as returning incorrect cryptographic data. | 2025-06-09 | 3.2 | CVE-2025-0036 |
| Dell–Wyse Management Suite | Dell Wyse Management Suite, versions prior to WMS 5.2, contain a Cross-Site Request Forgery (CSRF) vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Server-side request forgery. | 2025-06-10 | 2.7 | CVE-2025-36576 |
| Fortinet–FortiOS | An improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to inject unauthorized sessions via crafted FGSP session synchronization packets. | 2025-06-10 | 3 | CVE-2025-22251 |
| Fortinet–FortiOS | An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] in FortiOS version 7.6.0, version 7.4.7 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions SSL-VPN web-mode may allow an authenticated user to access full SSL-VPN settings via crafted URL. | 2025-06-10 | 3.9 | CVE-2025-25250 |
| Fortinet–FortiPortal | A authorization bypass through user-controlled key in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.8 may allow an authenticated attacker to view unauthorized device information via key modification in API requests. | 2025-06-10 | 3.9 | CVE-2024-45329 |
| Fortinet–FortiProxy | An incomplete cleanup vulnerability [CWE-459] in FortiOS 7.2 all versions and before & FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 allows a VDOM privileged attacker to add SSH key files on the system silently via crafted CLI requests. | 2025-06-10 | 3.1 | CVE-2023-29184 |
| GitLab–GitLab | An issue has been discovered in GitLab EE affecting all versions from 12.0 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Under certain conditions users could bypass IP access restrictions and view sensitive information. | 2025-06-12 | 3.7 | CVE-2025-5982 |
| handcraftedinthealps–goodby-csv | handcraftedinthealps goodby-csv is a highly memory efficient, flexible and extendable open-source CSV import/export library. Prior to 1.4.3, goodby-csv could be used as part of a chain of methods that is exploitable when an insecure deserialization vulnerability exists in an application. This so-called “gadget chain” presents no direct threat but is a vector that can be used to achieve remote code execution if the application deserializes untrusted data due to another vulnerability. The problem is patched with Version 1.4.3. | 2025-06-13 | 3.9 | CVE-2025-49597 |
| jsnjfz–WebStack-Guns | A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been classified as problematic. Affected is an unknown function of the file UserMgrController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-09 | 3.5 | CVE-2025-5887 |
| juliangruber–brace-expansion | A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.1.12, 2.0.2, 3.0.1 and 4.0.1 is able to address this issue. The name of the patch is a5b98a4f30d7813266b221435e1eaaf25a1b0ac5. It is recommended to upgrade the affected component. | 2025-06-09 | 3.1 | CVE-2025-5889 |
| Konica Minolta–bizhub | A vulnerability, which was classified as problematic, was found in Konica Minolta bizhub up to 20250202. This affects an unknown part of the component Display MFP Information List. The manipulation of the argument Model Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 3.5 | CVE-2025-5884 |
| Mattermost–Mattermost | Mattermost versions 10.5.x <= 10.5.4, 9.11.x <= 9.11.13 fail to properly restrict API access to team information, allowing guest users to bypass permissions and view information about public teams they are not members of via a direct API call to /api/v4/teams/{team_id}. | 2025-06-11 | 3.1 | CVE-2025-4128 |
| Motorola–g34 | An incorrect default permissions vulnerability was reported in the MotoSignature application that could result in unauthorized access. | 2025-06-11 | 2.8 | CVE-2025-1699 |
| Motorola–Razr 40 Ultra | Null pointer exception vulnerabilities were reported in the fingerprint sensor service that could allow a local attacker to cause a denial of service. | 2025-06-11 | 2.8 | CVE-2025-1698 |
| n/a–Emlog | A vulnerability was found in Emlog up to 2.5.7 and classified as problematic. This issue affects some unknown processing of the file /admin/article.php. The manipulation of the argument active_post leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | 2025-06-09 | 3.5 | CVE-2025-5886 |
| PHPGurukul–Rail Pass Management System | A vulnerability has been found in PHPGurukul Rail Pass Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/add-pass.php. The manipulation of the argument fullname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | 2025-06-10 | 3.5 | CVE-2025-5976 |
| PHPGurukul–Restaurant Table Booking System | A vulnerability, which was classified as problematic, has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this issue is some unknown functionality of the file /check-status.php. The manipulation of the argument searchdata leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 3.5 | CVE-2025-5974 |
| PHPGurukul–Restaurant Table Booking System | A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/add-subadmin.php. The manipulation of the argument fullname leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | 2025-06-10 | 2.4 | CVE-2025-5970 |
| PHPGurukul–Restaurant Table Booking System | A vulnerability classified as problematic has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /admin/manage-subadmins.php. The manipulation of the argument fullname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | 2025-06-10 | 2.4 | CVE-2025-5972 |
| PHPGurukul–Restaurant Table Booking System | A vulnerability classified as problematic was found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add-table.php. The manipulation of the argument tableno leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 2.4 | CVE-2025-5973 |
| Red Hat–Red Hat Enterprise Linux 10 | A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition. | 2025-06-09 | 3.9 | CVE-2025-5914 |
| Red Hat–Red Hat Enterprise Linux 10 | A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions. | 2025-06-09 | 3.9 | CVE-2025-5915 |
| Red Hat–Red Hat Enterprise Linux 10 | A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX – 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. | 2025-06-09 | 3.9 | CVE-2025-5916 |
| Red Hat–Red Hat Enterprise Linux 10 | A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition. | 2025-06-09 | 3.9 | CVE-2025-5918 |
| Red Hat–Red Hat Enterprise Linux 10 | A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption. | 2025-06-13 | 3.7 | CVE-2025-6052 |
| Red Hat–Red Hat Enterprise Linux 10 | A vulnerability has been identified in the libarchive library. This flaw involves an ‘off-by-one’ miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation. | 2025-06-09 | 2.8 | CVE-2025-5917 |
| SAP_SE–SAP Business Objects Business Intelligence Platform | Under certain conditions, SAP Business Objects Business Intelligence Platform allows an unauthenticated attacker to enumerate HTTP endpoints in the internal network by specially crafting HTTP requests. This disclosure of information could further enable the researcher to cause SSRF. It has no impact on integrity and availability of the application. | 2025-06-10 | 3.7 | CVE-2025-42988 |
| SAP_SE–SAPUI5 applications | Unprotected SAPUI5 applications allow an attacker with basic privileges to inject malicious HTML code into a webpage, with the goal of redirecting users to the attacker controlled URL. This issue could impact the integrity of the application. Confidentiality or Availability are not impacted. | 2025-06-10 | 3 | CVE-2025-42990 |
| SICK AG–SICK Media Server | The Media Server’s authorization tokens have a poor quality of randomness. An attacker may be able to guess the token of an active user by computing plausible tokens. | 2025-06-12 | 3.1 | CVE-2025-49198 |
| SourceCodester–Online Student Clearance System | A vulnerability has been found in SourceCodester Online Student Clearance System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /Admin/add-fee.php. The manipulation of the argument txtamt leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | 2025-06-10 | 3.5 | CVE-2025-5984 |
| Tenda–TDSEE App | A vulnerability was found in Tenda TDSEE App up to 1.7.12. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /app/ConfirmSmsCode of the component Password Reset Confirmation Code Handler. The manipulation leads to improper restriction of excessive authentication attempts. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.7.15 is able to address this issue. It is recommended to upgrade the affected component. | 2025-06-09 | 3.7 | CVE-2025-5864 |
| VMware–SALT | Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion. | 2025-06-13 | 2.7 | CVE-2024-38822 |
| VMware–SALT | Salt’s request server is vulnerable to replay attacks when not using a TLS encrypted transport. | 2025-06-13 | 2.7 | CVE-2024-38823 |
| WuKongOpenSource–WukongCRM | A vulnerability, which was classified as problematic, was found in WuKongOpenSource WukongCRM 9.0. This affects an unknown part of the file AdminSysConfigController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-09 | 3.5 | CVE-2025-5879 |
Severity Not Yet Assigned
| Primary Vendor — Product |
Description | Published | CVSS Score | Source Info |
|---|---|---|---|---|
| Absolute Security–Secure Access | There is a memory management vulnerability in Absolute Secure Access server versions 9.0 to 13.54. Attackers with network access to the server can cause a Denial of Service by sending a specially crafted sequence of packets to the server. The attack complexity is low, there are no attack requirements, privileges, or user interaction required. Loss of availability is high; there is no impact on confidentiality or integrity. | 2025-06-12 | not yet calculated | CVE-2025-49080 |
| Absolute Security–Secure Access | There is an insufficient input validation vulnerability in the warehouse component of Absolute Secure Access prior to server version 13.55. Attackers with system administrator permissions can impair the availability of the Secure Access administrative UI by writing invalid data to the warehouse over the network. The attack complexity is low, there are no attack requirements, privileges required are high, and there is no user interaction required. There is no impact on confidentiality or integrity; the impact on availability is high. | 2025-06-12 | not yet calculated | CVE-2025-49081 |
| Apache Software Foundation–Apache CloudStack | The CloudStack Quota plugin has an improper privilege management logic in version 4.20.0.0. Anyone with authenticated user-account access in CloudStack 4.20.0.0 environments, where this plugin is enabled and have access to specific APIs can enable or disable reception of quota-related emails for any account in the environment and list their configurations. Quota plugin users using CloudStack 4.20.0.0 are recommended to upgrade to CloudStack version 4.20.1.0, which fixes this issue. | 2025-06-10 | not yet calculated | CVE-2025-22829 |
| Apache Software Foundation–Apache CloudStack | When an Apache CloudStack user-account creates a CKS-based Kubernetes cluster in a project, the API key and the secret key of the ‘kubeadmin’ user of the caller account are used to create the secret config in the CKS-based Kubernetes cluster. A member of the project who can access the CKS-based Kubernetes cluster, can also access the API key and secret key of the ‘kubeadmin’ user of the CKS cluster’s creator’s account. An attacker who’s a member of the project can exploit this to impersonate and perform privileged actions that can result in complete compromise of the confidentiality, integrity, and availability of resources owned by the creator’s account. CKS users are recommended to upgrade to version 4.19.3.0 or 4.20.1.0, which fixes this issue.Updating Existing Kubernetes Clusters in ProjectsA service account should be created for each project to provide limited access specifically for Kubernetes cluster providers and autoscaling. Follow the steps below to create a new service account, update the secret inside the cluster, and regenerate existing API and service keys:1. Create a New Service AccountCreate a new account using the role “Project Kubernetes Service Role” with the following details: Account Name kubeadmin-<FIRST_EIGHT_CHARACTERS_OF_PROJECT_ID> First Name Kubernetes Last Name Service User Account Type 0 (Normal User) Role ID <ID_OF_SERVICE_ROLE> 2. Add the Service Account to the ProjectAdd this account to the project where the Kubernetes cluster(s) are hosted. 3. Generate API and Secret KeysGenerate API Key and Secret Key for the default user of this account. 4. Update the CloudStack Secret in the Kubernetes ClusterCreate a temporary file `/tmp/cloud-config` with the following data: api-url = <API_URL> # For example: <MS_URL>/client/api api-key = <SERVICE_USER_API_KEY> secret-key = <SERVICE_USER_SECRET_KEY> project-id = <PROJECT_ID> Delete the existing secret using kubectl and Kubernetes cluster config: ./kubectl –kubeconfig kube.conf -n kube-system delete secret cloudstack-secret Create a new secret using kubectl and Kubernetes cluster config: ./kubectl –kubeconfig kube.conf -n kube-system create secret generic cloudstack-secret –from-file=/tmp/cloud-config Remove the temporary file: rm /tmp/cloud-config5. Regenerate API and Secret KeysRegenerate the API and secret keys for the original user account that was used to create the Kubernetes cluster. | 2025-06-10 | not yet calculated | CVE-2025-26521 |
| Apache Software Foundation–Apache CloudStack | A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can reset the password of user-accounts of Admin role type. This operation is not appropriately restricted and allows the attacker to assume control over higher-privileged user-accounts. A malicious Domain Admin attacker can impersonate an Admin user-account and gain access to sensitive APIs and resources that could result in the compromise of resource integrity and confidentiality, data loss, denial of service, and availability of infrastructure managed by CloudStack. Users are recommended to upgrade to Apache CloudStack 4.19.3.0 or 4.20.1.0, which fixes the issue with the following: * Strict validation on Role Type hierarchy: the caller’s user-account role must be equal to or higher than the target user-account’s role. * API privilege comparison: the caller must possess all privileges of the user they are operating on. * Two new domain-level settings (restricted to the default Admin): – role.types.allowed.for.operations.on.accounts.of.same.role.type: Defines which role types are allowed to act on users of the same role type. Default: “Admin, DomainAdmin, ResourceAdmin”. – allow.operations.on.users.in.same.account: Allows/disallows user operations within the same account. Default: true. | 2025-06-10 | not yet calculated | CVE-2025-47713 |
| Apache Software Foundation–Apache CloudStack | A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can get the API key and secret key of user-accounts of Admin role type in the same domain. This operation is not appropriately restricted and allows the attacker to assume control over higher-privileged user-accounts. A malicious Domain Admin attacker can impersonate an Admin user-account and gain access to sensitive APIs and resources that could result in the compromise of resource integrity and confidentiality, data loss, denial of service, and availability of infrastructure managed by CloudStack. Users are recommended to upgrade to Apache CloudStack 4.19.3.0 or 4.20.1.0, which fixes the issue with the following: * Strict validation on Role Type hierarchy: the caller’s role must be equal to or higher than the target user’s role. * API privilege comparison: the caller must possess all privileges of the user they are operating on. * Two new domain-level settings (restricted to the default admin): – role.types.allowed.for.operations.on.accounts.of.same.role.type: Defines which role types are allowed to act on users of the same role type. Default: “Admin, DomainAdmin, ResourceAdmin”. – allow.operations.on.users.in.same.account: Allows/disallows user operations within the same account. Default: true. | 2025-06-10 | not yet calculated | CVE-2025-47849 |
| Apache Software Foundation–Apache Kafka | A possible security vulnerability has been identified in Apache Kafka. This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config and a SASL-based security protocol, which has been possible on Kafka clusters since Apache Kafka 2.0.0 (Kafka Connect 2.3.0). When configuring the broker via config file or AlterConfig command, or connector via the Kafka Kafka Connect REST API, an authenticated operator can set the `sasl.jaas.config` property for any of the connector’s Kafka clients to “com.sun.security.auth.module.LdapLoginModule”, which can be done via the `producer.override.sasl.jaas.config`, `consumer.override.sasl.jaas.config`, or `admin.override.sasl.jaas.config` properties. This will allow the server to connect to the attacker’s LDAP server and deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server. Attacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath. Since Apache Kafka 3.0.0, users are allowed to specify these properties in connector configurations for Kafka Connect clusters running with out-of-the-box configurations. Before Apache Kafka 3.0.0, users may not specify these properties unless the Kafka Connect cluster has been reconfigured with a connector client override policy that permits them. Since Apache Kafka 3.9.1/4.0.0, we have added a system property (“-Dorg.apache.kafka.disallowed.login.modules”) to disable the problematic login modules usage in SASL JAAS configuration. Also by default “com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule” are disabled in Apache Kafka Connect 3.9.1/4.0.0. We advise the Kafka users to validate connector configurations and only allow trusted LDAP configurations. Also examine connector dependencies for vulnerable versions and either upgrade their connectors, upgrading that specific dependency, or removing the connectors as options for remediation. Finally, in addition to leveraging the “org.apache.kafka.disallowed.login.modules” system property, Kafka Connect users can also implement their own connector client config override policy, which can be used to control which Kafka client properties can be overridden directly in a connector config and which cannot. | 2025-06-10 | not yet calculated | CVE-2025-27818 |
| Apache Software Foundation–Apache Kafka | In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration in Kafka Connect API. But not only Kafka Connect API is vulnerable to this attack, the Apache Kafka brokers also have this vulnerability. To exploit this vulnerability, the attacker needs to be able to connect to the Kafka cluster and have the AlterConfigs permission on the cluster resource. Since Apache Kafka 3.4.0, we have added a system property (“-Dorg.apache.kafka.disallowed.login.modules”) to disable the problematic login modules usage in SASL JAAS configuration. Also by default “com.sun.security.auth.module.JndiLoginModule” is disabled in Apache Kafka 3.4.0, and “com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule” is disabled by default in in Apache Kafka 3.9.1/4.0.0 | 2025-06-10 | not yet calculated | CVE-2025-27819 |
| Apache Software Foundation–Apache Kafka Client | A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including “sasl.oauthbearer.token.endpoint.url” and “sasl.oauthbearer.jwks.endpoint.url”. Apache Kafka allows clients to read an arbitrary file and return the content in the error log, or sending requests to an unintended location. In applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use the “sasl.oauthbearer.token.endpoint.url” and “sasl.oauthbearer.jwks.endpoint.url” configuratin to read arbitrary contents of the disk and environment variables or make requests to an unintended location. In particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment/URL access, which may be undesirable in certain environments, including SaaS products. Since Apache Kafka 3.9.1/4.0.0, we have added a system property (“-Dorg.apache.kafka.sasl.oauthbearer.allowed.urls”) to set the allowed urls in SASL JAAS configuration. In 3.9.1, it accepts all urls by default for backward compatibility. However in 4.0.0 and newer, the default value is empty list and users have to set the allowed urls explicitly. | 2025-06-10 | not yet calculated | CVE-2025-27817 |
| Autoeastern–Cyclone Matrix TRF | Use of fixed learning codes, one code to lock the car and the other code to unlock it, in the Key Fob Transmitter in Cyclone Matrix TRF Smart Keyless Entry System, which allows a replay attack. Research was completed on the 2024 KIA Soluto. Attack confirmed on other KIA Models in Ecuador. | 2025-06-13 | not yet calculated | CVE-2025-6030 |
| Bagisto–Bagisto | A Reflected Cross-Site Scripting (XSS) vulnerability has been found in Bagisto v2.0.0. This vulnerability allows an attacker to execute JavaScript code in the victim’s browser by sending the victim a malicious URL using the parameter ‘query’ in ‘/search’. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user. | 2025-06-09 | not yet calculated | CVE-2025-40675 |
| barryvdh–laravel-translation-manager | Laravel Translation Manager is a package to manage Laravel translation files. Prior to version 0.6.8, the application is vulnerable to Cross-Site Scripting (XSS) attacks due to incorrect input validation and sanitization of user-input data. An attacker can inject arbitrary HTML code, including JavaScript scripts, into the page processed by the user’s browser, allowing them to steal sensitive data, hijack user sessions, or conduct other malicious activities. Only authenticated users with access to the translation manager are impacted. The issue is fixed in version 0.6.8. | 2025-06-09 | not yet calculated | CVE-2025-49130 |
| conda-forge–conda-forge-ci-setup-feedstock | conda-forge-ci-setup is a package installed by conda-forge each time a build is run on CI. The conda-forge-ci-setup-feedstock setup script is vulnerable due to the unsafe use of the eval function when parsing version information from a custom-formatted meta.yaml file. An attacker controlling meta.yaml can inject malicious code into the version assignment, which is executed during file processing, leading to arbitrary code execution. Exploitation requires an attacker to modify the recipe file by manipulating the RECIPE_DIR variable and introducing a malicious meta.yaml file. While this is more feasible in CI/CD pipelines, it is uncommon in typical environments, reducing overall risk. This vulnerability is fixed in 4.15.0. | 2025-06-13 | not yet calculated | CVE-2025-49598 |
| discourse–discourse | Discourse is an open-source discussion platform. Prior to version 3.4.4 of the `stable` branch, version 3.5.0.beta5 of the `beta` branch, and version 3.5.0.beta6-dev of the `tests-passed` branch, sending a malicious URL in a PM to a bot user can cause a reduced the availability of a Discourse instance. This issue is patched in version 3.4.4 of the `stable` branch, version 3.5.0.beta5 of the `beta` branch, and version 3.5.0.beta6-dev of the `tests-passed` branch. No known workarounds are available. | 2025-06-09 | not yet calculated | CVE-2025-48053 |
| discourse–discourse | Discourse is an open-source discussion platform. Prior to version 3.4.4 of the `stable` branch, version 3.5.0.beta5 of the `beta` branch, and version 3.5.0.beta6-dev of the `tests-passed` branch, Codepen is present in the default `allowed_iframes` site setting, and it can potentially auto-run arbitrary JS in the iframe scope, which is unintended. This issue is patched in version 3.4.4 of the `stable` branch, version 3.5.0.beta5 of the `beta` branch, and version 3.5.0.beta6-dev of the `tests-passed` branch. As a workaround, the Codepen prefix can be removed from a site’s `allowed_iframes`. | 2025-06-09 | not yet calculated | CVE-2025-48877 |
| Dmacroweb–DM Corporative CMS | A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the name and cod parameters in /antbuspre.asp. | 2025-06-10 | not yet calculated | CVE-2025-40654 |
| Dmacroweb–DM Corporative CMS | A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the name parameter in /antcatalogue.asp. | 2025-06-10 | not yet calculated | CVE-2025-40655 |
| Dmacroweb–DM Corporative CMS | A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the cod parameter in /administer/node-selection/data.asp. | 2025-06-10 | not yet calculated | CVE-2025-40656 |
| Dmacroweb–DM Corporative CMS | A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the codform parameter in /modules/forms/collectform.asp. | 2025-06-10 | not yet calculated | CVE-2025-40657 |
| Dmacroweb–DM Corporative CMS | An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelection.asp. | 2025-06-10 | not yet calculated | CVE-2025-40658 |
| Dmacroweb–DM Corporative CMS | An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelectionNetworks.asp. | 2025-06-10 | not yet calculated | CVE-2025-40659 |
| Dmacroweb–DM Corporative CMS | An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/select node/data.asp?mode=catalogue&id1=1&id2=1session=&cod=1&networks=0. | 2025-06-10 | not yet calculated | CVE-2025-40660 |
| Dmacroweb–DM Corporative CMS | An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/selection.asp. | 2025-06-10 | not yet calculated | CVE-2025-40661 |
| Dmacroweb–DM Corporative CMS | Absolute path disclosure vulnerability in DM Corporative CMS. This vulnerability allows an attacker to view the contents of webroot/file, if navigating to a non-existent file. | 2025-06-10 | not yet calculated | CVE-2025-40662 |
| Drupal–Admin Audit Trail | Allocation of Resources Without Limits or Throttling vulnerability in Drupal Admin Audit Trail allows Excessive Allocation.This issue affects Admin Audit Trail: from 0.0.0 before 1.0.5. | 2025-06-11 | not yet calculated | CVE-2025-48448 |
| Drupal–Bookable Calendar | Missing Authorization vulnerability in Drupal Bookable Calendar allows Forceful Browsing.This issue affects Bookable Calendar: from 0.0.0 before 2.2.13. | 2025-06-13 | not yet calculated | CVE-2025-48916 |
| Drupal–Commerce Alphabank Redirect | Incorrect Authorization vulnerability in Drupal Commerce Alphabank Redirect allows Functionality Misuse.This issue affects Commerce Alphabank Redirect: from 0.0.0 before 1.0.3. | 2025-06-11 | not yet calculated | CVE-2025-48446 |
| Drupal–Commerce Eurobank (Redirect) | Incorrect Authorization vulnerability in Drupal Commerce Eurobank (Redirect) allows Functionality Misuse.This issue affects Commerce Eurobank (Redirect): from 0.0.0 before 2.1.1. | 2025-06-11 | not yet calculated | CVE-2025-48445 |
| Drupal–COOKiES Consent Management | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Drupal COOKiES Consent Management allows Cross-Site Scripting (XSS).This issue affects COOKiES Consent Management: from 0.0.0 before 1.2.15. | 2025-06-13 | not yet calculated | CVE-2025-48914 |
| Drupal–COOKiES Consent Management | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Drupal COOKiES Consent Management allows Cross-Site Scripting (XSS).This issue affects COOKiES Consent Management: from 0.0.0 before 1.2.15. | 2025-06-13 | not yet calculated | CVE-2025-48915 |
| Drupal–etracker | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Drupal etracker allows Cross-Site Scripting (XSS).This issue affects etracker: from 0.0.0 before 3.1.0. | 2025-06-13 | not yet calculated | CVE-2025-48920 |
| Drupal–EU Cookie Compliance (GDPR Compliance) | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Drupal EU Cookie Compliance (GDPR Compliance) allows Cross-Site Scripting (XSS).This issue affects EU Cookie Compliance (GDPR Compliance): from 0.0.0 before 1.26.0. | 2025-06-13 | not yet calculated | CVE-2025-48917 |
| Drupal–Lightgallery | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Drupal Lightgallery allows Cross-Site Scripting (XSS).This issue affects Lightgallery: from 0.0.0 before 1.6.0. | 2025-06-11 | not yet calculated | CVE-2025-48447 |
| Drupal–Quick Node Block | Missing Authorization vulnerability in Drupal Quick Node Block allows Forceful Browsing.This issue affects Quick Node Block: from 0.0.0 before 2.0.0. | 2025-06-11 | not yet calculated | CVE-2025-48013 |
| Drupal–Quick Node Block | Missing Authorization vulnerability in Drupal Quick Node Block allows Forceful Browsing.This issue affects Quick Node Block: from 0.0.0 before 2.0.0. | 2025-06-11 | not yet calculated | CVE-2025-48444 |
| Drupal–Simple Klaro | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Drupal Simple Klaro allows Cross-Site Scripting (XSS).This issue affects Simple Klaro: from 0.0.0 before 1.10.0. | 2025-06-13 | not yet calculated | CVE-2025-48918 |
| Drupal–Simple Klaro | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Drupal Simple Klaro allows Cross-Site Scripting (XSS).This issue affects Simple Klaro: from 0.0.0 before 1.10.0. | 2025-06-13 | not yet calculated | CVE-2025-48919 |
| DT Research–BiosFlashShell | An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise. | 2025-06-10 | not yet calculated | CVE-2025-3052 |
| ETJ–Archive::Unzip::Burst | Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains a bundled InfoZip library that is affected by several vulnerabilities. The bundled library is affected by CVE-2014-8139, CVE-2014-8140 and CVE-2014-8141. | 2025-06-12 | not yet calculated | CVE-2022-4976 |
| Extreme Networks–ExtremeCloud Universal ZTNA | In ExtremeCloud Universal ZTNA, a syntax error in the ‘searchKeyword’ condition caused queries to bypass the owner_id filter. This issue may allow users to search data across the entire table instead of being restricted to their specific owner_id. | 2025-06-13 | not yet calculated | CVE-2025-6083 |
| Fujitsu Client Computing Limited–UpdateNavi | Improper restriction of communication channel to intended endpoints issue exists in UpdateNavi V1.4 L10 to L33 and UpdateNaviInstallService Service 1.2.0091 to 1.2.0125. If a local authenticated attacker send malicious data, an arbitrary registry value may be modified or arbitrary code may be executed. | 2025-06-12 | not yet calculated | CVE-2025-35978 |
| Go standard library–crypto/x509 | Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon. | 2025-06-11 | not yet calculated | CVE-2025-22874 |
| Go standard library–net/http | Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. | 2025-06-11 | not yet calculated | CVE-2025-4673 |
| Go standard library–syscall | os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink. | 2025-06-11 | not yet calculated | CVE-2025-0913 |
| Google–Chrome | Use after free in Media in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 2025-06-11 | not yet calculated | CVE-2025-5958 |
| Google–Chrome | Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | 2025-06-11 | not yet calculated | CVE-2025-5959 |
| Google–Web Designer App | Path traversal in Google Web Designer’s template handling versions prior to 16.3.0.0407 on Windows allows attacker to achieve remote code execution by tricking users into downloading a malicious ad template | 2025-06-12 | not yet calculated | CVE-2025-4613 |
| GRYPHON–Mojolicious::Plugin::CSRF | Mojolicious::Plugin::CSRF 1.03 for Perl uses a weak random number source for generating CSRF tokens. That version of the module generates tokens as an MD5 of the process id, the current time, and a single call to the built-in rand() function. | 2025-06-11 | not yet calculated | CVE-2025-40915 |
| jevents.net / GWE Systems Ltd–JEvents component for Joomla | A SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla was discovered. The extension is vulnerable to SQL injection via publicly accessible actions to list events by date ranges. | 2025-06-12 | not yet calculated | CVE-2025-49467 |
| Johnson Controls–iSTAR Configuration Utility (ICU) | The iSTAR Configuration Utility (ICU) tool leaks memory, which could result in the unintended exposure of unauthorized data from the Windows PC that ICU is running on. | 2025-06-11 | not yet calculated | CVE-2025-26383 |
| KIA–Aftermarket Generic Smart Keyless Entry System | Use of fixed learning codes, one code to lock the car and the other code to unlock it, the Key Fob Transmitter in KIA-branded Aftermarket Generic Smart Keyless Entry System, primarily distributed in Ecuador, which allows a replay attack. Manufacture is unknown at the time of release. CVE Record will be updated once this is clarified. | 2025-06-13 | not yet calculated | CVE-2025-6029 |
| M-Files Corporation–M-Files Server | A path traversal issue in the API endpoint in M-Files Server before version 25.6.14925.0 allows an authenticated user to read files in the server. | 2025-06-15 | not yet calculated | CVE-2025-5964 |
| MIK–CryptX | CryptX for Perl before version 0.065 contains a dependency that may be susceptible to malformed unicode. CryptX embeds the tomcrypt library. The versions of that library in CryptX before 0.065 may be susceptible to CVE-2019-17362. | 2025-06-11 | not yet calculated | CVE-2025-40912 |
| MIK–CryptX | Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow. CryptX embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328. | 2025-06-11 | not yet calculated | CVE-2025-40914 |
| modelcontextprotocol–inspector | The MCP inspector is a developer tool for testing and debugging MCP servers. Versions of MCP Inspector below 0.14.1 are vulnerable to remote code execution due to lack of authentication between the Inspector client and proxy, allowing unauthenticated requests to launch MCP commands over stdio. Users should immediately upgrade to version 0.14.1 or later to address these vulnerabilities. | 2025-06-13 | not yet calculated | CVE-2025-49596 |
| Mozilla–Firefox | Certain canvas operations could have lead to memory corruption. This vulnerability affects Firefox < 139.0.4. | 2025-06-11 | not yet calculated | CVE-2025-49709 |
| Mozilla–Firefox | An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox < 139.0.4. | 2025-06-11 | not yet calculated | CVE-2025-49710 |
| Mozilla–Mozilla VPN 2.28.0 | A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root. *This bug only affects Mozilla VPN on macOS. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN 2.28.0 < (macOS). | 2025-06-11 | not yet calculated | CVE-2025-5687 |
| Mozilla–Thunderbird | A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user’s desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data (e.g. using /dev/urandom on Linux) or to leak Windows credentials via SMB links when the email is viewed in HTML mode. While user interaction is required to download the .pdf file, visual obfuscation can conceal the download trigger. Viewing the email in HTML mode is enough to load external content. This vulnerability affects Thunderbird < 128.11.1 and Thunderbird < 139.0.2. | 2025-06-11 | not yet calculated | CVE-2025-5986 |
| n/a–n/a | Multiple SQL injection vulnerabilities in the EuroInformation MoneticoPaiement module before 1.1.1 for PrestaShop allow remote attackers to execute arbitrary SQL commands via the TPE, societe, MAC, reference, or aliascb parameter to transaction.php, validation.php, or callback.php. | 2025-06-12 | not yet calculated | CVE-2023-45256 |
| n/a–n/a | A stored cross-site scripting (XSS) vulnerability in the Project Dashboards of REDCap 13.1.9 allows authenticated users to execute arbitrary web script or HTML by injecting a crafted payload into the ‘Dashboard title’ and ‘Dashboard content’ text boxes. This can lead to the execution of malicious scripts when the dashboard is viewed. Users are recommended to update to version 14.2.1 or later to mitigate this vulnerability. | 2025-06-10 | not yet calculated | CVE-2024-37394 |
| n/a–n/a | A stored cross-site scripting (XSS) vulnerability in the Public Survey function of REDCap 13.1.9 allows authenticated users to execute arbitrary web script or HTML by injecting a crafted payload into the ‘Survey Title’ and ‘Survey Instructions’ fields. This vulnerability could be exploited by attackers to execute malicious scripts when the survey is accessed through its public link. It is advised to update to version 14.2.1 or later to fix this issue. | 2025-06-10 | not yet calculated | CVE-2024-37395 |
| n/a–n/a | A stored cross-site scripting (XSS) vulnerability in the Calendar function of REDCap 13.1.9 allows authenticated users to execute arbitrary web script or HTML by injecting a crafted payload into the ‘Notes’ field of a calendar event. This could lead to the execution of malicious scripts when the event is viewed. Updating to version 14.2.1 or later is recommended to remediate this vulnerability. | 2025-06-10 | not yet calculated | CVE-2024-37396 |
| n/a–n/a | Jetimob Plataforma Imobiliaria 20240627-0 is vulnerable to Cross Site Scripting (XSS) via the form field “Observaces” (observances) in the “Pessoas” (persons) section when creating or editing either a legal or a natural person. | 2025-06-10 | not yet calculated | CVE-2024-41502 |
| n/a–n/a | Jetimob Plataforma Imobiliaria 20240627-0 is vulnerable to Cross Site Scripting (XSS) in the field “Ttulo” (title) inside the filter Save option in the “Busca” (search) function. | 2025-06-10 | not yet calculated | CVE-2024-41503 |
| n/a–n/a | Jetimob Plataforma Imobiliaria 20240627-0 is vulnerable to Cross Site Scripting (XSS). In the “Oportunidades” (opportunities) section of the application when creating or editing an “Atividade” (activity), the form field “Descrico” allows injection of JavaScript. | 2025-06-10 | not yet calculated | CVE-2024-41504 |
| n/a–n/a | Jetimob Plataforma Imobiliaria 20240627-0 is vulnerable to Cross Site Scripting (XSS) in the “Pessoas” (persons) section via the field “Profisso” (professor). | 2025-06-10 | not yet calculated | CVE-2024-41505 |
| n/a–n/a | go-pg pg v10.13.0 was discovered to contain a SQL injection vulnerability via the component /types/append_value.go. | 2025-06-12 | not yet calculated | CVE-2024-44905 |
| n/a–n/a | uptrace pgdriver v1.2.1 was discovered to contain a SQL injection vulnerability via the appendArg function in /pgdriver/format.go. | 2025-06-12 | not yet calculated | CVE-2024-44906 |
| n/a–n/a | A Host Header injection vulnerability in the password reset function of VigyBag Open Source Online Shop commit 3f0e21b allows attackers to redirect victim users to a malicious site via a crafted URL. | 2025-06-09 | not yet calculated | CVE-2024-46452 |
| n/a–n/a | In Erxes <1.6.2, an unauthenticated attacker can read arbitrary files from the system using a Path Traversal vulnerability in the /read-file endpoint handler. | 2025-06-10 | not yet calculated | CVE-2024-57186 |
| n/a–n/a | In Erxes <1.6.2, an authenticated attacker can write to arbitrary files on the system using a Path Traversal vulnerability in the importHistoriesCreate GraphQL mutation handler. | 2025-06-10 | not yet calculated | CVE-2024-57189 |
| n/a–n/a | Erxes <1.6.1 is vulnerable to Incorrect Access Control. An attacker can bypass authentication by providing a “User” HTTP header that contains any user, allowing them to talk to any GraphQL endpoint. | 2025-06-10 | not yet calculated | CVE-2024-57190 |
| n/a–n/a | A cross-site scripting (XSS) vulnerability in OpenC3 COSMOS v6.0.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter. | 2025-06-13 | not yet calculated | CVE-2025-28380 |
| n/a–n/a | A credential leak in OpenC3 COSMOS v6.0.0 allows attackers to access service credentials as environment variables stored in all containers. | 2025-06-13 | not yet calculated | CVE-2025-28381 |
| n/a–n/a | An issue in the openc3-api/tables endpoint of OpenC3 COSMOS 6.0.0 allows attackers to execute a directory traversal. | 2025-06-13 | not yet calculated | CVE-2025-28382 |
| n/a–n/a | An issue in the /script-api/scripts/ endpoint of OpenC3 COSMOS 6.0.0 allows attackers to execute a directory traversal. | 2025-06-13 | not yet calculated | CVE-2025-28384 |
| n/a–n/a | A remote code execution (RCE) vulnerability in the Plugin Management component of OpenC3 COSMOS v6.0.0 allows attackers to execute arbitrary code via uploading a crafted .txt file. | 2025-06-13 | not yet calculated | CVE-2025-28386 |
| n/a–n/a | OpenC3 COSMOS v6.0.0 was discovered to contain hardcoded credentials for the Service Account. | 2025-06-13 | not yet calculated | CVE-2025-28388 |
| n/a–n/a | Weak password requirements in OpenC3 COSMOS v6.0.0 allow attackers to bypass authentication via a brute force attack. | 2025-06-13 | not yet calculated | CVE-2025-28389 |
| n/a–n/a | An issue in KeeperChat IOS Application v.5.8.8 allows a physically proximate attacker to escalate privileges via the Biometric Authentication Module | 2025-06-09 | not yet calculated | CVE-2025-29627 |
| n/a–n/a | pg-promise before 11.5.5 is vulnerable to SQL Injection due to improper handling of negative numbers. | 2025-06-12 | not yet calculated | CVE-2025-29744 |
| n/a–n/a | Keyoti SearchUnit prior to 9.0.0. is vulnerable to Server-Side Request Forgery (SSRF) in /Keyoti_SearchEngine_Web_Common/SearchService.svc/GetResults and /Keyoti_SearchEngine_Web_Common/SearchService.svc/GetLocationAndContentCategories. An attacker can specify their own SMB server as the indexDirectory value when making POST requests to the affected components. In doing so an attacker can get the SearchUnit server to read and write configuration and log files from/to the attackers server. | 2025-06-10 | not yet calculated | CVE-2025-44043 |
| n/a–n/a | Keyoti SearchUnit prior to 9.0.0. is vulnerable to XML External Entity (XXE). An attacker who can force a vulnerable SearchUnit host into parsing maliciously crafted XML and/or DTD files can exfiltrate some files from the underlying operating system. | 2025-06-10 | not yet calculated | CVE-2025-44044 |
| n/a–n/a | yangyouwang crud v1.0.0 is vulnerable to Cross Site Scripting (XSS) via the role management function. | 2025-06-12 | not yet calculated | CVE-2025-44091 |
| n/a–n/a | react-native-keys 0.7.11 is vulnerable to sensitive information disclosure (remote) as encryption cipher and Base64 chunks are stored as plaintext in the compiled native binary. Attackers can extract these secrets using basic static analysis tools. | 2025-06-09 | not yet calculated | CVE-2025-45001 |
| n/a–n/a | Vigybag v1.0 and before is vulnerable to Cross Site Scripting (XSS) via the upload profile picture function under my profile. | 2025-06-09 | not yet calculated | CVE-2025-45002 |
| n/a–n/a | Silverpeas 6.4.2 contains a stored cross-site scripting (XSS) vulnerability in the event management module. An authenticated user can upload a malicious SVG file as an event attachment, which, when viewed by an administrator, executes embedded JavaScript in the admin’s session. This allows attackers to escalate privileges by creating a new administrator account. The vulnerability arises from insufficient sanitization of SVG files and weak CSRF protections. | 2025-06-09 | not yet calculated | CVE-2025-45055 |
| n/a–n/a | Blink routers BL-WR9000 V2.4.9, BL-AC1900 V1.0.2, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 V1.0.5, BL-LTE300 V1.2.3, BL-F1200_AT1 V1.0.0, BL-X26_AC8 V1.2.8, BLAC450M_AE4 V4.0.0 and BL-X26_DA3 V1.2.7 were discovered to contain a command injection vulnerability via the routepwd parameter in the sub_45B238 function. | 2025-06-13 | not yet calculated | CVE-2025-45984 |
| n/a–n/a | Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0 and BL-X26_DA3 v1.2.7 were discovered to contain a command injection vulnerability via the bs_SetSSIDHide function. | 2025-06-13 | not yet calculated | CVE-2025-45985 |
| n/a–n/a | Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0 and BL-X26_DA3 v1.2.7 werediscovered to contain a command injection vulnerability via the mac parameter in the bs_SetMacBlack function. | 2025-06-13 | not yet calculated | CVE-2025-45986 |
| n/a–n/a | Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0 and BL-X26_DA3 v1.2.7 were discovered to contain multiple command injection vulnerabilities via the dns1 and dns2 parameters in the bs_SetDNSInfo function. | 2025-06-13 | not yet calculated | CVE-2025-45987 |
| n/a–n/a | Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0 and BL-X26_DA3 v1.2.7 were discovered to contain multiple command injection vulnerabilities via the cmd parameter in the bs_SetCmd function. | 2025-06-13 | not yet calculated | CVE-2025-45988 |
| n/a–n/a | Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint | 2025-06-12 | not yet calculated | CVE-2025-46035 |
| n/a–n/a | A stored cross-site scripting (XSS) vulnerability in Anchor CMS v0.12.7 allows attackers to inject malicious JavaScript via the page description field in the page creation interface (/admin/pages/add). | 2025-06-09 | not yet calculated | CVE-2025-46041 |
| n/a–n/a | Buffer Overflow vulnerability in TOTOLINK N600R v4.3.0cu.7866_B2022506 allows a remote attacker to execute arbitrary code via the UPLOAD_FILENAME component | 2025-06-13 | not yet calculated | CVE-2025-46060 |
| n/a–n/a | Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component | 2025-06-13 | not yet calculated | CVE-2025-46096 |
| n/a–n/a | Cross-Site Scripting (XSS) vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context of a victim s browser session by sending a crafted URL, leading to session hijacking or defacement. | 2025-06-09 | not yet calculated | CVE-2025-46178 |
| n/a–n/a | The Panel Designer dashboard in Airleader Master and Easy before 6.36 allows remote attackers to execute arbitrary commands via a wizard/workspace.jsp unrestricted file upload. To exploit this, the attacker must login to the administrator console (default credentials are weak and easily guessable) and upload a JSP file via the Panel Designer dashboard. | 2025-06-10 | not yet calculated | CVE-2025-46612 |
| nautobot–nautobot | Nautobot is a Network Source of Truth and Network Automation Platform. All users of Nautobot versions prior to 2.4.10 or prior to 1.6.32 are potentially affected. Due to insufficient security configuration of the Jinja2 templating feature used in computed fields, custom links, etc. in Nautobot, a malicious user could configure this feature set in ways that could expose the value of Secrets defined in Nautobot when the templated content is rendered or that could call Python APIs to modify data within Nautobot when the templated content is rendered, bypassing the object permissions assigned to the viewing user. Nautobot versions 1.6.32 and 2.4.10 will include fixes for the vulnerability. The vulnerability can be partially mitigated by configuring object permissions appropriately to limit certain actions to only trusted users. | 2025-06-10 | not yet calculated | CVE-2025-49142 |
| nautobot–nautobot | Nautobot is a Network Source of Truth and Network Automation Platform. Prior to v2.4.10 and v1.6.32 , files uploaded by users to Nautobot’s MEDIA_ROOT directory, including DeviceType image attachments as well as images attached to a Location, Device, or Rack, are served to users via a URL endpoint that was not enforcing user authentication. As a consequence, such files can be retrieved by anonymous users who know or can guess the correct URL for a given file. Nautobot v2.4.10 and v1.6.32 address this issue by adding enforcement of Nautobot user authentication to this endpoint. | 2025-06-10 | not yet calculated | CVE-2025-49143 |
| Niklas Portmann–Azure Based Remote Cache Plugin for Nx | A critical security vulnerability exists in remote cache extensions for common build systems utilizing bucket-based remote cache (such as those using Amazon S3, Google Cloud Storage, or similar object storage) that allows any contributor with pull request privileges to inject compromised artifacts from an untrusted environment into trusted production environments without detection. The vulnerability exploits a fundamental design flaw in the “first-to-cache wins” principle, where artifacts built in untrusted environments (feature branches, pull requests) can poison the cache used by trusted environments (protected branches, production deployments). This attack bypasses all traditional security measures including encryption, access controls, and checksum validation because the poisoning occurs during the artifact construction phase, before any security measures are applied. | 2025-06-10 | not yet calculated | CVE-2025-36852 |
| nobossextensions.com–No Boss Calendar component for Joomla | A SQL injection vulnerability in No Boss Calendar component before 5.0.7 for Joomla was discovered. The vulnerability allows remote authenticated users to execute arbitrary SQL commands via the id_module parameter. | 2025-06-13 | not yet calculated | CVE-2025-49468 |
| OnlyOffice–Docs (DocumentServer) | ONLYOFFICE Docs (DocumentServer) in versions equal and below 8.3.1 are affected by a reflected cross-site scripting (XSS) issue when opening files via the WOPI protocol. Attackers could inject malicious scripts via crafted HTTP POST requests, which are then reflected in the server’s HTML response. | 2025-06-12 | not yet calculated | CVE-2025-5301 |
| OSSEC–OSSEC-HIDS Agent | Improper input validation in the OSSEC HIDS agent for Windows prior to version 3.8.0 allows an attacker in with control over the OSSEC server or in possession of the agent’s key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for remote code execution or used to escalate privileges to SYSTEM via AD CS certificate forging and other similar attacks. | 2025-06-11 | not yet calculated | CVE-2024-1244 |
| Palo Alto Networks–Cloud NGFW | An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS® software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall. Cloud NGFW and Prisma® Access are not affected by this vulnerability. | 2025-06-13 | not yet calculated | CVE-2025-4229 |
| Palo Alto Networks–Cloud NGFW | A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators. Cloud NGFW and Prisma® Access are not affected by this vulnerability. | 2025-06-12 | not yet calculated | CVE-2025-4230 |
| Palo Alto Networks–Cloud NGFW | A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the management web interface and successfully authenticate to exploit this issue. Cloud NGFW and Prisma Access are not impacted by this vulnerability. | 2025-06-12 | not yet calculated | CVE-2025-4231 |
| Palo Alto Networks–Cortex XDR Broker VM | An incorrect privilege assignment vulnerability in Palo Alto Networks Cortex® XDR Broker VM allows an authenticated administrative user to execute certain files available within the Broker VM and escalate their privileges to root. | 2025-06-12 | not yet calculated | CVE-2025-4228 |
| Palo Alto Networks–GlobalProtect App | An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-new-features/new-features-released-in-gp-app/endpoint-traffic-policy-enforcement feature of the Palo Alto Networks GlobalProtectâ„¢ app allows certain packets to remain unencrypted instead of being properly secured within the tunnel. An attacker with physical access to the network can inject rogue devices to intercept these packets. Under normal operating conditions, the GlobalProtect app automatically recovers from this interception within one minute. | 2025-06-13 | not yet calculated | CVE-2025-4227 |
| Palo Alto Networks–GlobalProtect App | An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtectâ„¢ app on macOS allows a non administrative user to escalate their privileges to root. | 2025-06-12 | not yet calculated | CVE-2025-4232 |
| Palo Alto Networks–Prisma Access Browser | An insufficient implementation of cache vulnerability in Palo Alto Networks Prisma® Access Browser enables users to bypass certain data control policies. | 2025-06-12 | not yet calculated | CVE-2025-4233 |
| Pandora FMS–Pandora ITSM | Improper Neutralization of Special Elements in the backup name field may allow OS command injection. This issue affects Pandora ITSM 5.0.105. | 2025-06-10 | not yet calculated | CVE-2025-4653 |
| Pandora FMS–Pandora ITSM | Improper Neutralization of Special Elements in the chromium_path variable may allow OS command injection. This issue affects Pandora ITSM 5.0.105. | 2025-06-10 | not yet calculated | CVE-2025-4678 |
| PCSX2–pcsx2 | PCSX2 is a free and open-source PlayStation 2 (PS2) emulator. A stack-based buffer overflow exists in the Kprintf_HLE function of PCSX2 versions up to 2.3.414. Opening a disc image that logs a specially crafted message may allow a remote attacker to execute arbitrary code if the user enabled IOP Console Logging. This vulnerability is fixed in 2.3.414. | 2025-06-12 | not yet calculated | CVE-2025-49589 |
| Ping Identity–PingFederate | Unsanitized user-supplied data saved in the PingFederate Administrative Console could trigger the execution of JavaScript code in subsequent user processing. | 2025-06-15 | not yet calculated | CVE-2024-25573 |
| Ping Identity–PingFederate | PingFederate OAuth2 grant duplication in PostgreSQL persistent storage allows OAuth2 requests to use excessive memory utilization. | 2025-06-15 | not yet calculated | CVE-2025-21085 |
| Ping Identity–PingFederate | Improper handling of non-200 http responses in the PingFederate Google Adapter leads to thread exhaustion under normal usage conditions. | 2025-06-15 | not yet calculated | CVE-2025-22854 |
| Pure Storage–FlashArray | Improper input validation performed during the authentication process of FlashArray could lead to a system Denial of Service. | 2025-06-10 | not yet calculated | CVE-2025-0051 |
| Pure Storage–FlashBlade | Improper input validation performed during the authentication process of FlashBlade could lead to a system Denial of Service. | 2025-06-10 | not yet calculated | CVE-2025-0052 |
| Revenera–InstallShield | A potential elevated privilege issue has been reported with InstallShield built Standalone MSI setups having multiple InstallScript custom actions configured. All supported versions (InstallShield 2023 R2, InstallShield 2022 R2 and InstallShield 2021 R2) are affected by this issue. | 2025-06-12 | not yet calculated | CVE-2024-7562 |
| Ricoh Company, Ltd.–RICOH Streamline NX V3 PC Client | External control of file name or path issue exists in RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.242.0. If an attacker sends a specially crafted request, arbitrary files in the file system can be overwritten with log data. | 2025-06-13 | not yet calculated | CVE-2025-36506 |
| Ricoh Company, Ltd.–RICOH Streamline NX V3 PC Client | Path traversal vulnerability exists in RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.242.0. If this vulnerability is exploited, arbitrary code may be executed on the PC where the product is running by tampering with specific files used on the product. | 2025-06-13 | not yet calculated | CVE-2025-46783 |
| Ricoh Company, Ltd.–RICOH Streamline NX V3 PC Client | RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.7.0 contains an issue with use of less trusted source, which may allow an attacker who can conduct a man-in-the-middle attack to eavesdrop upgrade requests and execute a malicious DLL with custom code. | 2025-06-13 | not yet calculated | CVE-2025-48825 |
| rsjoomla.com–RSform!Pro component for Joomla | Remote code execution vulnerability in RSForm!pro component 3.0.0 – 3.3.14 for Joomla was discovered. The issue occurs within the submission export feature and requires administrative access to the export feature. | 2025-06-11 | not yet calculated | CVE-2025-30085 |
| rsjoomla.com–RSMediaGallery component for Joomla | A SQL injection vulnerability in RSMediaGallery! component 1.7.4 – 2.1.7 for Joomla was discovered. The issue occurs within the dashboard component, where user-supplied input is not properly sanitized before being stored and rendered. An attacker can inject malicious JavaScript code into text fields or other input points, which is subsequently executed in the browser of any user who clicks on the crafted text in the dashboard. | 2025-06-11 | not yet calculated | CVE-2025-32466 |
| rsjoomla.com–RSTickets! component for Joomla | A stored XSS vulnerability in RSTickets! component 1.9.12 – 3.3.0 for Joomla was discovered. It allows attackers to perform cross-site scripting (XSS) attacks via sending crafted payload. | 2025-06-11 | not yet calculated | CVE-2025-32465 |
| Salesforce–OmniStudio | Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (DataMapper) allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025 | 2025-06-10 | not yet calculated | CVE-2025-43697 |
| Salesforce–OmniStudio | Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of field level security controls for Salesforce objects. This impacts OmniStudio: before Spring 2025 | 2025-06-10 | not yet calculated | CVE-2025-43698 |
| Salesforce–OmniStudio | Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of field level security controls for OmniUICard objects. This impacts OmniStudio: before Spring 2025 | 2025-06-10 | not yet calculated | CVE-2025-43699 |
| Salesforce–OmniStudio | Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025. | 2025-06-10 | not yet calculated | CVE-2025-43700 |
| Salesforce–OmniStudio | Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows exposure of Custom Settings data. This impacts OmniStudio: before version 254. | 2025-06-10 | not yet calculated | CVE-2025-43701 |
| SIMCom–SIM7600G Modem | The SIMCom SIM7600G modem supports an undocumented AT command, which allows an attacker to execute system commands with root permission on the modem. An attacker needs either physical access or remote shell access to a device that interacts directly with the modem via AT commands. | 2025-06-11 | not yet calculated | CVE-2025-26412 |
| SunGrow–iSolarCloud | SunGrow’s back end users system iSolarCloud https://isolarcloud.com uses an MQTT service to transport data from the user’s connected devices to the user’s web browser. The MQTT server however did not have sufficient restrictions in place to limit the topics that a user could subscribe to. While the data that is transmitted through the MQTT server is encrypted and the credentials for the MQTT server are obtained though an API call, the credentials could be used to subscribe to any topic and the encryption key can be used to decrypt all messages received. An attack with an account on iSolarCloud.com could extract MQTT credentials and the decryption key from the browser and then use an external program to subscribe to the topic ‘#’ and thus recieve all messages from all connected devices. | 2025-06-11 | not yet calculated | CVE-2025-29756 |
| TCMAN–GIM | Incorrect authorization vulnerability in TCMAN’s GIM v11. This vulnerability allows an attacker, with low privilege level, to change the password of other users through a POST request using the parameters idUser, PasswordActual, PasswordNew and PasswordNewRepeat in /PC/WebService.aspx/validateChangePassword%C3%B1a. To exploit the vulnerability the PasswordActual parameter must be empty. | 2025-06-09 | not yet calculated | CVE-2025-40668 |
| TCMAN–GIM | Incorrect authorization vulnerability in TCMAN’s GIM v11. This vulnerability allows an unprivileged attacker to modify the permissions held by each of the application’s users, including the user himself by sending a POST request to /PC/Options.aspx?Command=2&Page=-1. | 2025-06-09 | not yet calculated | CVE-2025-40669 |
| TCMAN–GIM | Incorrect authorization vulnerability in TCMAN’s GIM v11. This vulnerability allows an unprivileged attacker to create a user and assign it many privileges by sending a POST request to /PC/frmGestionUser.aspx/updateUser. | 2025-06-09 | not yet calculated | CVE-2025-40670 |
| The Qt Company–Qt | There is a “Use After Free” vulnerability in Qt’s QHttp2ProtocolHandler in the QtNetwork module. This only affects HTTP/2 handling, HTTP handling is not affected by this at all. This happens due to a race condition between how QHttp2Stream uploads the body of a POST request and the simultaneous handling of HTTP error responses. This issue only affects Qt 6.9.0 and has been fixed for Qt 6.9.1. | 2025-06-11 | not yet calculated | CVE-2025-5991 |
| Trusted Computing Group–TPM2.0 | TCG TPM2.0 Reference implementation’s CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key’s algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0 | 2025-06-10 | not yet calculated | CVE-2025-2884 |
| Unknown–Axle Demo Importer | The Axle Demo Importer WordPress plugin through 1.0.3 does not validate files to be uploaded, which could allow authenticated users (author and above) to upload arbitrary files such as PHP on the server | 2025-06-10 | not yet calculated | CVE-2025-4954 |
| Unknown–Broadstreet | The Broadstreet WordPress plugin before 1.51.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | 2025-06-09 | not yet calculated | CVE-2025-4652 |
| Unknown–inprosysmedia-likes-dislikes-post | The inprosysmedia-likes-dislikes-post WordPress plugin through 1.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection | 2025-06-10 | not yet calculated | CVE-2025-4840 |
| Unknown–Newsletter | The Newsletter WordPress plugin before 8.8.5 does not validate and escape some of its Widget options before outputting them back in a page/post where the block is embed, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | 2025-06-09 | not yet calculated | CVE-2025-3581 |
| Unknown–Newsletter | The Newsletter WordPress plugin before 8.85 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | 2025-06-09 | not yet calculated | CVE-2025-3582 |
| upKeeper Solutions–upKeeper Instant Privilege Access | Improper Input Validation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects upKeeper Instant Privilege Access: before 1.4.0. | 2025-06-10 | not yet calculated | CVE-2025-4680 |
| upKeeper Solutions–upKeeper Instant Privilege Access | Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Privilege Abuse.This issue affects upKeeper Instant Privilege Access: before 1.4.0. | 2025-06-10 | not yet calculated | CVE-2025-4681 |
| vantage6–vantage6 | vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. If attacker gets access to an authenticated session, they can try to brute-force the user password by using the change password functionality: they can call that route infinitely which will return the message that password is wrong until it is correct. This vulnerability is fixed in 4.11. | 2025-06-12 | not yet calculated | CVE-2025-43863 |
| vantage6–vantage6 | vantage6 is an open-source infrastructure for privacy preserving analysis. The JWT secret key in the vantage6 server is auto-generated unless defined by the user. The auto-generated key is a UUID1, which is not cryptographically secure as it is predictable to some extent. This vulnerability is fixed in 4.11.0. | 2025-06-12 | not yet calculated | CVE-2025-43866 |
| wasp-lang–wasp | Wasp (Web Application Specification) is a Rails-like framework for React, Node.js, and Prisma. Prior to version 0.16.6, Wasp authentication has a vulnerability in the OAuth authentication implementation (affecting only Keycloak with a specific config). Wasp currently lowercases OAuth user IDs before storing / fetching them. This behavior violates OAuth and OpenID Connect specifications and can result in user impersonation, account collisions, and privilege escalation. In practice, out of the OAuth providers that Wasp auth supports, only Keycloak is affected. Keycloak uses a lowercase UUID by default, but users can configure it to be case sensitive, making it affected. Google, GitHub, and Discord use numerical IDs, making them not affected. Users should update their Wasp version to `0.16.6` which has a fix for the problematic behavior. Users using Keycloak can work around the issue by not using a case sensitive user ID in their realm configuration. | 2025-06-09 | not yet calculated | CVE-2025-49006 |
| Wazuh–Wazuh Agent | Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for remote code execution or used to escalate privileges to SYSTEM via AD CS certificate forging and other similar attacks. | 2025-06-11 | not yet calculated | CVE-2024-1243 |
| xwiki–xwiki-platform | XWiki is a generic wiki platform. It’s possible to execute any SQL query in Oracle by using the function like DBMS_XMLGEN or DBMS_XMLQUERY. The XWiki query validator does not sanitize functions that would be used in a simple select and Hibernate allows using any native function in an HQL query. This vulnerability is fixed in 16.10.2, 16.4.7, and 15.10.16. | 2025-06-12 | not yet calculated | CVE-2024-56158 |
| xwiki–xwiki-platform | XWiki is a generic wiki platform. From 8.2 and 7.4.5 until 17.1.0-rc-1, 16.10.4, and 16.4.7, pages can gain script or programming rights when they contain a link and the target of the link is renamed or moved. This might lead to execution of scripts contained in xobjects that should have never been executed. This vulnerability is fixed in 17.1.0-rc-1, 16.10.4, and 16.4.7. | 2025-06-13 | not yet calculated | CVE-2025-49580 |
| xwiki–xwiki-platform | XWiki is a generic wiki platform. Any user with edit right on a page (could be the user’s profile) can execute code (Groovy, Python, Velocity) with programming right by defining a wiki macro. This allows full access to the whole XWiki installation. The main problem is that if a wiki macro parameter allows wiki syntax, its default value is executed with the rights of the author of the document where it is used. This can be exploited by overriding a macro like the children macro that is used in a page that has programming right like the page XWiki.ChildrenMacro and thus allows arbitrary script macros. This vulnerability has been patched in XWiki 16.4.7, 16.10.3 and 17.0.0 by executing wiki parameters with the rights of the wiki macro’s author when the parameter’s value is the default value. | 2025-06-13 | not yet calculated | CVE-2025-49581 |
| xwiki–xwiki-platform | XWiki is a generic wiki platform. When editing content that contains “dangerous” macros like malicious script macros that were authored by a user with fewer rights, XWiki warns about the execution of these macros since XWiki 15.9RC1. These required rights analyzers that trigger these warnings are incomplete, allowing an attacker to hide malicious content. For most macros, the existing analyzers don’t consider non-lowercase parameters. Further, most macro parameters that can contain XWiki syntax like titles of information boxes weren’t analyzed at all. Similarly, the “source” parameters of the content and context macro weren’t anylzed even though they could contain arbitrary XWiki syntax. In the worst case, this could allow a malicious to add malicious script macros including Groovy or Python macros to a page that are then executed after another user with programming righs edits the page, thus allowing remote code execution. The required rights analyzers have been made more robust and extended to cover those cases in XWiki 16.4.7, 16.10.3 and 17.0.0. | 2025-06-13 | not yet calculated | CVE-2025-49582 |
| xwiki–xwiki-platform | XWiki is a generic wiki platform. When a user without script right creates a document with an `XWiki.Notifications.Code.NotificationEmailRendererClass` object, and later an admin edits and saves that document, the email templates in this object will be used for notifications. No malicious code can be executed, though, as while these templates allow Velocity code, the existing generic analyzer already warns admins before editing Velocity code. The main impact would thus be to send spam, e.g., with phishing links to other users or to hide notifications about other attacks. Note that warnings before editing documents with dangerous properties have only been introduced in XWiki 15.9, before that version, this was a known issue and the advice was simply to be careful. This has been patched in XWiki 16.10.2, 16.4.7 and 15.10.16 by adding an analysis for the respective XClass properties. | 2025-06-13 | not yet calculated | CVE-2025-49583 |
| xwiki–xwiki-platform | XWiki is a generic wiki platform. In XWiki Platform versions 10.9 through 16.4.6, 16.5.0-rc-1 through 16.10.2, and 17.0.0-rc-1, the title of every single page whose reference is known can be accessed through the REST API as long as an XClass with a page property is accessible, this is the default for an XWiki installation. This allows an attacker to get titles of pages whose reference is known, one title per request. This doesn’t affect fully private wikis as the REST endpoint checks access rights on the XClass definition. The impact on confidentiality depends on the strategy for page names. By default, page names match the title, so the impact should be low but if page names are intentionally obfuscated because the titles are sensitive, the impact could be high. This has been fixed in XWiki 16.4.7, 16.10.3 and 17.0.0 by adding access control checks before getting the title of any page. | 2025-06-13 | not yet calculated | CVE-2025-49584 |
| xwiki–xwiki-platform | XWiki is a generic wiki platform. In versions before 15.10.16, 16.0.0-rc-1 through 16.4.6, and 16.5.0-rc-1 through 16.10.1, when an attacker without script or programming right creates an XClass definition in XWiki (requires edit right), and that same document is later edited by a user with script, admin, or programming right, malicious code could be executed with the rights of the editing user without prior warning. In particular, this concerns custom display code, the script of computed properties and queries in database list properties. Note that warnings before editing documents with dangerous properties have only been introduced in XWiki 15.9, before that version, this was a known issue and the advice was simply to be careful. This has been patched in XWiki 16.10.2, 16.4.7 and 15.10.16 by adding an analysis for the respective XClass properties. | 2025-06-13 | not yet calculated | CVE-2025-49585 |
| xwiki–xwiki-platform | XWiki is an open-source wiki software platform. Any XWiki user with edit right on at least one App Within Minutes application (the default for all users XWiki) can obtain programming right/perform remote code execution by editing the application. This vulnerability has been fixed in XWiki 17.0.0, 16.4.7, and 16.10.3. | 2025-06-13 | not yet calculated | CVE-2025-49586 |
| xwiki–xwiki-platform | XWiki is an open-source wiki software platform. When a user without script right creates a document with an XWiki.Notifications.Code.NotificationDisplayerClass object, and later an admin edits and saves that document, the possibly malicious content of that object is output as raw HTML, allowing XSS attacks. While the notification displayer executes Velocity, the existing generic analyzer already warns admins before editing Velocity code. Note that warnings before editing documents with dangerous properties have only been introduced in XWiki 15.9, before that version, this was a known issue and the advice was simply to be careful. This vulnerability has been patched in XWiki 15.10.16, 16.4.7, and 16.10.2 by adding a required rights analyzer that warns the admin before editing about the possibly malicious code. | 2025-06-13 | not yet calculated | CVE-2025-49587 |