Skip to main content
CVE-2025-5301 MEDIUM POC This Month

ONLYOFFICE Docs (DocumentServer) in versions equal and below 8.3.1 are affected by a reflected cross-site scripting (XSS) issue when opening files via the WOPI protocol. Attackers could inject malicious scripts via crafted HTTP POST requests, which are then reflected in the server's HTML response.

XSS
NVD GitHub
CVSS 3.1
6.1
EPSS
5.3%
CVE-2025-5996 MEDIUM POC PATCH This Month

An issue has been discovered in GitLab CE/EE affecting all versions from 2.1.0 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. A lack of input validation in HTTP responses could allow an authenticated user to cause denial of service.

Gitlab Denial Of Service Ubuntu Debian
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-44906 MEDIUM POC PATCH This Month

uptrace pgdriver v1.2.1 was discovered to contain a SQL injection vulnerability via the appendArg function in /pgdriver/format.go. The maintainer has stated that the issue is fixed in v1.2.15.

SQLi Pgdriver Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-49579 MEDIUM POC PATCH This Month

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.

XSS Citizen
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2024-44905 MEDIUM POC PATCH This Month

go-pg pg v10.13.0 was discovered to contain a SQL injection vulnerability via the component /types/append_value.go.

SQLi Ubuntu Debian Pg Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-49578 MEDIUM POC PATCH This Month

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various date messages returned by `Language::userDate` are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.

XSS Citizen
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-49577 MEDIUM POC PATCH This Month

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various preferences messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1.

XSS Citizen
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-49576 MEDIUM POC PATCH This Month

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The citizen-search-noresults-title and citizen-search-noresults-desc system messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1.

XSS Citizen
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-49575 MEDIUM POC PATCH This Month

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.

XSS Citizen
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-44091 MEDIUM POC This Month

yangyouwang crud v1.0.0 is vulnerable to Cross Site Scripting (XSS) via the role management function.

XSS Crud
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-29744 MEDIUM POC PATCH This Month

pg-promise before 11.5.5 is vulnerable to SQL Injection due to improper handling of negative numbers.

SQLi Pg Promise
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-5195 MEDIUM POC PATCH This Month

An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. It was possible for authenticated users to access arbitrary compliance frameworks, leading to unauthorized data disclosure.

Gitlab Authentication Bypass Ubuntu Debian
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-41233 MEDIUM This Month

Description: VMware AVI Load Balancer contains an authenticated blind SQL Injection vulnerability. VMware has evaluated the severity of the issue to be in the Moderate severity range https://www.broadcom.com/support/vmware-services/security-response  with a maximum CVSSv3 base score of 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N . Known Attack Vectors: An authenticated malicious user with network access may be able to use specially crafted SQL queries to gain database access. Resolution: To remediate CVE-2025-41233 apply the patches to the Avi Controller listed in the 'Fixed Version' column of the 'Response Matrix' found below. Workarounds: None. Additional Documentation: None. Acknowledgements: VMware would like to thank Alexandru Copaceanu https://www.linkedin.com/in/alexandru-copaceanu-b39aaa1a8/  for reporting this issue to us. Notes: None.   Response Matrix: ProductVersionRunning OnCVECVSSv4SeverityFixed VersionWorkaroundsAdditional DocumentsVMware Avi Load Balancer30.1.1AnyCVE-2025-41233 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Moderate 30.1.2-2p3 https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/30-1/vmware-avi-load-balancer-release-notes/release-notes-30-1-2.html NoneNoneVMware Avi Load Balancer30.1.2AnyCVE-2025-41233 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Moderate 30.1.2-2p3 https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/30-1/vmware-avi-load-balancer-release-notes/release-notes-30-1-2.html NoneNoneVMware Avi Load Balancer30.2.1AnyCVE-2025-41233 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Moderate 30.2.1-2p6 https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/30-2/vmware-avi-load-balancer-release-notes/release-notes-for-avi-load-balancer-version-30-2-1.html NoneNoneVMware Avi Load Balancer30.2.2AnyCVE-2025-41233 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Moderate 30.2.2-2p5 https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/30-2/vmware-avi-load-balancer-release-notes/release-notes-for-avi-load-balancer-version-30-2-2.html NoneNoneVMware Avi Load Balancer30.2.3AnyCVE-2025-41233N/AN/AUnaffectedNoneNoneVMware Avi Load Balancer31.1.1AnyCVE-2025-41233 6.8 https://www.first.org/cvss/calculator/3-0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Moderate 31.1.1-2p2 https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/31-1/vmware-avi-load-balancer-release-notes/Release-Note-Section-20627.html NoneNone CWE-89 in the Avi Load Balancer component of VMware allows an authenticated attacker to execute blind SQL injections in versions 30.1.1, 30.1.2, 30.2.1, and 30.2.2 due to improper input validation, enabling unauthorized database access.

SQLi VMware
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2025-1516 MEDIUM PATCH This Month

An issue has been discovered in GitLab CE/EE affecting all versions from 8.7 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Improper input validation in Tokens Names could be used to trigger a denial of service.

Gitlab Denial Of Service Ubuntu Debian
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-1478 MEDIUM PATCH This Month

An issue has been discovered in GitLab CE/EE affecting all versions from 8.13 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input validation in Board Names could be used to trigger a denial of service.

Gitlab Denial Of Service Ubuntu Debian
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-49200 MEDIUM This Month

The created backup files are unencrypted, making the application vulnerable for gathering sensitive information by downloading and decompressing the backup files.

Information Disclosure Field Analytics
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-41234 MEDIUM PATCH This Month

Description In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a reflected file download (RFD) attack when it sets a “Content-Disposition” header with a non-ASCII charset, where the filename attribute is derived from user-supplied input. Specifically, an application is vulnerable when all the following are true: * The header is prepared with org.springframework.http.ContentDisposition. * The filename is set via ContentDisposition.Builder#filename(String, Charset). * The value for the filename is derived from user-supplied input. * The application does not sanitize the user-supplied input. * The downloaded content of the response is injected with malicious commands by the attacker (see RFD paper reference for details). An application is not vulnerable if any of the following is true: * The application does not set a “Content-Disposition” response header. * The header is not prepared with org.springframework.http.ContentDisposition. * The filename is set via one of: * ContentDisposition.Builder#filename(String), or * ContentDisposition.Builder#filename(String, ASCII) * The filename is not derived from user-supplied input. * The filename is derived from user-supplied input but sanitized by the application. * The attacker cannot inject malicious content in the downloaded content of the response. Affected Spring Products and VersionsSpring Framework: * 6.2.0 - 6.2.7 * 6.1.0 - 6.1.20 * 6.0.5 - 6.0.28 * Older, unsupported versions are not affected MitigationUsers of affected versions should upgrade to the corresponding fixed version. Affected version(s)Fix versionAvailability6.2.x6.2.8OSS6.1.x6.1.21OSS6.0.x6.0.29 Commercial https://enterprise.spring.io/ No further mitigation steps are necessary. CWE-113 in `Content-Disposition` handling in VMware Spring Framework versions 6.0.5 to 6.2.7 allows remote attackers to launch Reflected File Download (RFD) attacks via unsanitized user input in `ContentDisposition.Builder#filename(String, Charset)` with non-ASCII charsets.

Java Code Injection VMware Ubuntu Debian +2
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-49197 MEDIUM PATCH This Month

A security vulnerability in application uses a weak password (CVSS 6.5). Remediation should follow standard vulnerability management procedures.

Information Disclosure Media Server
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-49196 MEDIUM This Month

A service supports the use of a deprecated and unsafe TLS version. This could be exploited to expose sensitive information, modify data in unexpected ways or spoof identities of other users or devices, affecting the confidentiality and integrity of the device.

Information Disclosure Field Analytics
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-2745 MEDIUM This Month

A cross-site scripting vulnerability exists in AVEVA PI Web API version 2023 SP1 and prior that, if exploited, could allow an authenticated attacker (with privileges to create/update annotations or upload media files) to persist arbitrary JavaScript code that will be executed by users who were socially engineered to disable content security policy protections while rendering annotation attachments from within a web browser.

XSS
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-36539 MEDIUM CISA This Month

AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if exploited, could allow an authenticated user to shut down certain necessary PI Data Archive subsystems, resulting in a denial of service.

Denial Of Service
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-49589 MEDIUM PATCH This Month

PCSX2 is a free and open-source PlayStation 2 (PS2) emulator. A stack-based buffer overflow exists in the Kprintf_HLE function of PCSX2 versions up to 2.3.414. Opening a disc image that logs a specially crafted message may allow a remote attacker to execute arbitrary code if the user enabled IOP Console Logging. This vulnerability is fixed in 2.3.414.

Buffer Overflow Stack Overflow RCE Ubuntu Debian +1
NVD GitHub
CVSS 4.0
6.1
EPSS
0.1%
CVE-2025-40592 MEDIUM This Month

A vulnerability has been identified in Mendix Studio Pro 10 (All versions < V10.23.0), Mendix Studio Pro 10.12 (All versions < V10.12.17), Mendix Studio Pro 10.18 (All versions < V10.18.7), Mendix Studio Pro 10.6 (All versions < V10.6.24), Mendix Studio Pro 11 (All versions < V11.0.0), Mendix Studio Pro 8 (All versions < V8.18.35), Mendix Studio Pro 9 (All versions < V9.24.35). A zip path traversal vulnerability exists in the module installation process of Studio Pro. By crafting a malicious module and distributing it via (for example) the Mendix Marketplace, an attacker could write or modify arbitrary files in directories outside a developer’s project directory upon module installation.

Path Traversal
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-49185 MEDIUM This Month

The web application is susceptible to cross-site-scripting attacks. An attacker who can create new dashboard widgets can inject malicious JavaScript code into the Transform Function which will be executed when the widget receives data from its data source.

XSS Field Analytics
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-4417 MEDIUM This Month

A cross-site scripting vulnerability exists in AVEVA PI Connector for CygNet Versions 1.6.14 and prior that, if exploited, could allow an administrator miscreant with local access to the connector admin portal to persist arbitrary JavaScript code that will be executed by other users who visit affected pages.

XSS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-45256 MEDIUM This Month

Multiple SQL injection vulnerabilities in the EuroInformation MoneticoPaiement module before 1.1.1 for PrestaShop allow remote attackers to execute arbitrary SQL commands via the TPE, societe, MAC, reference, or aliascb parameter to transaction.php, validation.php, or callback.php.

PHP SQLi
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-49195 MEDIUM This Month

The FTP server’s login mechanism does not restrict authentication attempts, allowing an attacker to brute-force user passwords and potentially compromising the FTP server.

Information Disclosure Media Server
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-49188 MEDIUM This Month

CVE-2025-49188 is a security vulnerability (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Information Disclosure Field Analytics
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-49187 MEDIUM This Month

CVE-2025-49187 is a security vulnerability (CVSS 5.3) that allows an attacker. Remediation should follow standard vulnerability management procedures.

Information Disclosure Field Analytics
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-49186 MEDIUM This Month

The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susceptible to brute-force attacks.

Information Disclosure Field Analytics Baggage Analytics Logistic Diagnostic Analytics Media Server +2
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-6003 MEDIUM This Month

The WordPress Single Sign-On (SSO) plugin for WordPress is vulnerable to unauthorized access due to a misconfigured capability check on a function in all versions up to, and including, the *.5.3 versions of the plugin. This makes it possible for unauthenticated attackers to extract sensitive data including site content that has been restricted to certain users and/or roles.

WordPress Information Disclosure Authentication Bypass PHP
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-49189 MEDIUM PATCH This Month

CVE-2025-49189 is a security vulnerability (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Information Disclosure Media Server
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-9512 MEDIUM PATCH This Month

An issue has been discovered in GitLab EE affecting all versions prior to 17.10.8, 17.11 prior to 17.11.4, and 18.0 prior to 18.0.2. It may have been possible for private repository to be cloned in case of race condition when a secondary node is out of sync.

Gitlab Information Disclosure Debian
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-4233 MEDIUM PATCH This Month

CVE-2025-4233 is a security vulnerability (CVSS 5.1) that allows users. Remediation should follow standard vulnerability management procedures.

Paloalto Authentication Bypass
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2025-49081 MEDIUM PATCH This Month

There is an insufficient input validation vulnerability in the warehouse component of Absolute Secure Access prior to server version 13.55. Attackers with system administrator permissions can impair the availability of the Secure Access administrative UI by writing invalid data to the warehouse over the network. The attack complexity is low, there are no attack requirements, privileges required are high, and there is no user interaction required. There is no impact on confidentiality or integrity; the impact on availability is high.

Information Disclosure Secure Access
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-49191 MEDIUM This Month

Linked URLs during the creation of iFrame widgets and dashboards are vulnerable to code execution. The URLs get embedded as iFrame widgets, making it possible to attack other users that access the dashboard by including malicious code. The attack is only possible if the attacker is authorized to create new dashboards or iFrame widgets.

RCE XSS Field Analytics
NVD
CVSS 3.1
4.8
EPSS
0.1%
CVE-2025-4418 MEDIUM This Month

A privilege escalation vulnerability in AVEVA PI Connector for CygNet (CVSS 4.4) that allows a miscreant with elevated privileges. Remediation should follow standard vulnerability management procedures.

Information Disclosure
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2025-49190 MEDIUM This Month

The application is vulnerable to Server-Side Request Forgery (SSRF). An endpoint can be used to send server internal requests to other ports.

SSRF Field Analytics
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-49192 MEDIUM PATCH This Month

The web application is vulnerable to clickjacking attacks. The site can be embedded into another frame, allowing an attacker to trick a user into clicking on something different from what the user perceives. This could potentially reveal confidential information or allow others to take control of their computer while clicking on seemingly innocuous objects.

XSS Media Server Field Analytics
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-49193 MEDIUM PATCH This Month

The application fails to implement several security headers. These headers help increase the overall security level of the web application by e.g., preventing the application to be displayed in an iFrame (Clickjacking attacks) or not executing injected malicious JavaScript code (XSS attacks).

XSS Baggage Analytics Package Analytics Field Analytics Logistic Diagnostic Analytics +2
NVD
CVSS 3.1
4.2
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy