A SQL injection vulnerability (CVSS 7.3). Risk factors: EPSS 28% exploitation probability, public PoC available.
Stored cross-site scripting (XSS) vulnerability in Crafty Controller that allows authenticated attackers to inject malicious JavaScript through the Server Name form and API Key form components. An attacker with valid credentials can craft malicious input that persists in the application, executing arbitrary scripts in other users' browsers with the same security context. While CVSS 7.6 indicates high severity and the vulnerability requires low attack complexity with network accessibility, real-world risk is constrained by the requirement for prior authentication and user interaction.
A critical buffer overflow vulnerability exists in H3C GR-3000AX V100R007L50 within the UpdateWanParamsMulti/UpdateIpv6Params functions of /routing/goform/aspForm that allows authenticated remote attackers to achieve complete system compromise (confidentiality, integrity, and availability). Public exploit code is available and the vulnerability is actively exploitable; however, the vendor has assessed the risk as low and has not committed to immediate patching, despite confirmed existence of the issue.
Critical buffer overflow vulnerability in H3C GR-5400AX V100R009L50 routers affecting the UpdateWanparamsMulti and UpdateIpv6params functions. An authenticated remote attacker can manipulate the 'param' argument to trigger a buffer overflow, potentially achieving remote code execution with full system compromise (confidentiality, integrity, availability impact). A public proof-of-concept exists and the vulnerability is confirmed by the vendor, though they have deprioritized remediation despite the CVSS 8.8 score and active disclosure.
IBM Security Verify Directory Container versions 10.0.0.0 through 10.0.3.1 contain a privilege escalation vulnerability allowing local users to execute arbitrary commands as root. The vulnerability stems from the application running with unnecessary elevated privileges, enabling authenticated local attackers to escalate permissions without user interaction. This is a high-severity local privilege escalation affecting containerized deployments of IBM's identity and access management solution.
Unsanitized user-supplied data saved in the PingFederate Administrative Console could trigger the execution of JavaScript code in subsequent user processing.
CVE-2025-22854 is a security vulnerability (CVSS 6.9). Remediation should follow standard vulnerability management procedures.
A path traversal issue in the API endpoint in M-Files Server before version 25.6.14925.0 allows an authenticated user to read files in the server.
A vulnerability, which was classified as critical, has been found in qianfox FoxCMS up to 1.2.5. This issue affects the function batchCope of the file app/admin/controller/Download.php. The manipulation of the argument ids leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
A vulnerability classified as critical was found in uYanki board-stm32f103rc-berial up to 84daed541609cb7b46854cc6672a275d1007e295. This vulnerability affects the function heartrate1_i2c_hal_write of the file 7.Example/hal/i2c/max30100/Manual/demo2/2/heartrate1_hal.c. The manipulation of the argument num leads to stack-based buffer overflow. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1 through 3.5.3, and MQ Operator SC2 3.2.0 through 3.2.12 Native HA CRR could be configured with a private key and chain other than the intended key which could disclose sensitive information or allow the attacker to perform unauthorized actions.
A security vulnerability in PingFederate OAuth2 grant duplication in PostgreSQL persistent storage (CVSS 2.1) that allows oauth2 requests. Remediation should follow standard vulnerability management procedures.
A vulnerability was found in comfyanonymous comfyui up to 0.3.39. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /upload/image of the component Incomplete Fix CVE-2024-10099. The manipulation of the argument image leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability has been found in Astun Technology iShare Maps 5.4.0 and classified as problematic. This vulnerability affects unknown code of the file atCheckJS.aspx. The manipulation of the argument ref leads to open redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.