Skip to main content
CVE-2025-4334 CRITICAL POC THREAT Emergency

The Simple User Registration plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3. This is due to insufficient restrictions on user meta values that can be supplied during registration. This makes it possible for unauthenticated attackers to register as an administrator.

WordPress Privilege Escalation
NVD
CVSS 3.1
9.8
EPSS
29.3%
Threat
4.3
CVE-2025-34045 HIGH POC THREAT Act Now

A path traversal vulnerability exists in WeiPHP 5.0, an open source WeChat public account platform development framework by Shenzhen Yuanmengyun Technology Co., Ltd. The flaw occurs in the picUrl parameter of the /public/index.php/material/Material/_download_imgage endpoint, where insufficient input validation allows unauthenticated remote attackers to perform directory traversal via crafted POST requests. This enables arbitrary file read on the server, potentially exposing sensitive information such as configuration files and source code. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.

PHP Path Traversal Weiphp
NVD GitHub
CVSS 3.1
7.5
EPSS
18.6%
CVE-2025-29331 CRITICAL POC Act Now

An issue in MHSanaei 3x-ui before v.2.5.3 and before allows a remote attacker to execute arbitrary code via the management script x-ui passes the no check certificate option to wget when downloading updates

RCE 3x Ui
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2025-49003 CRITICAL POC PATCH Act Now

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, a threat actor may take advantage of a feature in Java in which the character "ı" becomes "I" when converted to uppercase, and the character "ſ" becomes "S" when converted to uppercase. A threat actor who uses a carefully crafted message that exploits this character conversion can cause remote code execution. The vulnerability has been fixed in v2.10.11. No known workarounds are available.

RCE Java Dataease
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2025-30131 CRITICAL POC Act Now

An issue was discovered on IROAD Dashcam FX2 devices. An unauthenticated file upload endpoint can be leveraged to execute arbitrary commands by uploading a CGI-based webshell. Once a file is uploaded, the attacker can execute commands with root privileges, gaining full control over the dashcam. Additionally, by uploading a netcat (nc) binary, the attacker can establish a reverse shell, maintaining persistent remote and privileged access to the device. This allows complete device takeover.

File Upload Fx2 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-34049 CRITICAL POC Act Now

An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version V2.1.11_X101 Build 1127.190306 and earlier. The router’s web management interface fails to properly sanitize user input in the target_addr parameter of the formTracert and formPing administrative endpoints. An authenticated attacker can inject arbitrary operating system commands, which are executed with root privileges, leading to remote code execution. Successful exploitation enables full compromise of the device. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-04 UTC.

RCE Command Injection
NVD Exploit-DB
CVSS 4.0
9.4
EPSS
0.2%
CVE-2025-6734 HIGH POC This Week

A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been rated as critical. This issue affects the function sub_484E40 of the file /goform/formP2PLimitConfig of the component API. The manipulation of the argument except leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Buffer Overflow 840g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-6733 HIGH POC This Week

A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been declared as critical. This vulnerability affects the function sub_416928 of the file /goform/formConfigDnsFilterGlobal of the component API. The manipulation of the argument GroupName leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Buffer Overflow 840g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-6732 HIGH POC This Week

A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been classified as critical. This affects the function strcpy of the file /goform/setSysAdm of the component API. The manipulation of the argument passwd1 leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Buffer Overflow 840g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-34048 HIGH POC This Week

A path traversal vulnerability exists in the web management interface of D-Link DSL-2730U, DSL-2750U, and DSL-2750E ADSL routers with firmware versions IN_1.02, SEA_1.04, and SEA_1.07. The vulnerability is due to insufficient input validation on the getpage parameter within the /cgi-bin/webproc CGI script. This flaw allows an unauthenticated remote attacker to perform path traversal attacks by supplying crafted requests, enabling arbitrary file read on the affected device. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-04 UTC.

Path Traversal D-Link
NVD GitHub Exploit-DB
CVSS 4.0
8.7
EPSS
0.3%
CVE-2025-53002 HIGH POC PATCH This Week

LLaMA-Factory is a tuning library for large language models. A remote code execution vulnerability was discovered in LLaMA-Factory versions up to and including 0.9.3 during the LLaMA-Factory training process. This vulnerability arises because the `vhead_file` is loaded without proper safeguards, allowing malicious attackers to execute arbitrary malicious code on the host system simply by passing a malicious `Checkpoint path` parameter through the `WebUI` interface. The attack is stealthy, as the victim remains unaware of the exploitation. The root cause is that the `vhead_file` argument is loaded without the secure parameter `weights_only=True`. Version 0.9.4 contains a fix for the issue.

RCE Code Injection Llama Factory
NVD GitHub
CVSS 3.1
8.3
EPSS
1.6%
CVE-2025-52903 HIGH POC PATCH GHSA This Week

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In version 2.32.0, the Command Execution feature of File Browser only allows the execution of shell command which have been predefined on a user-specific allowlist. Many tools allow the execution of arbitrary different commands, rendering this limitation void. The concrete impact depends on the commands being granted to the attacker, but the large number of standard commands allowing the execution of subcommands makes it likely that every user having the `Execute commands` permissions can exploit this vulnerability. Everyone who can exploit it will have full code execution rights with the uid of the server process. Until this issue is fixed, the maintainers recommend to completely disable `Execute commands` for all accounts. Since the command execution is an inherently dangerous feature that is not used by all deployments, it should be possible to completely disable it in the application's configuration. As a defense-in-depth measure, organizations not requiring command execution should operate the Filebrowser from a distroless container image. A patch version has been pushed to disable the feature for all existent installations, and making it opt-in. A warning has been added to the documentation and is printed on the console if the feature is enabled. Due to the project being in maintenance-only mode, the bug has not been fixed. The fix is tracked on pull request 5199.

RCE Command Injection
NVD GitHub VulDB
CVSS 3.1
8.0
EPSS
0.4%
CVE-2025-52904 HIGH POC PATCH GHSA This Week

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In version 2.32.0 of the web application, all users have a scope assigned, and they only have access to the files within that scope. The Command Execution feature of Filebrowser allows the execution of shell commands which are not restricted to the scope, potentially giving an attacker read and write access to all files managed by the server. Until this issue is fixed, the maintainers recommend to completely disable `Execute commands` for all accounts. Since the command execution is an inherently dangerous feature that is not used by all deployments, it should be possible to completely disable it in the application's configuration. As a defense-in-depth measure, organizations not requiring command execution should operate the Filebrowser from a distroless container image. A patch version has been pushed to disable the feature for all existent installations, and making it opt-in. A warning has been added to the documentation and is printed on the console if the feature is enabled. Due to the project being in maintenance-only mode, the bug has not been fixed. Fix is tracked on pull request 5199.

Command Injection
NVD GitHub VulDB
CVSS 3.1
8.0
EPSS
0.3%
CVE-2025-51672 HIGH POC This Week

A time-based blind SQL injection vulnerability was identified in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability exists in the manage-companies.php file and allows remote attackers to execute arbitrary SQL code via the companyname parameter in a POST request.

PHP SQLi Dairy Farm Shop Management System
NVD GitHub
CVSS 3.1
8.0
EPSS
0.1%
CVE-2025-6693 HIGH POC This Week

A vulnerability, which was classified as critical, was found in RT-Thread up to 5.1.0. This affects the function sys_device_open/sys_device_read/sys_device_control/sys_device_init/sys_device_close/sys_device_write of the file components/drivers/core/device.c. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The vendor was contacted early about this disclosure but did not respond in any way.

Buffer Overflow Rt Thread
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-52902 HIGH POC PATCH This Week

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The Markdown preview function of File Browser prior to v2.33.7 is vulnerable to Stored Cross-Site-Scripting (XSS). Any JavaScript code that is part of a Markdown file uploaded by a user will be executed by the browser. Version 2.33.7 contains a fix for the issue.

XSS Filebrowser Suse
NVD GitHub
CVSS 3.1
7.6
EPSS
0.0%
CVE-2025-52887 HIGH POC PATCH This Week

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In version 0.21.0, when many http headers fields are passed in, the library does not limit the number of headers, and the memory associated with the headers will not be released when the connection is disconnected. This leads to potential exhaustion of system memory and results in a server crash or unresponsiveness. Version 0.22.0 contains a patch for the issue.

Denial Of Service Ubuntu Debian Cpp Httplib Red Hat +1
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-34046 CRITICAL Act Now

An unauthenticated file upload vulnerability exists in the Fanwei E-Office <= v9.4 web management interface. The vulnerability affects the /general/index/UploadFile.php endpoint, which improperly validates uploaded files when invoked with certain parameters (uploadType=eoffice_logo or uploadType=theme). An attacker can exploit this flaw by sending a crafted HTTP POST request to upload arbitrary files without requiring authentication. Successful exploitation could enable remote code execution on the affected server, leading to complete compromise of the web application and potentially the underlying system. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.

File Upload PHP RCE Microsoft
NVD GitHub
CVSS 4.0
10.0
EPSS
2.6%
CVE-2024-56915 MEDIUM POC This Month

Netbox Community v4.1.7 and fixed in v.4.2.2 is vulnerable to Cross Site Scripting (XSS) via the RSS feed widget.

XSS Debian Netbox
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-34043 CRITICAL POC Act Now

A remote command injection vulnerability exists in Vacron Network Video Recorder (NVR) devices v1.4 due to improper input sanitization in the board.cgi script. The vulnerability allows unauthenticated attackers to pass arbitrary commands to the underlying operating system via crafted HTTP requests. These commands are executed with the privileges of the web server process, enabling remote code execution and potential full device compromise. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-06 UTC.

RCE Command Injection
NVD
CVSS 4.0
10.0
EPSS
0.6%
CVE-2025-6561 CRITICAL Act Now

Certain hybrid DVR models ((HBF-09KD and HBF-16NK)) from Hunt Electronic have an Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to directly access a system configuration file and obtain plaintext administrator credentials.

Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2014-0468 CRITICAL PATCH Act Now

Vulnerability in fusionforge in the shipped Apache configuration, where the web server may execute scripts that the users would have uploaded in their raw SCM repositories (SVN, Git, Bzr...). This issue affects fusionforge: before 5.3+20140506.

File Upload Apache Ubuntu Debian Fusionforge
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2015-0843 CRITICAL PATCH Act Now

yubiserver before 0.6 is prone to buffer overflows due to misuse of sprintf.

Buffer Overflow Ubuntu Debian Yubiserver
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2014-7210 CRITICAL PATCH Act Now

pdns specific as packaged in Debian in version before 3.3.1-1 creates a too privileged MySQL user. It was discovered that the maintainer scripts of pdns-backend-mysql grant too wide database permissions for the pdns user. Other backends are not affected.

Debian Privilege Escalation Ubuntu Debian Linux Pdns
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-3699 CRITICAL Act Now

Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation G-50 all versions, G-50-W all versions, G-50A all versions, GB-50 all versions, GB-50A all versions, GB-24A all versions, G-150AD all versions, AG-150A-A all versions, AG-150A-J all versions, GB-50AD all versions, GB-50ADA-A all versions, GB-50ADA-J all versions, EB-50GU-A all versions, EB-50GU-J all versions, AE-200J all versions, AE-200A all versions, AE-200E all versions, AE-50J all versions, AE-50A all versions, AE-50E all versions, EW-50J all versions, EW-50A all versions, EW-50E all versions, TE-200A all versions, TE-50A all versions, TW-50A all versions, and CMS-RMD-J all versions allows a remote unauthenticated attacker to bypass authentication and then control the air conditioning systems illegally, or disclose information in them by exploiting this vulnerability. In addition, the attacker may tamper with firmware for them using the disclosed information.

Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2015-0842 CRITICAL PATCH Act Now

yubiserver before 0.6 is prone to SQL injection issues, potentially leading to an authentication bypass.

Authentication Bypass SQLi Ubuntu Debian Yubiserver
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2024-52928 CRITICAL Act Now

Arc before 1.26.1 on Windows has a bypass issue in the site settings that allows websites (with previously granted permissions) to add new permissions when the user clicks anywhere on the website.

Microsoft Authentication Bypass Arc Windows
NVD
CVSS 3.1
9.6
EPSS
0.1%
CVE-2025-52900 MEDIUM POC PATCH This Month

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same is true for the database used by File Browser. On standard servers using File Browser prior to version 2.33.7 where the umask configuration has not been hardened before, this makes all the stated files readable by any operating system account. Version 2.33.7 fixes the issue.

Privilege Escalation Filebrowser Suse
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-34042 CRITICAL Act Now

An authenticated command injection vulnerability exists in the Beward N100 IP Camera firmware version M2.1.6.04C014 via the ServerName and TimeZone parameters in the servetest CGI page. An attacker with access to the web interface can inject arbitrary system commands into these parameters, which are unsafely embedded into backend system calls without proper input sanitization. Successful exploitation results in remote code execution with root privileges. Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-02 UTC.

RCE Command Injection
NVD
CVSS 4.0
9.4
EPSS
0.5%
CVE-2025-34044 CRITICAL Act Now

A remote command injection vulnerability exists in the confirm.php interface of the WIFISKY 7-layer Flow Control Router via a specially-crafted HTTP GET request to the t parameter. Insufficient input validation allows unauthenticated attackers to execute arbitrary OS commands. Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-25 UTC.

PHP Command Injection
NVD GitHub
CVSS 4.0
9.4
EPSS
0.3%
CVE-2025-50350 MEDIUM POC This Month

PHPGurukul Pre-School Enrollment System Project v1.0 is vulnerable to Directory Traversal in manage-classes.php.

PHP Path Traversal Pre School Enrollment System
NVD GitHub
CVSS 3.1
5.4
EPSS
0.2%
CVE-2025-51671 MEDIUM POC This Month

A SQL injection vulnerability was discovered in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability allows remote attackers to execute arbitrary SQL code via the category and categorycode parameters in a POST request to the manage-categories.php file.

PHP SQLi Dairy Farm Shop Management System
NVD GitHub
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-49603 CRITICAL Act Now

A security vulnerability in Northern.tech Mender Server before 3.7.11 and 4.x before 4.0.1 (CVSS 9.1). Critical severity with potential for significant impact on affected systems.

Authentication Bypass
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-34047 HIGH This Week

A path traversal vulnerability exists in the Leadsec SSL VPN (formerly Lenovo NetGuard), allowing unauthenticated attackers to read arbitrary files on the underlying system via the ostype parameter in the /vpn/user/download/client endpoint. This flaw arises from insufficient input sanitation, enabling traversal sequences to escape the intended directory and access sensitive files. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.

Path Traversal
NVD GitHub
CVSS 4.0
8.7
EPSS
1.1%
CVE-2025-53007 HIGH PATCH This Week

CVE-2025-53007 is a security vulnerability (CVSS 8.9). High severity vulnerability requiring prompt remediation.

Code Injection
NVD GitHub
CVSS 4.0
8.9
EPSS
0.1%
CVE-2025-6562 HIGH This Week

Certain hybrid DVR models (HBF-09KD and HBF-16NK) from Hunt Electronic have an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary OS commands and execute them on the device.

Command Injection
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-5459 HIGH PATCH This Week

A user with specific node group editing permissions and a specially crafted class parameter could be used to execute commands as root on the primary host. It affects Puppet Enterprise versions 2018.1.8 through 2023.8.3 and 2025.3 and has been resolved in versions 2023.8.4 and 2025.4.0.

Command Injection Debian Puppet Enterprise
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-5590 HIGH This Week

The Owl carousel responsive plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

WordPress SQLi PHP
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2024-6174 HIGH PATCH This Week

When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.

Authentication Bypass Ubuntu Debian Cloud Init Red Hat +1
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-48921 HIGH PATCH This Week

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Open Social allows Cross Site Request Forgery.This issue affects Open Social: from 0.0.0 before 12.3.14, from 12.4.0 before 12.4.13.

CSRF Open Social Drupal
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-37101 HIGH PATCH This Week

A potential security vulnerability has been identified in HPE OneView for VMware vCenter (OV4VC). This vulnerability could be exploited allowing an attacker with read only privilege to cause Vertical Privilege Escalation (operator can perform admin actions).

VMware Privilege Escalation
NVD
CVSS 3.1
8.7
EPSS
0.1%
CVE-2025-52477 HIGH PATCH This Week

Octo-STS is a GitHub App that acts like a Security Token Service (STS) for the GitHub API. Octo-STS versions before v0.5.3 are vulnerable to unauthenticated SSRF by abusing fields in OpenID Connect tokens. Malicious tokens were shown to trigger internal network requests which could reflect error logs with sensitive information. Upgrade to v0.5.3 to resolve this issue. This version includes patch sets to sanitize input and redact logging.

SSRF Suse
NVD GitHub
CVSS 3.1
8.6
EPSS
0.1%
CVE-2025-5966 HIGH This Week

Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Attachments by filename keyword report.

Microsoft XSS Manageengine Exchange Reporter Plus
NVD
CVSS 3.1
8.1
EPSS
1.9%
CVE-2025-5366 HIGH This Week

Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Folder-wise read mails with subject report.

Microsoft XSS Manageengine Exchange Reporter Plus
NVD
CVSS 3.1
8.1
EPSS
1.9%
CVE-2025-6709 HIGH PATCH This Week

The MongoDB Server is susceptible to a denial of service vulnerability due to improper handling of specific date values in JSON input when using OIDC authentication. This can be reproduced using the mongo shell to send a malicious JSON payload leading to an invariant failure and server crash. This issue affects MongoDB Server v7.0 versions prior to 7.0.17 and MongoDB Server v8.0 versions prior to 8.0.5. The same issue affects MongoDB Server v6.0 versions prior to 6.0.21, but an attacker can only induce denial of service after authenticating.

Denial Of Service Ubuntu Debian MongoDB
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-6710 HIGH PATCH This Week

MongoDB Server may be susceptible to stack overflow due to JSON parsing mechanism, where specifically crafted JSON inputs may induce unwarranted levels of recursion, resulting in excessive stack space consumption. Such inputs can lead to a stack overflow that causes the server to crash which could occur pre-authorisation. This issue affects MongoDB Server v7.0 versions prior to 7.0.17 and MongoDB Server v8.0 versions prior to 8.0.5. The same issue affects MongoDB Server v6.0 versions prior to 6.0.21, but an attacker can only induce denial of service after authenticating.

Denial Of Service Ubuntu Debian MongoDB
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2014-6274 HIGH PATCH This Week

git-annex had a bug in the S3 and Glacier remotes where if embedcreds=yes was set, and the remote used encryption=pubkey or encryption=hybrid, the embedded AWS credentials were stored in the git repository in (effectively) plaintext, not encrypted as they were supposed to be. This issue affects git-annex: from 3.20121126 before 5.20140919.

Information Disclosure Debian Git Annex Suse
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-6212 HIGH PATCH This Week

The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Database module in versions 3.5.11 to 3.5.19 due to insufficient input sanitization and output escaping. The unfiltered field names are stored alongside the sanitized values. Later, the admin-side AJAX endpoint ajax_get_table_data() returns those raw names as JSON column headers, and the client-side DataTables renderer injects them directly into the DOM without any HTML encoding. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS Ultimate Addons For Contact Form 7 PHP
NVD
CVSS 3.1
7.2
EPSS
0.3%
CVE-2025-3771 HIGH This Week

A path or symbolic link manipulation vulnerability in SIR 1.0.3 and prior versions allows an authenticated non-admin local user to overwrite system files with SIR backup files, which can potentially cause a system crash. This was achieved by adding a malicious entry to the registry under the Trellix SIR registry folder or via policy or with a junction symbolic link to files that the user would not normally have permission to acces

Denial Of Service System Information Reporter
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-53121 MEDIUM PATCH This Month

Multiple stored XSS were found on different nodes with unsanitized parameters in OpenMNS Horizon 33.0.8 and versions earlier than 33.1.6 on multiple platforms that allow an attacker to store on database and then inject HTML and/or Javascript on the page. The solution is to upgrade to Horizon 33.1.6, 33.1.7 or Meridian 2024.2.6, 2024.2.7 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Fábio Tomé for reporting this issue.

XSS
NVD GitHub
CVSS 4.0
6.9
EPSS
0.0%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy