THREAT ALERT

Daily vulnerability intelligence for defenders – fresh CVEs with exploitability signals, patch status, and action-oriented priorities from 17 sources.

CVEs published

Track vulnerabilities that matter to your stack

Personalized alerts, dashboards, and weekly digests – free.

Trending Now

Critical Watch

Attack Technique Trend

Prediction based on ZDI Disclosures & CVE data · 30 days

Analytics

Vendor Today – Quick Filter

Techniques

results

Sort:

Base Score

Vector String

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

Integrity (I)

Availability (A)

0 | 3.9| 6.9| 8.9| 10

NONE LOW MEDIUM HIGH CRITICAL

CVSS Filter – CVEs match

No CVEs match the selected criteria

Browse older vulnerabilities in Archive

Live Feed auto-refresh 60s

Vulnerability Intelligence — July 11, 2025

114 CVEs tracked today. 8 Critical, 40 High, 55 Medium, 6 Low.

CVE-2025-52950 CRITICAL CVSS 9.6
CVE-2025-52950 is a Missing Authorization vulnerability in Juniper Networks Security Director that allows authenticated attackers to read and modify sensitive resources beyond their authorization level through the web interface. This affects Security Director version 24.4.1 and could enable lateral movement and compromise of downstream managed network devices. The vulnerability has a critical CVSS 9.6 score and represents a significant integrity and availability risk, though it requires valid credentials to exploit.

Juniper Information Disclosure Security Director
CVE-2025-52579 CRITICAL CVSS 9.4
CVE-2025-52579 is a cleartext sensitive data storage vulnerability in Emerson ValveLink Products where cryptographic keys, credentials, or other sensitive information are retained unencrypted in process memory. An unauthenticated remote attacker can exploit this over the network with low complexity to extract sensitive data from memory dumps, core files, or crashed processes, potentially gaining unauthorized access to critical industrial control systems. The CVSS score of 9.4 reflects high confidentiality and integrity impact; however, KEV status, EPSS probability, and active exploitation data are not available in the provided sources, requiring real-time CISA monitoring for confirmation.

Denial Of Service
CVE-2025-50121 CRITICAL CVSS 9.5
CVE-2025-50121 is an OS command injection vulnerability (CWE-78) in an unspecified product that allows unauthenticated remote attackers to achieve remote code execution by creating a malicious folder through the web interface when HTTP is enabled. With a CVSS 9.5 score and network-based attack vector requiring minimal complexity, this represents a critical vulnerability; however, real-world risk is substantially mitigated by the requirement that HTTP must be explicitly enabled (disabled by default). No active KEV status, EPSS data, or public POC availability has been confirmed from the provided intelligence.

RCE Command Injection
CVE-2025-30026 CRITICAL CVSS 9.8
CVE-2025-30026 is a critical authentication bypass vulnerability in AXIS Camera Station Server that allows unauthenticated remote attackers to completely compromise the system without requiring valid credentials. The flaw has a CVSS score of 9.8 with a CVSS vector indicating network-accessible, low-complexity exploitation requiring no privileges or user interaction, enabling attackers to achieve full confidentiality, integrity, and availability compromise. This vulnerability affects the AXIS Camera Station Server product line and represents an immediate and severe threat requiring emergency patching.

Authentication Bypass Camera Station Camera Station Pro
CVE-2025-30023 CRITICAL CVSS 9.0
CVE-2025-30023 is a critical remote code execution vulnerability in a client-server communication protocol that allows authenticated users to execute arbitrary code on affected systems. The flaw affects users with valid credentials who can access the affected service over an adjacent network segment, potentially compromising confidentiality, integrity, and availability across trust boundaries. While specific product details are limited in the provided data, this represents a high-severity risk requiring immediate patching, particularly if actively exploited or if public proof-of-concept code exists.

RCE Authentication Bypass Camera Station Device Manager Camera Station Pro
CVE-2025-7503 CRITICAL CVSS 10.0
CVE-2025-7503 is a security vulnerability (CVSS 10.0). Critical severity with potential for significant impact on affected systems.

RCE Privilege Escalation Authentication Bypass IoT Ssh
CVE-2025-7401 CRITICAL CVSS 9.8
The Premium Age Verification / Restriction for WordPress plugin contains an insufficiently protected remote support functionality in remote_tunnel.php that allows unauthenticated attackers to read from or write to arbitrary files on affected servers. This critical vulnerability (CVSS 9.8) affects all versions up to and including 3.0.2, potentially enabling sensitive information disclosure or remote code execution without authentication. Given the critical CVSS score and network-accessible attack vector, this vulnerability should be treated as high priority pending confirmation of KEV status and active exploitation.

RCE PHP WordPress Information Disclosure Path Traversal
CVE-2025-5392 CRITICAL CVSS 9.8
The GB Forms DB plugin for WordPress contains a critical unauthenticated Remote Code Execution vulnerability in the gbfdb_talk_to_front() function, affecting all versions up to 1.0.2. The vulnerability stems from unsanitized user input passed directly to call_user_func(), allowing attackers to execute arbitrary PHP code without authentication. This can be leveraged to inject backdoors, create administrative accounts, or achieve full server compromise.

WordPress RCE PHP
CVE-2025-53641 HIGH CVSS 8.2
CVE-2025-53641 is a Server-Side Request Forgery (SSRF) vulnerability in Postiz versions 1.45.1 through 1.62.2 that allows unauthenticated network attackers to inject arbitrary HTTP headers into the middleware pipeline, enabling unauthorized outbound requests from the affected server. With a CVSS score of 8.2 and network-accessible attack surface (AV:N/PR:N), this vulnerability poses significant risk to confidentiality of internal services and resources accessible from the server. The vulnerability is patched in version 1.62.3, and exploitation requires no user interaction or authentication, making it a high-priority remediation target.

SSRF Code Injection
CVE-2025-53515 HIGH CVSS 8.8
A remote code execution vulnerability in Advantech iView that allows for SQL injection and remote code execution (CVSS 8.8) that allows for sql injection and remote code execution. High severity vulnerability requiring prompt remediation.

RCE SQLi Authentication Bypass Iview
CVE-2025-53475 HIGH CVSS 8.8
CVE-2025-53475 is a SQL injection vulnerability in Advantech iView's NetworkServlet.getNextTrapPage() function that allows authenticated users to execute arbitrary SQL queries and potentially achieve remote code execution within the context of the 'nt authority\local service' account. The vulnerability requires valid user-level credentials but has a high CVSS score of 8.8 due to the combination of high confidentiality, integrity, and availability impact. No KEV or active exploitation data is provided, but the authenticated requirement and network accessibility make this a moderate-to-high priority for organizations deploying Advantech iView.

RCE SQLi Iview
CVE-2025-52983 HIGH CVSS 7.2
CVE-2025-52983 is a critical authentication bypass vulnerability in Juniper Networks Junos OS on VM Host Routing Engines where public keys configured for root access are not properly validated, allowing users possessing the corresponding private key to gain unauthorized root-level access even after the public key has been administratively removed from the system. This network-accessible vulnerability affects multiple Junos OS release branches and requires high privileges to configure but enables complete system compromise once exploited. While the CVSS score of 7.2 reflects significant impact, the practical risk depends on KEV designation and active exploitation status.

Juniper Authentication Bypass Privilege Escalation Junos
CVE-2025-52981 HIGH CVSS 7.5
A denial of service vulnerability (CVSS 7.5). High severity vulnerability requiring prompt remediation.

Juniper Denial Of Service Junos
CVE-2025-52980 HIGH CVSS 7.5
A denial of service vulnerability (CVSS 7.5). High severity vulnerability requiring prompt remediation.

Juniper Denial Of Service Bgp Junos
CVE-2025-52954 HIGH CVSS 7.8
A command injection vulnerability (CVSS 7.8). High severity vulnerability requiring prompt remediation.

Juniper Information Disclosure Junos Os Evolved
CVE-2025-52946 HIGH CVSS 7.5
A denial of service vulnerability (CVSS 7.5) that allows an attacker sending a bgp update with a specifically malformed as path. High severity vulnerability requiring prompt remediation.

Juniper Use After Free Denial Of Service Bgp Junos Os Evolved
CVE-2025-52577 HIGH CVSS 8.8
CVE-2025-52577 is a SQL injection vulnerability in Advantech iView's NetworkServlet.archiveTrapRange() method that allows authenticated users to execute arbitrary SQL queries and potentially achieve remote code execution (RCE) within the LocalService account context. The vulnerability affects Advantech iView and requires user-level authentication, making it a post-authentication attack vector with high severity (CVSS 8.8). While no public POC or KEV status confirmation is available in provided data, the combination of SQL injection leading to RCE on a privileged service account represents significant risk for organizations deploying this network management solution.

RCE SQLi Iview
CVE-2025-52089 HIGH CVSS 8.8
CVE-2025-52089 is a critical remote code execution vulnerability in TOTOLINK N300RB firmware version 8.54, where a hidden remote support feature protected only by a static secret allows authenticated attackers to execute arbitrary OS commands with root privileges. While the CVSS 3.1 score of 8.8 reflects high severity, the attack vector is adjacent network (AV:A), limiting widespread exploitation to network-adjacent attackers. The vulnerability has not been publicly confirmed as actively exploited or included in CISA's Known Exploited Vulnerabilities (KEV) catalog, but the simplistic authentication mechanism (static secret) and hidden feature design suggest high exploitability once discovered.

Information Disclosure N300rb Firmware TOTOLINK
CVE-2025-50124 HIGH CVSS 7.2
CVE-2025-50124 is a privilege escalation vulnerability (CWE-269: Improper Privilege Management) affecting server systems with a CVSS score of 7.2. The vulnerability exists in a setup script that can be exploited when accessed by a privileged account via console, allowing attackers to escalate privileges and gain high-impact control over confidentiality, integrity, and availability. This is a physical/local attack vector requiring high privileges and significant effort, limiting widespread exploitation but representing critical risk in restricted access environments.

Privilege Escalation
CVE-2025-50123 HIGH CVSS 7.2
CVE-2025-50123 is a code injection vulnerability (CWE-94) in an unspecified server product that allows remote command execution when accessed via console by a privileged account through malicious hostname input. The vulnerability has a CVSS 4.0 score of 7.2 and requires physical access and high privileges, significantly limiting real-world exploitability despite the high impact potential. KEV status and EPSS scoring data are unavailable in provided intelligence, but the physical attack vector and high privilege requirement suggest this poses limited risk in typical network environments.

RCE Code Injection Privilege Escalation Command Injection
CVE-2025-50122 HIGH CVSS 8.9
CVE-2025-50122 is a cryptographic entropy vulnerability (CWE-331) in password generation algorithms that allows attackers with access to installation or upgrade artifacts to reverse engineer and discover root passwords. This affects products using insufficient entropy in their root password generation during deployment phases. With a CVSS score of 8.9 and network-adjacent attack vector, this poses a critical risk to systems deployed in environments where installation artifacts may be accessible or retained. The vulnerability requires moderate attack complexity but no user interaction, making it viable for targeted attacks against infrastructure during or shortly after deployment.

Information Disclosure Privilege Escalation
CVE-2025-50109 HIGH CVSS 7.7
CVE-2025-50109 affects Emerson ValveLink Products, which store sensitive information in cleartext within accessible resource locations, allowing local attackers without privileges to read confidential data. With a CVSS score of 7.7 and local attack vector, this vulnerability poses a significant confidentiality and integrity risk to industrial control system environments. The vulnerability's KEV status and actual exploitation likelihood should be confirmed with CISA and vendor advisories, as the high CVSS reflects substantial information exposure potential in proximity-based attack scenarios.

Information Disclosure
CVE-2025-48891 HIGH CVSS 7.6
CVE-2025-48891 is a SQL injection vulnerability in Advantech iView's CUtils.checkSQLInjection() function that fails to properly sanitize user input, allowing authenticated attackers with user-level privileges to execute arbitrary SQL queries. This can lead to unauthorized information disclosure or denial-of-service conditions. The vulnerability requires network access and user authentication but has no UI interaction requirement, making it a significant risk for organizations using iView in multi-user environments.

Code Injection Iview
CVE-2025-46358 HIGH CVSS 7.7
CVE-2025-46358 is a local privilege escalation vulnerability in Emerson ValveLink products stemming from insufficient or missing cryptographic protection mechanisms (CWE-693). An unauthenticated local attacker can exploit this to achieve high-impact confidentiality and integrity violations without requiring user interaction. The vulnerability affects multiple ValveLink product versions and has a CVSS score of 7.7 (high severity) with local attack vector and low complexity.

Information Disclosure
CVE-2025-43856 HIGH CVSS 7.3
Immich versions prior to 1.132.0 are vulnerable to account hijacking through OAuth2 state parameter validation bypass (CWE-303). An attacker can perform unauthorized account linkage by exploiting missing state parameter verification, allowing them to hijack victim accounts through crafted OAuth login URLs or hidden iframes embedded in malicious webpages. This vulnerability is particularly dangerous when OAuth providers are publicly accessible, and affected users can be compromised without direct interaction if the /user-settings redirect_uri is configured.

Google CSRF
CVE-2025-30661 HIGH CVSS 7.3
A remote code execution vulnerability in line card script processing of Juniper Networks Junos OS allows a local (CVSS 7.3). High severity vulnerability requiring prompt remediation.

Juniper Privilege Escalation Junos
CVE-2025-30403 HIGH CVSS 8.1
CVE-2025-30403 is a heap buffer overflow vulnerability in Meta's mvfst QUIC implementation that allows remote attackers without privileges to trigger memory corruption and cause denial of service or potentially read sensitive data from heap memory. The vulnerability affects mvfst versions prior to v2025.07.07.00 and requires user interaction (opening a malicious QUIC connection), with a high CVSS score of 8.1 reflecting the severity of memory safety issues, though KEV status and EPSS probability data are not currently available in public disclosures.

Buffer Overflow Heap Overflow Denial Of Service
CVE-2025-30402 HIGH CVSS 8.1
CVE-2025-30402 is a heap buffer overflow vulnerability in ExecuTorch's method loading mechanism that can cause runtime crashes and potentially enable arbitrary code execution. The vulnerability affects ExecuTorch versions prior to commit 93b1a0c15f7eda49b2bc46b5b4c49557b4e9810f and requires user interaction (UI required per CVSS vector). With a CVSS score of 8.1 and remote attack vector, this represents a significant risk to applications embedding ExecuTorch, particularly those processing untrusted model files or executing remote inference requests.

RCE
CVE-2025-30025 HIGH CVSS 7.8
CVE-2025-30025 is a local privilege escalation vulnerability in the inter-process communication (IPC) protocol between a server process and its service control mechanism, caused by insecure deserialization (CWE-502). An authenticated local attacker with limited privileges can exploit this flaw to escalate to higher privileges, potentially gaining complete system compromise including confidentiality, integrity, and availability impact. While the CVSS score of 7.8 indicates high severity, the local attack vector and requirement for prior authentication mean this affects primarily multi-user systems or scenarios where an attacker has already gained initial local access.

Privilege Escalation Camera Station Pro Device Manager
CVE-2025-7460 HIGH CVSS 8.8
CVE-2025-7460 is a critical buffer overflow vulnerability in the setWiFiAclRules function of TOTOLINK T6 routers (version 4.1.5cu.748_B20211015) that allows authenticated remote attackers to achieve code execution through malformed MAC address parameters in HTTP POST requests. The vulnerability has been publicly disclosed with proof-of-concept availability and poses immediate risk to deployed TOTOLINK T6 devices; exploitation requires valid credentials but no user interaction.

Buffer Overflow TP-Link RCE T6 Firmware TOTOLINK
CVE-2025-7459 HIGH CVSS 7.3
CVE-2025-7459 is a SQL injection vulnerability in code-projects Mobile Shop version 1.0, specifically in the /EditMobile.php file's ID parameter, allowing unauthenticated remote attackers to execute arbitrary SQL queries. The vulnerability has been publicly disclosed with proof-of-concept code available, creating immediate risk for deployed instances. With a CVSS score of 7.3 and network-accessible attack vector, this poses significant risk to confidentiality, integrity, and availability of affected databases.

PHP SQLi Mobile Shop
CVE-2025-7457 HIGH CVSS 7.3
CVE-2025-7457 is a critical SQL injection vulnerability in Campcodes Online Movie Theater Seat Reservation System version 1.0, affecting the /admin/manage_movie.php file's ID parameter. An unauthenticated remote attacker can exploit this to execute arbitrary SQL queries, potentially compromising database confidentiality, integrity, and availability. Public disclosure and exploit availability elevate the risk profile significantly.

PHP SQLi Online Movie Theater Seat Reservation System
CVE-2025-7456 HIGH CVSS 7.3
CVE-2025-7456 is a critical SQL injection vulnerability in Campcodes Online Movie Theater Seat Reservation System version 1.0, affecting the /reserve.php file's ID parameter. An unauthenticated remote attacker can exploit this to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion of the reservation database. Public exploit code is available, indicating active disclosure risk.

PHP SQLi Online Movie Theater Seat Reservation System
CVE-2025-7455 HIGH CVSS 7.3
CVE-2025-7455 is a critical SQL injection vulnerability in Campcodes Online Movie Theater Seat Reservation System version 1.0, specifically in the /manage_reserve.php file's 'mid' parameter. An unauthenticated remote attacker can exploit this to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or service disruption. Public exploit disclosure and active exploitation potential significantly increase real-world risk despite the moderate CVSS 7.3 score.

PHP SQLi Online Movie Theater Seat Reservation System
CVE-2025-7454 HIGH CVSS 7.3
CVE-2025-7454 is a critical SQL injection vulnerability in Campcodes Online Movie Theater Seat Reservation System version 1.0, specifically in the /admin/manage_theater.php file where the ID parameter is not properly sanitized. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion of the theater reservation database. The exploit has been publicly disclosed and is actively exploitable with no authentication required.

PHP SQLi Online Movie Theater Seat Reservation System
CVE-2025-7442 HIGH CVSS 7.5
A SQL injection vulnerability in WPGYM - Wordpress Gym Management System (CVSS 7.5). High severity vulnerability requiring prompt remediation.

WordPress SQLi PHP Information Disclosure
CVE-2025-7436 HIGH CVSS 7.3
CVE-2025-7436 is a critical SQL injection vulnerability in Campcodes Online Recruitment Management System version 1.0, affecting the /admin/ajax.php?action=delete_vacancy endpoint where the ID parameter is insufficiently sanitized. An unauthenticated remote attacker can exploit this to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or system compromise. A proof-of-concept exploit has been publicly disclosed, increasing real-world exploitation risk.

PHP SQLi Online Recruitment Management System
CVE-2025-7434 HIGH CVSS 8.8
CVE-2025-7434 is a critical stack-based buffer overflow vulnerability in Tenda FH451 wireless routers (versions up to 1.0.0.9) affecting the POST request handler for the /goform/addressNat endpoint. An authenticated remote attacker can exploit improper input validation on the 'page' parameter to overflow the stack, achieving arbitrary code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code exists and the vulnerability may be actively exploited in the wild.

Buffer Overflow Fh451 Firmware Tenda
CVE-2025-7423 HIGH CVSS 8.8
CVE-2025-7423 is a critical stack-based buffer overflow vulnerability in Tenda O3V2 router firmware (version 1.0.0.12(3880)) affecting the WiFi MAC filter functionality. An authenticated attacker can remotely exploit this vulnerability by sending a malicious macList parameter to the /goform/setWrlFilterList endpoint, achieving arbitrary code execution with full system compromise (confidentiality, integrity, and availability impact). The vulnerability has public exploit disclosure and may be actively exploited in the wild.

Buffer Overflow O3 Firmware Tenda
CVE-2025-7422 HIGH CVSS 8.8
A buffer overflow vulnerability in A vulnerability classified as critical (CVSS 8.8). Risk factors: public PoC available.

Buffer Overflow O3 Firmware Tenda
CVE-2025-7421 HIGH CVSS 8.8
A critical stack-based buffer overflow vulnerability exists in Tenda O3V2 firmware version 1.0.0.12(3880) in the MAC filter modification function. An authenticated remote attacker can exploit improper input validation of the 'mac' parameter to achieve remote code execution with full system compromise (confidentiality, integrity, and availability impact). The vulnerability has public exploit disclosure and demonstrates high real-world exploitability.

Buffer Overflow O3 Firmware Tenda
CVE-2025-7420 HIGH CVSS 8.8
CVE-2025-7420 is a critical stack-based buffer overflow vulnerability in Tenda O3V2 router firmware (version 1.0.0.12(3880)) affecting the httpd component's WiFi configuration handler. An authenticated remote attacker can overflow the stack via the 'extChannel' parameter in the /goform/setWrlBasicInfo endpoint, achieving complete system compromise including arbitrary code execution, data theft, and denial of service. Public exploit code has been disclosed and the vulnerability meets CVSS 8.8 severity criteria, indicating high real-world risk for affected router deployments.

Buffer Overflow RCE O3 Firmware Tenda
CVE-2025-7029 HIGH CVSS 8.2
CVE-2025-7029 is a critical SMRAM corruption vulnerability in software SMI handlers that allows local attackers with high privileges to achieve arbitrary memory writes and potential SMM privilege escalation. The vulnerability exists in SwSmiInputValue 0xB2 handler where attacker-controlled RBX register values are used to derive unvalidated pointers for power and thermal configuration operations. This affects firmware-level security boundaries and could enable complete system compromise, though exploitation requires elevated privileges and no public exploit code or active KEV exploitation has been reported at this time.

Privilege Escalation Buffer Overflow Memory Corruption
CVE-2025-7028 HIGH CVSS 7.8
CVE-2025-7028 is a critical privilege escalation vulnerability in Software SMI handlers that allows local authenticated attackers to achieve arbitrary read/write access to System Management RAM (SMRAM) through unchecked pointer dereference. The vulnerability affects firmware implementations using vulnerable SwSmiInputValue 0x20 handlers across multiple OEM platforms; attackers can corrupt firmware, exfiltrate SMRAM contents, or install persistent implants. With a CVSS score of 7.8 (High) and low attack complexity, this represents a significant firmware security risk, though exploitation requires local access and low privileges.

Information Disclosure
CVE-2025-7027 HIGH CVSS 8.2
CVE-2025-7027 is a security vulnerability (CVSS 8.2) that allows a local attacker. High severity vulnerability requiring prompt remediation.

Privilege Escalation
CVE-2025-7026 HIGH CVSS 8.2
A privilege escalation vulnerability (CVSS 8.2) that allows a local attacker. High severity vulnerability requiring prompt remediation.

Privilege Escalation
CVE-2025-6851 HIGH CVSS 7.2
A SSRF vulnerability in for WordPress is vulnerable to Server-Side Request Forgery in all (CVSS 7.2). High severity vulnerability requiring prompt remediation. Vendor patch is available.

WordPress SSRF PHP Broken Link Notifier
CVE-2013-3307 HIGH CVSS 8.3
CVE-2013-3307 is an OS command injection vulnerability in Linksys wireless routers (E1000, E1200, E3200) that allows unauthenticated remote attackers to execute arbitrary shell commands via unsanitized input in the ping_ip parameter of apply.cgi on port 52000. The vulnerability affects E1000 through v2.1.02, E1200 before v2.0.05, and E3200 through v1.0.04, with a CVSS score of 8.3 reflecting high severity. This vulnerability has known public exploits and represents a critical remote code execution risk on home/small business networking equipment with no authentication required.

Command Injection
CVE-2025-53864 MEDIUM CVSS 5.8
Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before 9.37.4 allows a remote attacker to cause a denial of service via a deeply nested JSON object supplied in a JWT claim set, because of uncontrolled recursion. NOTE: this is independent of the Gson 2.11.0 issue because the Connect2id product could have checked the JSON object nesting depth, regardless of what limits (if any) were imposed by Gson.

Denial Of Service Ubuntu Redhat
CVE-2025-53642 MEDIUM CVSS 4.8
haxcms-nodejs and haxcms-php are backends for HAXcms. The logout function within the application does not terminate a user's session or clear their cookies. Additionally, the application issues a refresh token when logging out. This vulnerability is fixed in 11.0.6.

PHP Information Disclosure Haxcms Php Haxcms Nodejs
CVE-2025-53636 MEDIUM CVSS 5.4
Open OnDemand is an open-source HPC portal. Users can flood logs by interacting with the shell app and generating many errors. Users who flood logs can create very large log files causing a Denial of Service (DoS) to the ondemand system. This vulnerability is fixed in 3.1.14 and 4.0.6.

Denial Of Service
CVE-2025-53519 MEDIUM CVSS 5.4
A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting (XSS) attack. By manipulating specific parameters, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or other malicious activities.

XSS Information Disclosure Iview
CVE-2025-53509 MEDIUM CVSS 6.5
A vulnerability exists in Advantech iView that allows for argument injection in the NetworkServlet.restoreDatabase(). This issue requires an authenticated attacker with at least user-level privileges. An input parameter can be used directly in a command without proper sanitization, allowing arbitrary arguments to be injected. This can result in information disclosure, including sensitive database credentials.

Information Disclosure Iview
CVE-2025-53471 MEDIUM CVSS 5.1
CVE-2025-53471 is a security vulnerability (CVSS 5.1). Remediation should follow standard vulnerability management procedures.

Information Disclosure
CVE-2025-53397 MEDIUM CVSS 5.4
A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting (XSS) attack. By exploiting this flaw, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or other malicious activities.

XSS Information Disclosure Iview
CVE-2025-52994 MEDIUM CVSS 4.9
gif_outputAsJpeg in phpThumb through 1.7.23 allows phpthumb.gif.php OS Command Injection via a crafted parameter value. This is fixed in 1.7.23-202506081709.

PHP Command Injection
CVE-2025-52989 MEDIUM CVSS 5.1
A security vulnerability in the UI of Juniper Networks Junos OS and Junos OS Evolved allows a local (CVSS 5.1). Remediation should follow standard vulnerability management procedures.

Information Disclosure Juniper Junos Junos Os Evolved
CVE-2025-52988 MEDIUM CVSS 6.7
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a high privileged, local attacker to escalated their privileges to root. When a user provides specifically crafted arguments to the 'request system logout' command, these will be executed as root on the shell, which can completely compromise the device. This issue affects: Junos OS: * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S8, * 22.2 versions before 22.2R3-S6, * 22.3 versions before 22.3R3-S3, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S1, * 23.4 versions before 23.4R1-S2, 23.4R2; Junos OS Evolved: * all versions before 22.4R3-S6-EVO, * 23.2-EVO versions before 23.2R2-S1-EVO, * 23.4-EVO versions before 23.4R1-S2-EVO, 23.4R2-EVO.

Juniper Command Injection Junos Junos Os Evolved
CVE-2025-52986 MEDIUM CVSS 5.5
A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low privileged user to cause an impact to the availability of the device. When RIB sharding is enabled and a user executes one of several routing related 'show' commands, a certain amount of memory is leaked. When all available memory has been consumed rpd will crash and restart. The leak can be monitored with the CLI command: show task memory detail | match task_shard_mgmt_cookie where the allocated memory in bytes can be seen to continuously increase with each exploitation. This issue affects: Junos OS: * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S11, * 22.2 versions before 22.2R3-S7, * 22.4 versions before 22.4R3-S7, * 23.2 versions before 23.2R2-S4, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R2, * 24.4 versions before 24.4R1-S2, 24.4R2; Junos OS Evolved: * all versions before 22.2R3-S7-EVO * 22.4-EVO versions before 22.4R3-S7-EVO, * 23.2-EVO versions before 23.2R2-S4-EVO, * 23.4-EVO versions before 23.4R2-S4-EVO, * 24.2-EVO versions before 24.2R2-EVO, * 24.4-EVO versions before 24.4R2-EVO.

Juniper Denial Of Service Junos Os Evolved Junos
CVE-2025-52985 MEDIUM CVSS 5.3
CVE-2025-52985 is a security vulnerability (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Juniper Authentication Bypass Junos Os Evolved
CVE-2025-52984 MEDIUM CVSS 5.9
A NULL Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause impact to the availability of the device. When static route points to a reject next hop and a gNMI query is processed for that static route, rpd crashes and restarts. This issue affects: Junos OS: * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R1-S2, 24.2R2; Junos OS Evolved: * all versions before 22.4R3-S7-EVO, * 23.2-EVO versions before 23.2R2-S3-EVO, * 23.4-EVO versions before 23.4R2-S4-EVO, * 24.2-EVO versions before 24.2R2-EVO.

Juniper Null Pointer Dereference Denial Of Service Junos Os Evolved Junos
CVE-2025-52982 MEDIUM CVSS 5.9
An Improper Resource Shutdown or Release vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When an MX Series device with an MS-MPC is configured with two or more service sets which are both processing SIP calls, a specific sequence of call events will lead to a crash and restart of the MS-MPC. This issue affects Junos OS: * all versions before 21.2R3-S9, * 21.4 versions from 21.4R1, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6. As the MS-MPC is EoL after Junos OS 22.4, later versions are not affected. This issue does not affect MX-SPC3 or SRX Series devices.

Juniper Denial Of Service Junos
CVE-2025-52964 MEDIUM CVSS 6.5
A Reachable Assertion vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When the device receives a specific BGP UPDATE packet, the rpd crashes and restarts. Continuous receipt of this specific packet will cause a sustained DoS condition. For the issue to occur, BGP multipath with "pause-computation-during-churn" must be configured on the device, and the attacker must send the paths via a BGP UPDATE from a established BGP peer. This issue affects: Junos OS: * All versions before 21.4R3-S7, * from 22.3 before 22.3R3-S3, * from 22.4 before 22.4R3-S5, * from 23.2 before 23.2R2, * from 23.4 before 23.4R2. Junos OS Evolved: * All versions before 21.4R3-S7-EVO, * from 22.3 before 22.3R3-S3-EVO, * from 22.4 before 22.4R3-S5-EVO, * from 23.2 before 23.2R2-EVO, * from 23.4 before 23.4R2-EVO.

Juniper Denial Of Service Junos Os Evolved Junos
CVE-2025-52963 MEDIUM CVSS 5.5
An Improper Access Control vulnerability in the User Interface (UI) of Juniper Networks Junos OS allows a local, low-privileged attacker to bring down an interface, leading to a Denial-of-Service. Users with "view" permissions can run a specific request interface command which allows the user to shut down the interface. This issue affects Junos OS: * All versions before 21.2R3-S9, * from 21.4 before 21.4R3-S11, * from 22.2 before 22.2R3-S7, * from 22.4 before 22.4R3-S7, * from 23.2 before 23.2R2-S4, * from 23.4 before 23.4R2-S5, * from 24.2 before 24.2R2-S1, * from 24.4 before 24.4R1-S3, 24.4R2.

Juniper Authentication Bypass Junos
CVE-2025-52958 MEDIUM CVSS 5.3
A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).On all Junos OS and Junos OS Evolved devices, when route validation is enabled, a rare condition during BGP initial session establishment can lead to an rpd crash and restart. This occurs specifically when the connection request fails during error-handling scenario. Continued session establishment failures leads to a sustained DoS condition. This issue affects Junos OS: * All versions before 22.2R3-S6, * from 22.4 before 22.4R3-S6, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2-S4, * from 24.2 before 24.2R2; Junos OS Evolved: * All versions before 22.2R3-S6-EVO, * from 22.4 before 22.4R3-S6-EVO, * from 23.2 before 23.2R2-S3-EVO, * from 23.4 before 23.4R2-S4-EVO, * from 24.2 before 24.2R2-EVO.

Juniper Denial Of Service Junos Os Evolved Junos
CVE-2025-52955 MEDIUM CVSS 6.5
An Incorrect Calculation of Buffer Size vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause a memory corruption that leads to a rpd crash. When the logical interface using a routing instance flaps continuously, specific updates are sent to the jflow/sflow modules. This results in memory corruption, leading to an rpd crash and restart. Continued receipt of these specific updates will cause a sustained Denial of Service condition. This issue affects Junos OS: * All versions before 21.2R3-S9, * All versions of 21.4, * All versions of 22.2, * from 22.4 before 22.4R3-S7, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2-S4, * from 24.2 before 24.2R2. Junos OS Evolved: * All versions of 21.2-EVO, * All versions of 21.4-EVO, * All versions of 22.2-EVO, * from 22.4 before 22.4R3-S7-EVO, * from 23.2 before 23.2R2-S3-EVO, * from 23.4 before 23.4R2-S4-EVO, * from 24.2 before 24.2R2-EVO.

Denial Of Service Juniper Buffer Overflow Junos Junos Os Evolved
CVE-2025-52953 MEDIUM CVSS 6.5
An Expected Behavior Violation vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker sending a valid BGP UPDATE packet to cause a BGP session reset, resulting in a Denial of Service (DoS). Continuous receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects iBGP and eBGP and both IPv4 and IPv6 are affected by this vulnerability. This issue affects Junos OS: * All versions before 21.2R3-S9, * from 21.4 before 21.4R3-S11, * from 22.2 before 22.2R3-S7, * from 22.4 before 22.4R3-S7, * from 23.2 before 23.2R2-S4, * from 23.4 before 23.4R2-S4, * from 24.2 before 24.2R2, * from 24.4 before 24.4R1-S3, 24.4R2 Junos OS Evolved: * All versions before 22.2R3-S7-EVO, * from 22.4-EVO before 22.4R3-S7-EVO, * from 23.2-EVO before 23.2R2-S4-EVO, * from 23.4-EVO before 23.4R2-S4-EVO, * from 24.2-EVO before 24.2R2-EVO, * from 24.4-EVO before 24.4R1-S3-EVO, 24.4R2-EVO.

Juniper Denial Of Service Junos Os Evolved Junos
CVE-2025-52952 MEDIUM CVSS 6.5
An Out-of-bounds Write vulnerability in the connectivity fault management (CFM) daemon of Juniper Networks Junos OS on MX Series with MPC-BUILTIN, MPC1 through MPC9 line cards allows an unauthenticated adjacent attacker to send a malformed packet to the device, leading to an FPC crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions before 22.2R3-S1, * from 22.4 before 22.4R2. This feature is not enabled by default.

Denial Of Service Buffer Overflow Memory Corruption Juniper Junos
CVE-2025-52951 MEDIUM CVSS 5.8
A Protection Mechanism Failure vulnerability in kernel filter processing of Juniper Networks Junos OS allows an attacker sending IPv6 traffic destined to the device to effectively bypass any firewall filtering configured on the interface. Due to an issue with Junos OS kernel filter processing, the 'payload-protocol' match is not being supported, causing any term containing it to accept all packets without taking any other action. In essence, these firewall filter terms were being processed as an 'accept' for all traffic on the interface destined for the control plane, even when used in combination with other match criteria. This issue only affects firewall filters protecting the device's control plane. Transit firewall filtering is unaffected by this vulnerability. This issue affects Junos OS: * all versions before 21.2R3-S9, * from 21.4 before 21.4R3-S11, * from 22.2 before 22.2R3-S7, * from 22.4 before 22.4R3-S7, * from 23.2 before 23.2R2-S4, * from 23.4 before 23.4R2-S5, * from 24.2 before 24.2R2-S1, * from 24.4 before 24.4R1-S2, 24.4R2. This is a more complete fix for previously published CVE-2024-21607 (JSA75748).

Juniper Authentication Bypass Junos
CVE-2025-52949 MEDIUM CVSS 6.5
An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent BGP peer sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Only systems configured for Ethernet Virtual Private Networking (EVPN) signaling are vulnerable to this issue. This issue affects iBGP and eBGP, and both IPv4 and IPv6 are affected by this vulnerability.This issue affects: Junos OS: * all versions before 21.4R3-S11, * from 22.2 before 22.2R3-S7, * from 22.4 before 22.4R3-S7, * from 23.2 before 23.2R2-S4, * from 23.4 before 23.4R2-S5, * from 24.2 before 24.2R2-S1, * from 24.4 before 24.4R1-S3, 24.4R2; Junos OS Evolved: * all versions before 22.2R3-S7-EVO, * from 22.4-EVO before 22.4R3-S7-EVO, * from 23.2-EVO before 23.2R2-S4-EVO, * from 23.4-EVO before 23.4R2-S5-EVO, * from 24.2-EVO before 24.2R2-S1-EVO, * from 24.4-EVO before 24.4R1-S3-EVO, 24.4R2-EVO.

Juniper Denial Of Service Junos Junos Os Evolved
CVE-2025-52948 MEDIUM CVSS 5.9
An Improper Handling of Exceptional Conditions vulnerability in Berkeley Packet Filter (BPF) processing of Juniper Networks Junos OS allows an attacker, in rare cases, sending specific, unknown traffic patterns to cause the FPC and system to crash and restart. BPF provides a raw interface to data link layers in a protocol independent fashion. Internally within the Junos kernel, due to a rare timing issue (race condition), when a BPF instance is cloned, the newly created interface causes an internal structure leakage, leading to a system crash. The precise content and timing of the traffic patterns is indeterminate, but has been seen in a lab environment multiple times. This issue is more likely to occur when packet capturing is enabled. See required configuration below. This issue affects Junos OS: * all versions before 21.2R3-S9, * from 21.4 before 21.4R3-S10, * from 22.2 before 22.2R3-S6, * from 22.4 before 22.4R3-S7, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2-S3, * from 24.2 before 24.2R1-S1, 24.2R2.

Juniper Denial Of Service Junos
CVE-2025-52947 MEDIUM CVSS 6.5
An Improper Handling of Exceptional Conditions vulnerability in route processing of Juniper Networks Junos OS on specific end-of-life (EOL) ACX Series platforms allows an attacker to crash the Forwarding Engine Board (FEB) by flapping an interface, leading to a Denial of Service (DoS). On ACX1000, ACX1100, ACX2000, ACX2100, ACX2200, ACX4000, ACX5048, and ACX5096 devices, FEB0 will crash when the primary path port of the L2 circuit IGP (Interior Gateway Protocol) on the local device goes down. This issue is seen only when 'hot-standby' mode is configured for the L2 circuit. This issue affects Junos OS on ACX1000, ACX1100, ACX2000, ACX2100, ACX2200, ACX4000, ACX5048, and ACX5096: * all versions before 21.2R3-S9.

Juniper Denial Of Service Junos
CVE-2025-52459 MEDIUM CVSS 6.5
A vulnerability exists in Advantech iView that allows for argument injection in NetworkServlet.backupDatabase(). This issue requires an authenticated attacker with at least user-level privileges. Certain parameters can be used directly in a command without proper sanitization, allowing arbitrary arguments to be injected. This can result in information disclosure, including sensitive database credentials.

Information Disclosure
CVE-2025-50125 MEDIUM CVSS 6.3
A CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthenticated remote code execution when the server is accessed via the network with knowledge of hidden URLs and manipulation of host request header.

RCE SSRF
CVE-2025-48924 MEDIUM CVSS 5.3
Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0. The methods ClassUtils.getClass(...) can throw StackOverflowError on very long inputs. Because an Error is usually not handled by applications and libraries, a StackOverflowError could cause an application to stop. Users are recommended to upgrade to version 3.18.0, which fixes the issue.

Apache Buffer Overflow Ubuntu Debian Commons Lang
CVE-2025-48496 MEDIUM CVSS 5.1
A remote code execution vulnerability (CVSS 5.1). Remediation should follow standard vulnerability management procedures.

Information Disclosure
CVE-2025-47964 MEDIUM CVSS 5.4
Microsoft Edge (Chromium-based) Spoofing Vulnerability

Microsoft Google Information Disclosure Edge Chromium Chrome
CVE-2025-47963 MEDIUM CVSS 6.3
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

Microsoft Google Authentication Bypass Edge Chromium Chrome
CVE-2025-47182 MEDIUM CVSS 5.6
Improper input validation in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally.

Microsoft Google Authentication Bypass Edge Chromium Chrome
CVE-2025-46704 MEDIUM CVSS 4.3
A vulnerability exists in Advantech iView in NetworkServlet.processImportRequest() that could allow for a directory traversal attack. This issue requires an authenticated attacker with at least user-level privileges. A specific parameter is not properly sanitized or normalized, potentially allowing an attacker to determine the existence of arbitrary files on the server.

Path Traversal Iview
CVE-2025-45582 MEDIUM CVSS 4.1
GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file, specified via a relative pathname that begins with the symlink name and ends with that critical file's name. Here, the extraction follows the symlink and overwrites the critical file. This bypasses the protection mechanism of "Member name contains '..'" that would occur for a single TAR archive that attempted to specify the critical file via a ../ approach. For example, the first archive can contain "x -> ../../../../../home/victim/.ssh" and the second archive can contain x/authorized_keys. This can affect server applications that automatically extract any number of user-supplied TAR archives, and were relying on the blocking of traversal. This can also affect software installation processes in which "tar xf" is run more than once (e.g., when installing a package can automatically install two dependencies that are set up as untrusted tarballs instead of official packages). NOTE: the official GNU Tar manual has an otherwise-empty directory for each "tar xf" in its Security Rules of Thumb; however, third-party advice leads users to run "tar xf" more than once into the same directory.

Path Traversal Ubuntu Tar Redhat Suse
CVE-2025-41442 MEDIUM CVSS 5.4
A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting (XSS) attack. By manipulating certain input parameters, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or other malicious activities.

XSS Information Disclosure Iview
CVE-2025-30024 MEDIUM CVSS 6.8
The communication protocol used between client and server had a flaw that could be leveraged to execute a man in the middle attack.

Information Disclosure Device Manager
CVE-2025-7452 MEDIUM CVSS 6.3
A vulnerability was found in kone-net go-chat up to f9e58d0afa9bbdb31faf25e7739da330692c4c63. It has been declared as critical. This vulnerability affects the function GetFile of the file go-chat/api/v1/file_controller.go of the component Endpoint. The manipulation of the argument fileName leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

Path Traversal
CVE-2025-7450 MEDIUM CVSS 5.4
A vulnerability was found in letseeqiji gorobbs up to 1.0.8. It has been classified as critical. This affects the function ResetUserAvatar of the file controller/api/v1/user.go of the component API. The manipulation of the argument filename leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Path Traversal
CVE-2025-6838 MEDIUM CVSS 4.1
A remote code execution vulnerability in for WordPress is vulnerable to CSV Injection in all (CVSS 4.1). Remediation should follow standard vulnerability management procedures.

RCE WordPress PHP
CVE-2025-6788 MEDIUM CVSS 5.3
A remote code execution vulnerability (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Information Disclosure
CVE-2025-6745 MEDIUM CVSS 5.3
The WoodMart plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 8.2.5 via the woodmart_get_posts_by_query() function due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract data from password protected, private, or draft posts that they should not have access to.

WordPress Information Disclosure PHP
CVE-2025-6716 MEDIUM CVSS 6.4
The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery - Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'upload[1][title]' parameter in all versions up to, and including, 26.0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
CVE-2025-6549 MEDIUM CVSS 6.5
An Incorrect Authorization vulnerability in the web server of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to reach the Juniper Web Device Manager (J-Web). When Juniper Secure connect (JSC) is enabled on specific interfaces, or multiple interfaces are configured for J-Web, the J-Web UI is reachable over more than the intended interfaces. This issue affects Junos OS: * all versions before 21.4R3-S9, * 22.2 versions before 22.2R3-S5, * 22.4 versions before 22.4R3-S5, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S5, * 24.2 versions before 24.2R2.

Juniper Authentication Bypass Junos
CVE-2025-6438 MEDIUM CVSS 5.9
CVE-2025-6438 is a security vulnerability (CVSS 5.9). Remediation should follow standard vulnerability management procedures.

XXE
CVE-2025-6200 MEDIUM CVSS 5.9
The GeoDirectory WordPress plugin before 2.8.120 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

WordPress XSS Geodirectory PHP
CVE-2025-6068 MEDIUM CVSS 6.4
The FooGallery - Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-caption-title` & `data-caption-description` HTML attributes in all versions up to, and including, 2.4.31 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS Foogallery PHP
CVE-2025-5530 MEDIUM CVSS 6.4
The WPC Smart Compare for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shortcode_btn' shortcode in all versions up to, and including, 6.4.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS Wpc Smart Compare For Woocommerce PHP
CVE-2025-5241 MEDIUM CVSS 5.3
CVE-2025-5241 is a security vulnerability (CVSS 5.3) that allows a remote unauthenticated attacker. Remediation should follow standard vulnerability management procedures.

Information Disclosure
CVE-2025-5028 MEDIUM CVSS 6.8
Installation file of ESET security products on Windows allow an attacker to misuse to delete an arbitrary file without having the permissions to do so.

Microsoft Privilege Escalation Windows
CVE-2025-4593 MEDIUM CVSS 6.5
The WP Register Profile With Shortcode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the 'rp_user_data' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data from user meta like hashed passwords, usernames, and more.

WordPress Information Disclosure PHP
CVE-2025-3933 MEDIUM CVSS 5.3
A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically within the DonutProcessor class's `token2json()` method. This vulnerability affects versions 4.50.3 and earlier, and is fixed in version 4.52.1. The issue arises from the regex pattern `<s_(.*?)>` which can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. This vulnerability can lead to service disruption, resource exhaustion, and potential API service vulnerabilities, impacting document processing tasks using the Donut model.

Denial Of Service Transformers Hugging Face AI / ML Redhat
CVE-2025-3631 MEDIUM CVSS 6.5
An IBM MQ 9.3 and 9.4 Client connecting to an MQ Queue Manager can cause a SIGSEGV in the AMQRMPPA channel process terminating it.

Information Disclosure Use After Free Memory Corruption IBM Mq Appliance
CVE-2025-2942 MEDIUM CVSS 4.3
A security vulnerability in Order Delivery Date WordPress (CVSS 4.3). Risk factors: public PoC available.

WordPress Information Disclosure Order Delivery Date For Woocommerce PHP
CVE-2024-47065 MEDIUM CVSS 6.5
Meshtastic is an open source mesh networking solution. Prior to 2.5.1, traceroute responses from the remote node are not rate limited. Given that there are SNR measurements attributed to each received transmission, this is a guaranteed way to get a remote station to reliably and continuously respond. You could easily get 100 samples in a short amount of time (estimated 2 minutes), whereas passively doing the same could take hours or days. There are secondary effects that non-ratelimited traceroute does also allow a 2:1 reflected DoS of the network as well, but these concerns are less than the problem with positional confidentiality (other DoS routes exist). This vulnerability is fixed in 2.5.1.

Information Disclosure Meshtastic Firmware
CVE-2023-38329 MEDIUM CVSS 6.1
An issue was discovered in eGroupWare 17.1.20190111. A cross-site scripting Reflected (XSS) vulnerability exists in calendar/freebusy.php, which allows unauthenticated remote attackers to inject arbitrary web script or HTML into the "user" HTTP/GET parameter, which reflects its input without sanitization.

PHP XSS Debian Egroupware
CVE-2023-38327 MEDIUM CVSS 5.3
CVE-2023-38327 is a security vulnerability (CVSS 5.3) that allows unauthenticated remote attackers. Remediation should follow standard vulnerability management procedures.

PHP Information Disclosure Debian Egroupware
CVE-2025-53862 LOW CVSS 3.5
A security vulnerability in A flaw (CVSS 3.5) that allows a malicious user. Remediation should follow standard vulnerability management procedures.

Information Disclosure
CVE-2025-53861 LOW CVSS 3.1
A flaw was found in Ansible. Sensitive cookies without security flags over non-encrypted channels can lead to Man-in-the-Middle (MitM) and Cross-site scripting (XSS) attacks allowing attackers to read transmitted data.

XSS
CVE-2025-53852 None
Rejected reason: Not used. No vendor patch available.

Information Disclosure
CVE-2025-53851 None
Rejected reason: Not used. No vendor patch available.

Information Disclosure
CVE-2025-53850 None
Rejected reason: Not used. No vendor patch available.

Information Disclosure
CVE-2025-53849 None
Rejected reason: Not used. No vendor patch available.

Information Disclosure
CVE-2025-53848 None
Rejected reason: Not used. No vendor patch available.

Information Disclosure
CVE-2025-51591 LOW CVSS 3.7
A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilities. Using the ‘--sandbox’ option or ‘pandoc-server’ can mitigate such vulnerabilities. Using pandoc with an external ‘--pdf-engine’ can also enable SSRF vulnerabilities, such as CVE-2022-35583 in wkhtmltopdf.

SSRF Ubuntu Debian
CVE-2025-7453 LOW CVSS 3.7
A security vulnerability in saltbo zpan (CVSS 3.7). Remediation should follow standard vulnerability management procedures.

Authentication Bypass
CVE-2025-7435 LOW CVSS 3.5
A vulnerability was found in LiveHelperChat lhc-php-resque Extension up to ee1270b35625f552425e32a6a3061cd54b5085c4. It has been classified as problematic. This affects an unknown part of the file /site_admin/lhcphpresque/list/ of the component List Handler. The manipulation of the argument queue name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The identifier of the patch is 542aa8449b5aa889b3a54f419e794afe19f56d5d/0ce7b4f1193c0ed6c6e31a960fafededf979eef2. It is recommended to apply a patch to fix this issue.

XSS
CVE-2025-5992 LOW CVSS 2.3
When passing values outside of the expected range to QColorTransferGenericFunction it can cause a denial of service, for example, this can happen when passing a specifically crafted ICC profile to QColorSpace::fromICCProfile.This issue affects Qt from 6.6.0 through 6.8.3, from 6.9.0 through 6.9.1. This is fixed in 6.8.4 and 6.9.2.

Denial Of Service Ubuntu Debian

Today's Vulnerabilities Vulnerabilities