Skip to main content
CVE-2025-61658 LOW Monitor

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPager.Php.

PHP Path Traversal
NVD
CVSS 4.0
1.3
EPSS
0.1%
CVE-2025-67476 LOW Monitor

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Import/ImportableOldRevisionImporter.Php.

PHP Information Disclosure
NVD
CVSS 4.0
1.3
EPSS
0.0%
CVE-2025-61646 LOW Monitor

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChanges/EnhancedChangesList.Php.

PHP Path Traversal
NVD VulDB
CVSS 4.0
1.2
EPSS
0.1%
CVE-2025-61647 LOW Monitor

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Api/Rest/Handler/UserInfoHandler.Php.

PHP Path Traversal
NVD
CVSS 4.0
0.4
EPSS
0.1%
CVE-2025-67480 Monitor

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryRevisionsBase.Php.

PHP Information Disclosure
NVD
EPSS
0.1%
CVE-2025-65077 Monitor

A relative path traversal vulnerability has been identified in the Embedded Solutions Framework in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user.

Path Traversal
NVD
EPSS
0.1%
CVE-2025-61652 Monitor

Vulnerability in Wikimedia Foundation DiscussionTools.This issue affects DiscussionTools: from * before 1.43.4, 1.44.1.

Code Injection
NVD
EPSS
0.1%
CVE-2025-61653 Monitor

Vulnerability in Wikimedia Foundation TextExtracts. This vulnerability is associated with program files includes/ApiQueryExtracts.Php.

PHP
NVD
EPSS
0.1%
CVE-2025-61654 Monitor

Vulnerability in Wikimedia Foundation Thanks. This vulnerability is associated with program files includes/ThanksQueryHelper.Php.

PHP
NVD
EPSS
0.1%
CVE-2025-61651 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser/checkuser/checkUserHelper/buildUserElement.Js.

XSS Checkuser
NVD
EPSS
0.1%
CVE-2025-61650 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Services/CheckUserUserInfoCardService.Php.

PHP XSS
NVD
EPSS
0.1%
CVE-2025-61648 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation CheckUser.

XSS Checkuser
NVD
EPSS
0.1%
CVE-2025-61644 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Rcfilters/ui/WatchlistTopSectionWidget.Js.

Mediawiki XSS
NVD
EPSS
0.1%
CVE-2025-61649 Monitor

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Services/CheckUserUserInfoCardService.Php.

PHP
NVD
EPSS
0.1%
CVE-2025-41065 This Week

Stored Cross-Site Scripting (XSS) vulnerability type in LUNA software v7.5.5.6. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by inyecting a malicious payload through the 'Edit Batch Name' function.

XSS
NVD
EPSS
0.1%
CVE-2026-1788 This Week

: Out-of-bounds Write vulnerability in Xquic Project Xquic Server xquic on Linux (QUIC protocol implementation, packet processing module modules) allows : Buffer Manipulation.This issue affects Xquic Server: through 1.8.3.

Linux
NVD GitHub
EPSS
0.1%
CVE-2025-65080 Monitor

A type confusion vulnerability has been identified in the Postscript interpreter in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user.

Buffer Overflow RCE
NVD
EPSS
0.1%
CVE-2026-0620 Monitor

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality.

Information Disclosure
NVD
EPSS
0.1%
CVE-2025-61656 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files src/ce/ve.Ce.ClipboardHandler.Js.

XSS Visual Editor
NVD
EPSS
0.1%
CVE-2025-65081 This Week

An out-of-bounds read vulnerability has been identified in the Postscript interpreter in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user.

Buffer Overflow RCE Information Disclosure
NVD
EPSS
0.1%
CVE-2025-65079 This Week

A heap-based buffer overflow vulnerability has been identified in the Postscript interpreter in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user.

Buffer Overflow Heap Overflow
NVD
EPSS
0.1%
CVE-2025-61657 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Vector. This vulnerability is associated with program files resources/skins.Vector.Js/stickyHeader.Js.

XSS
NVD
EPSS
0.0%
CVE-2025-61655 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor.

PHP XSS
NVD
EPSS
0.0%
CVE-2025-67484 Monitor

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiFormatXml.Php.

PHP Information Disclosure
NVD
EPSS
0.0%
CVE-2025-65078 Monitor

An untrusted search path vulnerability has been identified in the Embedded Solutions Framework in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code.

Privilege Escalation RCE
NVD
EPSS
0.0%
CVE-2025-11598 Monitor

data exposed depends on the last application view displayed versions up to 4.71.0 contains a security vulnerability.

Information Disclosure iOS
NVD
EPSS
0.0%
CVE-2025-67475 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/CommentFormatter/CommentParser.Php.

PHP XSS
NVD
EPSS
0.0%
CVE-2025-59902 This Week

HTML injection vulnerability in NICE Chat. This vulnerability allows an attacker to inject and render arbitrary HTML content in email transcripts by modifying the 'firstName' and 'lastName' parameters during a chat session.

XSS
NVD
EPSS
0.0%
CVE-2025-67483 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Page.Preview.Js.

XSS Mediawiki
NVD
EPSS
0.0%
CVE-2025-67481 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.JqueryMsg/mediawiki.JqueryMsg.Js.

XSS Mediawiki
NVD
EPSS
0.0%
CVE-2025-67478 Monitor

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php.

PHP Information Disclosure
NVD
EPSS
0.0%
CVE-2025-67477 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js.

XSS Mediawiki
NVD
EPSS
0.0%
CVE-2025-11261 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Language/mediawiki.Language.Js.

XSS Mediawiki
NVD VulDB
EPSS
0.0%
CVE-2025-67482 Monitor

Vulnerability in Wikimedia Foundation Scribunto, Wikimedia Foundation luasandbox. This vulnerability is associated with program files includes/Engines/LuaCommon/lualib/mwInit.Lua, library.C.

Information Disclosure
NVD
EPSS
0.0%
CVE-2025-67479 Monitor

Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is associated with program files includes/Parser/CoreParserFunctions.Php, includes/Parser/Sanitizer.Php.

Mediawiki PHP
NVD
EPSS
0.0%
CVE-2026-1664 PATCH Monitor

Summary An Insecure Direct Object Reference has been found to exist in `createHeaderBasedEmailResolver()` function within the Cloudflare Agents SDK.

Github
NVD GitHub
EPSS
0.0%
CVE-2025-11173 Monitor

Vulnerability in Wikimedia Foundation OATHAuth. This vulnerability is associated with program files src/Special/OATHManage.Php.

PHP
NVD
EPSS
0.0%
CVE-2025-61639 This Week

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, includes/recentchanges/RecentChangeStore.Php.

Mediawiki PHP
NVD VulDB
EPSS
0.0%
CVE-2025-61635 Monitor

Vulnerability in Wikimedia Foundation ConfirmEdit. This vulnerability is associated with program files includes/FancyCaptcha/ApiFancyCaptchaReload.Php.

PHP
NVD
EPSS
0.0%
CVE-2026-1432 This Week

SQL injection vulnerability in the Buroweb platform version 2505.0.12, specifically in the 'tablon' component. This vulnerability is present in several parameters that do not correctly sanitize user input in the endpoint '/sta/CarpetaPublic/doEvent?APP_CODE=STA&PAGE_CODE=TABLON'.

SQLi
NVD
EPSS
0.0%
CVE-2025-61638 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid. This vulnerability is associated with program files includes/parser/Sanitizer.Php, src/Core/Sanitizer.Php.

Mediawiki PHP XSS
NVD VulDB
EPSS
0.0%
CVE-2025-61636 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLButtonField.Php.

Mediawiki PHP XSS
NVD VulDB
EPSS
0.0%
CVE-2025-61642 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/CodexHTMLForm.Php, includes/htmlform/fields/HTMLButtonField.Php.

PHP XSS
NVD VulDB
EPSS
0.0%
CVE-2025-61640 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Rcfilters/ui/RclToOrFromWidget.Js.

Mediawiki XSS
NVD VulDB
EPSS
0.0%
CVE-2025-61637 This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Action/mediawiki.Action.Edit.Preview.Js, resources/src/mediawiki.Page.Preview.Js.

Mediawiki XSS
NVD VulDB
EPSS
0.0%
CVE-2026-1814 Monitor

Rapid7 Nexpose versions 6.4.50 and later are vulnerable to an insufficient entropy issue in the CredentialsKeyStorePassword.generateRandomPassword() method.

Information Disclosure
NVD
EPSS
0.0%
Prev Page 7 of 7

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy