Patch Tuesday — October 2025
2025-10-14 · 862 CVEs
CVEs published or modified the week of 2025-10-14, partitioned by vendor.
Microsoft (196 CVEs)
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-55315 | Critical | 9.9 | — | 2025-10-14 | Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network. |
CVE-2025-49708 | Critical | 9.9 | — | 2025-10-14 | Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges over a network. |
CVE-2025-59287 | Critical | 9.8 | KEV | 2025-10-14 | Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network. |
CVE-2025-11719 | Critical | 9.8 | — | 2025-10-14 | Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. |
CVE-2025-49553 | Critical | 9.3 | — | 2025-10-14 | Adobe Connect versions 12.9 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute malicious scripts in a victim's browser. |
CVE-2025-59295 | High | 8.8 | — | 2025-10-14 | Heap-based buffer overflow in Internet Explorer allows an unauthorized attacker to execute code over a network. |
CVE-2025-59249 | High | 8.8 | — | 2025-10-14 | Weak authentication in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network. |
CVE-2025-59237 | High | 8.8 | — | 2025-10-14 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. |
CVE-2025-59228 | High | 8.8 | — | 2025-10-14 | Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. |
CVE-2025-59213 | High | 8.8 | — | 2025-10-14 | Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges over an adjacent network. |
CVE-2025-58718 | High | 8.8 | — | 2025-10-14 | Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
CVE-2025-58716 | High | 8.8 | — | 2025-10-14 | Improper input validation in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally. |
CVE-2025-58715 | High | 8.8 | — | 2025-10-14 | Integer overflow or wraparound in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally. |
CVE-2025-59236 | High | 8.4 | — | 2025-10-14 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
CVE-2025-53782 | High | 8.4 | — | 2025-10-14 | Incorrect implementation of authentication algorithm in Microsoft Exchange Server allows an unauthorized attacker to elevate privileges locally. |
CVE-2025-59292 | High | 8.2 | — | 2025-10-14 | External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally. |
CVE-2025-59291 | High | 8.2 | — | 2025-10-14 | External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally. |
CVE-2025-49552 | High | 8.1 | — | 2025-10-14 | Adobe Connect versions 12.9 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a high-privileged attacker to execute malicious scripts in a victim's browser. |
CVE-2025-59250 | High | 8.1 | — | 2025-10-14 | Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network. |
CVE-2025-54268 | High | 7.8 | — | 2025-10-15 | Bridge versions 14.1.8, 15.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. |
CVE-2025-61804 | High | 7.8 | — | 2025-10-15 | Animate versions 23.0.13, 24.0.10 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. |
CVE-2025-54279 | High | 7.8 | — | 2025-10-15 | Animate versions 23.0.13, 24.0.10 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. |
CVE-2025-61807 | High | 7.8 | — | 2025-10-14 | Substance3D - Stager versions 3.1.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. |
CVE-2025-61806 | High | 7.8 | — | 2025-10-14 | Substance3D - Stager versions 3.1.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. |
CVE-2025-61805 | High | 7.8 | — | 2025-10-14 | Substance3D - Stager versions 3.1.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. |
CVE-2025-61803 | High | 7.8 | — | 2025-10-14 | Substance3D - Stager versions 3.1.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. |
CVE-2025-61802 | High | 7.8 | — | 2025-10-14 | Substance3D - Stager versions 3.1.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. |
CVE-2025-61801 | High | 7.8 | — | 2025-10-14 | Dimension versions 4.1.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. |
CVE-2025-61800 | High | 7.8 | — | 2025-10-14 | Dimension versions 4.1.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. |
CVE-2025-61799 | High | 7.8 | — | 2025-10-14 | Dimension versions 4.1.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. |
CVE-2025-61798 | High | 7.8 | — | 2025-10-14 | Dimension versions 4.1.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. |
CVE-2025-54284 | High | 7.8 | — | 2025-10-14 | Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. |
CVE-2025-54283 | High | 7.8 | — | 2025-10-14 | Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. |
CVE-2025-54282 | High | 7.8 | — | 2025-10-14 | Adobe Framemaker versions 2020.9, 2022.7 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. |
CVE-2025-54281 | High | 7.8 | — | 2025-10-14 | Adobe Framemaker versions 2020.9, 2022.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. |
CVE-2025-59494 | High | 7.8 | — | 2025-10-14 | Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally. |
CVE-2025-59290 | High | 7.8 | — | 2025-10-14 | Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. |
CVE-2025-59281 | High | 7.8 | — | 2025-10-14 | Improper link resolution before file access ('link following') in XBox Gaming Services allows an authorized attacker to elevate privileges locally. |
CVE-2025-59278 | High | 7.8 | — | 2025-10-14 | Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally. |
CVE-2025-59277 | High | 7.8 | — | 2025-10-14 | Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally. |
CVE-2025-59275 | High | 7.8 | — | 2025-10-14 | Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally. |
CVE-2025-59255 | High | 7.8 | — | 2025-10-14 | Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
CVE-2025-59254 | High | 7.8 | — | 2025-10-14 | Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
CVE-2025-59243 | High | 7.8 | — | 2025-10-14 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
CVE-2025-59242 | High | 7.8 | — | 2025-10-14 | Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |
CVE-2025-59241 | High | 7.8 | — | 2025-10-14 | Improper link resolution before file access ('link following') in Windows Health and Optimized Experiences Service allows an authorized attacker to elevate privileges locally. |
CVE-2025-59238 | High | 7.8 | — | 2025-10-14 | Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. |
CVE-2025-59234 | High | 7.8 | — | 2025-10-14 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2025-59233 | High | 7.8 | — | 2025-10-14 | Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
CVE-2025-59231 | High | 7.8 | — | 2025-10-14 | Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
CVE-2025-59230 | High | 7.8 | KEV | 2025-10-14 | Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. |
CVE-2025-59227 | High | 7.8 | — | 2025-10-14 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2025-59226 | High | 7.8 | — | 2025-10-14 | Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally. |
CVE-2025-59225 | High | 7.8 | — | 2025-10-14 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
CVE-2025-59224 | High | 7.8 | — | 2025-10-14 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
CVE-2025-59223 | High | 7.8 | — | 2025-10-14 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
CVE-2025-59222 | High | 7.8 | — | 2025-10-14 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2025-59207 | High | 7.8 | — | 2025-10-14 | Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. |
CVE-2025-59201 | High | 7.8 | — | 2025-10-14 | Improper access control in Network Connection Status Indicator (NCSI) allows an authorized attacker to elevate privileges locally. |
CVE-2025-59199 | High | 7.8 | — | 2025-10-14 | Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally. |
CVE-2025-59192 | High | 7.8 | — | 2025-10-14 | Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally. |
CVE-2025-59191 | High | 7.8 | — | 2025-10-14 | Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. |
CVE-2025-59187 | High | 7.8 | — | 2025-10-14 | Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges locally. |
CVE-2025-58728 | High | 7.8 | — | 2025-10-14 | Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. |
CVE-2025-58724 | High | 7.8 | — | 2025-10-14 | Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. |
CVE-2025-58722 | High | 7.8 | — | 2025-10-14 | Heap-based buffer overflow in Windows DWM allows an authorized attacker to elevate privileges locally. |
CVE-2025-58720 | High | 7.8 | — | 2025-10-14 | Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally. |
CVE-2025-58714 | High | 7.8 | — | 2025-10-14 | Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |
CVE-2025-55701 | High | 7.8 | — | 2025-10-14 | Improper validation of specified type of input in Microsoft Windows allows an authorized attacker to elevate privileges locally. |
CVE-2025-55697 | High | 7.8 | — | 2025-10-14 | Heap-based buffer overflow in Azure Local allows an authorized attacker to elevate privileges locally. |
CVE-2025-55696 | High | 7.8 | — | 2025-10-14 | Time-of-check time-of-use (toctou) race condition in NtQueryInformation Token function (ntifs.h) allows an authorized attacker to elevate privileges locally. |
CVE-2025-55694 | High | 7.8 | — | 2025-10-14 | Improper access control in Windows Error Reporting allows an authorized attacker to elevate privileges locally. |
CVE-2025-55692 | High | 7.8 | — | 2025-10-14 | Improper input validation in Windows Error Reporting allows an authorized attacker to elevate privileges locally. |
CVE-2025-55680 | High | 7.8 | — | 2025-10-14 | Time-of-check time-of-use (toctou) race condition in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. |
CVE-2025-55677 | High | 7.8 | — | 2025-10-14 | Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally. |
CVE-2025-55339 | High | 7.8 | — | 2025-10-14 | Out-of-bounds read in Windows NDIS allows an authorized attacker to elevate privileges locally. |
CVE-2025-55328 | High | 7.8 | — | 2025-10-14 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. |
CVE-2025-53768 | High | 7.8 | — | 2025-10-14 | Use after free in Xbox allows an authorized attacker to elevate privileges locally. |
CVE-2025-53150 | High | 7.8 | — | 2025-10-14 | Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. |
CVE-2025-50175 | High | 7.8 | — | 2025-10-14 | Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. |
CVE-2025-50152 | High | 7.8 | — | 2025-10-14 | Out-of-bounds read in Windows Kernel allows an authorized attacker to elevate privileges locally. |
CVE-2025-24990 | High | 7.8 | KEV | 2025-10-14 | Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. |
CVE-2025-24052 | High | 7.8 | — | 2025-10-14 | Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. |
CVE-2025-59200 | High | 7.7 | — | 2025-10-14 | Concurrent execution using shared resource with improper synchronization ('race condition') in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally. |
CVE-2025-55698 | High | 7.7 | — | 2025-10-14 | Null pointer dereference in Windows DirectX allows an authorized attacker to deny service over a network. |
CVE-2025-53139 | High | 7.7 | — | 2025-10-14 | Cleartext transmission of sensitive information in Windows Hello allows an unauthorized attacker to bypass a security feature locally. |
CVE-2025-36128 | High | 7.5 | — | 2025-10-16 | IBM MQ 9.1, 9.2, 9.3, 9.4 LTS and 9.3, 9.4 CD is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. |
CVE-2025-59502 | High | 7.5 | — | 2025-10-14 | Uncontrolled resource consumption in Windows Remote Procedure Call allows an unauthorized attacker to deny service over a network. |
CVE-2025-59248 | High | 7.5 | — | 2025-10-14 | Improper input validation in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. |
CVE-2025-58726 | High | 7.5 | — | 2025-10-14 | Improper access control in Windows SMB Server allows an authorized attacker to elevate privileges over a network. |
CVE-2025-55326 | High | 7.5 | — | 2025-10-14 | Use after free in Connected Devices Platform Service (Cdpsvc) allows an unauthorized attacker to execute code over a network. |
CVE-2025-59210 | High | 7.4 | — | 2025-10-14 | Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability |
CVE-2025-59206 | High | 7.4 | — | 2025-10-14 | Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability |
CVE-2025-59189 | High | 7.4 | — | 2025-10-14 | Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally. |
CVE-2025-55693 | High | 7.4 | — | 2025-10-14 | Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally. |
CVE-2025-55687 | High | 7.4 | — | 2025-10-14 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Resilient File System (ReFS) allows an unauthorized attacker to elevate privileges locally. |
CVE-2025-55335 | High | 7.4 | — | 2025-10-14 | Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally. |
CVE-2025-48004 | High | 7.4 | — | 2025-10-14 | Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally. |
CVE-2025-55247 | High | 7.3 | — | 2025-10-14 | Improper link resolution before file access ('link following') in .NET allows an authorized attacker to elevate privileges locally. |
CVE-2025-55240 | High | 7.3 | — | 2025-10-14 | Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. |
CVE-2025-25004 | High | 7.3 | — | 2025-10-14 | Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally. |
CVE-2025-59235 | High | 7.1 | — | 2025-10-14 | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. |
CVE-2025-59232 | High | 7.1 | — | 2025-10-14 | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. |
CVE-2025-59208 | High | 7.1 | — | 2025-10-14 | Out-of-bounds read in Windows MapUrlToZone allows an unauthorized attacker to disclose information over a network. |
CVE-2025-59497 | High | 7.0 | — | 2025-10-14 | Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Linux allows an authorized attacker to deny service locally. |
CVE-2025-59289 | High | 7.0 | — | 2025-10-14 | Double free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. |
CVE-2025-59285 | High | 7.0 | — | 2025-10-14 | Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally. |
CVE-2025-59282 | High | 7.0 | — | 2025-10-14 | Concurrent execution using shared resource with improper synchronization ('race condition') in Inbox COM Objects allows an unauthorized attacker to execute code locally. |
CVE-2025-59261 | High | 7.0 | — | 2025-10-14 | Time-of-check time-of-use (toctou) race condition in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. |
CVE-2025-59221 | High | 7.0 | — | 2025-10-14 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2025-59205 | High | 7.0 | — | 2025-10-14 | Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. |
CVE-2025-59202 | High | 7.0 | — | 2025-10-14 | Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges locally. |
CVE-2025-59196 | High | 7.0 | — | 2025-10-14 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally. |
CVE-2025-59195 | High | 7.0 | — | 2025-10-14 | Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to deny service locally. |
CVE-2025-59194 | High | 7.0 | — | 2025-10-14 | Use of uninitialized resource in Windows Kernel allows an authorized attacker to elevate privileges locally. |
CVE-2025-59193 | High | 7.0 | — | 2025-10-14 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. |
CVE-2025-58738 | High | 7.0 | — | 2025-10-14 | Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. |
CVE-2025-58737 | High | 7.0 | — | 2025-10-14 | Use after free in Windows Remote Desktop allows an unauthorized attacker to execute code locally. |
CVE-2025-58736 | High | 7.0 | — | 2025-10-14 | Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. |
CVE-2025-58735 | High | 7.0 | — | 2025-10-14 | Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. |
CVE-2025-58734 | High | 7.0 | — | 2025-10-14 | Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. |
CVE-2025-58733 | High | 7.0 | — | 2025-10-14 | Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. |
CVE-2025-58732 | High | 7.0 | — | 2025-10-14 | Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. |
CVE-2025-58731 | High | 7.0 | — | 2025-10-14 | Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. |
CVE-2025-58730 | High | 7.0 | — | 2025-10-14 | Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. |
CVE-2025-58727 | High | 7.0 | — | 2025-10-14 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. |
CVE-2025-58725 | High | 7.0 | — | 2025-10-14 | Heap-based buffer overflow in Windows COM allows an authorized attacker to elevate privileges locally. |
CVE-2025-55691 | High | 7.0 | — | 2025-10-14 | Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. |
CVE-2025-55690 | High | 7.0 | — | 2025-10-14 | Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. |
CVE-2025-55689 | High | 7.0 | — | 2025-10-14 | Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. |
CVE-2025-55688 | High | 7.0 | — | 2025-10-14 | Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. |
CVE-2025-55686 | High | 7.0 | — | 2025-10-14 | Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. |
CVE-2025-55685 | High | 7.0 | — | 2025-10-14 | Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. |
CVE-2025-55684 | High | 7.0 | — | 2025-10-14 | Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. |
CVE-2025-55681 | High | 7.0 | — | 2025-10-14 | Out-of-bounds read in Windows DWM allows an authorized attacker to elevate privileges locally. |
CVE-2025-55678 | High | 7.0 | — | 2025-10-14 | Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally. |
CVE-2025-55340 | High | 7.0 | — | 2025-10-14 | Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally. |
CVE-2025-55331 | High | 7.0 | — | 2025-10-14 | Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. |
CVE-2025-53717 | High | 7.0 | — | 2025-10-14 | Reliance on untrusted inputs in a security decision in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. |
CVE-2025-50174 | High | 7.0 | — | 2025-10-14 | Use after free in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally. |
CVE-2025-47989 | High | 7.0 | — | 2025-10-14 | Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. |
CVE-2025-55320 | Medium | 6.8 | — | 2025-10-14 | Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to elevate privileges over an adjacent network. |
CVE-2025-59259 | Medium | 6.5 | — | 2025-10-14 | Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network. |
CVE-2025-59257 | Medium | 6.5 | — | 2025-10-14 | Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network. |
CVE-2025-59244 | Medium | 6.5 | — | 2025-10-14 | External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network. |
CVE-2025-59214 | Medium | 6.5 | — | 2025-10-14 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. |
CVE-2025-59185 | Medium | 6.5 | — | 2025-10-14 | External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network. |
CVE-2025-58739 | Medium | 6.5 | — | 2025-10-14 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. |
CVE-2025-58729 | Medium | 6.5 | — | 2025-10-14 | Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network. |
CVE-2025-58717 | Medium | 6.5 | — | 2025-10-14 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. |
CVE-2025-55700 | Medium | 6.5 | — | 2025-10-14 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. |
CVE-2025-48813 | Medium | 6.3 | — | 2025-10-14 | Use of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perform spoofing locally. |
CVE-2025-59258 | Medium | 6.2 | — | 2025-10-14 | Insertion of sensitive information into log file in Active Directory Federation Services allows an unauthorized attacker to disclose information locally. |
CVE-2025-55334 | Medium | 6.2 | — | 2025-10-14 | Cleartext storage of sensitive information in Windows Kernel allows an unauthorized attacker to bypass a security feature locally. |
CVE-2025-55682 | Medium | 6.1 | — | 2025-10-14 | Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. |
CVE-2025-55338 | Medium | 6.1 | — | 2025-10-14 | Missing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. |
CVE-2025-55337 | Medium | 6.1 | — | 2025-10-14 | Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. |
CVE-2025-55333 | Medium | 6.1 | — | 2025-10-14 | Incomplete comparison with missing factors in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. |
CVE-2025-55332 | Medium | 6.1 | — | 2025-10-14 | Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. |
CVE-2025-55330 | Medium | 6.1 | — | 2025-10-14 | Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. |
CVE-2025-36002 | Medium | 5.5 | — | 2025-10-16 | IBM Sterling B2B Integrator 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM Sterling File Gateway 6.2.0.0 through 6.2.0.5, and 6.2.1.0 stores user credentials in configuration files which can be read by a local user. |
CVE-2025-53950 | Medium | 5.5 | — | 2025-10-16 | An Exposure of Private Personal Information ('Privacy Violation') vulnerability [CWE-359] in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS and Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through… |
CVE-2025-54278 | Medium | 5.5 | — | 2025-10-15 | Bridge versions 14.1.8, 15.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. |
CVE-2025-54270 | Medium | 5.5 | — | 2025-10-15 | Animate versions 23.0.13, 24.0.10 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to memory exposure. |
CVE-2025-54269 | Medium | 5.5 | — | 2025-10-15 | Animate versions 23.0.13, 24.0.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. |
CVE-2025-59260 | Medium | 5.5 | — | 2025-10-14 | Exposure of sensitive information to an unauthorized actor in Microsoft Failover Cluster Virtual Driver allows an authorized attacker to disclose information locally. |
CVE-2025-59253 | Medium | 5.5 | — | 2025-10-14 | Improper access control in Microsoft Windows Search Component allows an authorized attacker to deny service locally. |
CVE-2025-59229 | Medium | 5.5 | — | 2025-10-14 | Uncaught exception in Microsoft Office allows an unauthorized attacker to deny service locally. |
CVE-2025-59211 | Medium | 5.5 | — | 2025-10-14 | Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally. |
CVE-2025-59209 | Medium | 5.5 | — | 2025-10-14 | Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally. |
CVE-2025-59204 | Medium | 5.5 | — | 2025-10-14 | Use of uninitialized resource in Windows Management Services allows an authorized attacker to disclose information locally. |
CVE-2025-59203 | Medium | 5.5 | — | 2025-10-14 | Insertion of sensitive information into log file in Windows StateRepository API allows an authorized attacker to disclose information locally. |
CVE-2025-59197 | Medium | 5.5 | — | 2025-10-14 | Insertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information locally. |
CVE-2025-59190 | Medium | 5.5 | — | 2025-10-14 | Improper input validation in Microsoft Windows Search Component allows an unauthorized attacker to deny service locally. |
CVE-2025-59188 | Medium | 5.5 | — | 2025-10-14 | Exposure of sensitive information to an unauthorized actor in Windows Failover Cluster allows an authorized attacker to disclose information locally. |
CVE-2025-59186 | Medium | 5.5 | — | 2025-10-14 | Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. |
CVE-2025-59184 | Medium | 5.5 | — | 2025-10-14 | Exposure of sensitive information to an unauthorized actor in Windows High Availability Services allows an authorized attacker to disclose information locally. |
CVE-2025-55699 | Medium | 5.5 | — | 2025-10-14 | Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. |
CVE-2025-55695 | Medium | 5.5 | — | 2025-10-14 | Out-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose information locally. |
CVE-2025-55683 | Medium | 5.5 | — | 2025-10-14 | Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. |
CVE-2025-55676 | Medium | 5.5 | — | 2025-10-14 | Generation of error message containing sensitive information in Windows USB Video Driver allows an authorized attacker to disclose information locally. |
CVE-2025-55336 | Medium | 5.5 | — | 2025-10-14 | Exposure of sensitive information to an unauthorized actor in Windows Cloud Files Mini Filter Driver allows an authorized attacker to disclose information locally. |
CVE-2025-55325 | Medium | 5.5 | — | 2025-10-14 | Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. |
CVE-2025-47979 | Medium | 5.5 | — | 2025-10-14 | Insertion of sensitive information into log file in Windows Failover Cluster allows an authorized attacker to disclose information locally. |
CVE-2025-53951 | Medium | 5.3 | — | 2025-10-16 | An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiDLP Agent's Outlookproxy plugin for Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 thr… |
CVE-2025-59288 | Medium | 5.3 | — | 2025-10-14 | Improper verification of cryptographic signature in Github: Playwright allows an unauthorized attacker to perform spoofing over an adjacent network. |
CVE-2025-27906 | Medium | 5.3 | — | 2025-10-14 | IBM Content Navigator 3.0.11, 3.0.15, 3.1.0, and 3.2.0 could expose the directory listing of the application upon using an application URL. |
CVE-2025-55679 | Medium | 5.1 | — | 2025-10-14 | Improper input validation in Windows Kernel allows an unauthorized attacker to disclose information locally. |
CVE-2025-59198 | Medium | 5.0 | — | 2025-10-14 | Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally. |
CVE-2025-55248 | Medium | 4.8 | — | 2025-10-14 | Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network. |
CVE-2025-58719 | Medium | 4.7 | — | 2025-10-14 | Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. |
CVE-2025-46752 | Medium | 4.4 | — | 2025-10-16 | A insertion of sensitive information into log file in Fortinet FortiDLP 12.0.0 through 12.0.5, 11.5.1, 11.4.6, 11.4.5 allows attacker to information disclosure via re-using the enrollment code. |
CVE-2025-54196 | Medium | 4.3 | — | 2025-10-14 | Adobe Connect versions 12.9 and earlier are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. |
CVE-2025-59284 | Low | 3.3 | — | 2025-10-14 | Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally. |
CVE-2025-59280 | Low | 3.1 | — | 2025-10-14 | Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network. |
CVE-2025-59294 | Low | 2.1 | — | 2025-10-14 | Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an unauthorized attacker to disclose information with a physical attack. |
Other vendors (666 CVEs across 216 vendors)
F5 · 44 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-53521 | Critical | 9.8 | KEV | 2025-10-15 | When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can lead to Remote Code Execution (RCE). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
CVE-2025-57780 | High | 8.8 | — | 2025-10-15 | A vulnerability exists in F5OS-A and F5OS-C system that may allow an authenticated attacker with local access to escalate their privileges. A successful exploit may allow the attacker to cross a security boundary. Note: Software versions… |
CVE-2025-61955 | High | 8.8 | — | 2025-10-15 | A vulnerability exists in F5OS-A and F5OS-C systems that may allow an authenticated attacker with local access to escalate their privileges. A successful exploit may allow the attacker to cross a security boundary. Note: Software version… |
CVE-2025-61958 | High | 8.7 | — | 2025-10-15 | A vulnerability exists in the iHealth command that may allow an authenticated attacker with at least a resource administrator role to bypass tmsh restrictions and gain access to a bash shell. For BIG-IP systems running in Appliance mode… |
CVE-2025-59481 | High | 8.7 | — | 2025-10-15 | A vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command that may allow an authenticated attacker with at least resource administrator role to execute arbitrary system commands with higher privileges. A… |
CVE-2025-53868 | High | 8.7 | — | 2025-10-15 | When running in Appliance mode, a highly privileged authenticated attacker with access to SCP and SFTP may be able to bypass Appliance mode restrictions using undisclosed commands. Note: Software versions which have reached End of Technic… |
CVE-2025-61990 | High | 7.5 | — | 2025-10-15 | When using a multi-bladed platform with more than one blade, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated… |
CVE-2025-61935 | High | 7.5 | — | 2025-10-15 | When a BIG IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
CVE-2025-58071 | High | 7.5 | — | 2025-10-15 | When IPsec is configured on the BIG-IP system, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
CVE-2025-61974 | High | 7.5 | — | 2025-10-15 | When a client SSL profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
CVE-2025-61960 | High | 7.5 | — | 2025-10-15 | When a per-request policy is configured on a BIG-IP APM portal access virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support… |
CVE-2025-61951 | High | 7.5 | — | 2025-10-15 | Undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. This issue may occur when a Datagram Transport Layer Security (DTLS) 1.2 virtual server is enabled with a Server SSL profile that is configured with a ce… |
CVE-2025-61938 | High | 7.5 | — | 2025-10-15 | When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process ca… |
CVE-2025-60016 | High | 7.5 | — | 2025-10-15 | When Diffie-Hellman (DH) group Elliptic Curve Cryptography (ECC) Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Ma… |
CVE-2025-59781 | High | 7.5 | — | 2025-10-15 | When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not… |
CVE-2025-59778 | High | 7.5 | — | 2025-10-15 | When the Allowed IP Addresses feature is configured on the F5OS-C partition control plane, undisclosed traffic can cause multiple containers to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are no… |
CVE-2025-59478 | High | 7.5 | — | 2025-10-15 | When a BIG-IP AFM denial-of-service (DoS) protection profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End o… |
CVE-2025-58120 | High | 7.5 | — | 2025-10-15 | When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
CVE-2025-58096 | High | 7.5 | — | 2025-10-15 | When the database variable tm.tcpudptxchecksum is configured as non-default value Software-only on a BIG-IP system, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have re… |
CVE-2025-55669 | High | 7.5 | — | 2025-10-15 | When the BIG-IP Advanced WAF and ASM security policy and a server-side HTTP/2 profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which h… |
CVE-2025-55036 | High | 7.5 | — | 2025-10-15 | When BIG-IP SSL Orchestrator explicit forward proxy is configured on a virtual server and the proxy connect feature is enabled, undisclosed traffic may cause memory corruption. Note: Software versions which have reached End of Technical S… |
CVE-2025-54858 | High | 7.5 | — | 2025-10-15 | When a BIG-IP Advanced WAF or BIG-IP ASM Security Policy is configured with a JSON content profile that has a malformed JSON schema, and the security policy is applied to a virtual server, undisclosed requests can cause the bd process to t… |
CVE-2025-54854 | High | 7.5 | — | 2025-10-15 | When a BIG-IP APM OAuth access profile (Resource Server or Resource Client) is configured on a virtual server, undisclosed traffic can cause the apmd process to terminate. Note: Software versions which have reached End of Technical Suppor… |
CVE-2025-54479 | High | 7.5 | — | 2025-10-15 | When a classification profile is configured on a virtual server without an HTTP or HTTP/2 profile, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Tech… |
CVE-2025-53856 | High | 7.5 | — | 2025-10-15 | When a virtual server, network address translation (NAT) object, or secure network address translation (SNAT) object uses the embedded Packet Velocity Acceleration (ePVA) feature, undisclosed traffic can cause the Traffic Management Microk… |
CVE-2025-53474 | High | 7.5 | — | 2025-10-15 | When an iRule using an ILX::call command is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) ar… |
CVE-2025-48008 | High | 7.5 | — | 2025-10-15 | When a TCP profile with Multipath TCP (MPTCP) enabled is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate. Note: Softwa… |
CVE-2025-46706 | High | 7.5 | — | 2025-10-15 | When an iRule containing the HTTP::respond command is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are… |
CVE-2025-41430 | High | 7.5 | — | 2025-10-15 | When BIG-IP SSL Orchestrator is enabled, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. |
CVE-2025-59483 | Medium | 6.5 | — | 2025-10-15 | A validation vulnerability exists in an undisclosed URL in the Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
CVE-2025-55670 | Medium | 6.5 | — | 2025-10-15 | On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Suppo… |
CVE-2025-54805 | Medium | 6.5 | — | 2025-10-15 | When an iRule is configured on a virtual server via the declarative API, upon re-instantiation, the cleanup process can cause an increase in the Traffic Management Microkernel (TMM) memory resource utilization. Note: Software versions whi… |
CVE-2025-47150 | Medium | 6.5 | — | 2025-10-15 | When SNMP is configured on F5OS Appliance and Chassis systems, undisclosed requests can cause an increase in SNMP memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
CVE-2025-47148 | Medium | 6.5 | — | 2025-10-15 | When the BIG-IP system is configured as both a Security Assertion Markup Language (SAML) service provider (SP) and Identity Provider (IdP), with single logout (SLO) enabled on an access policy, undisclosed requests can cause an increase in… |
CVE-2025-61933 | Medium | 6.1 | — | 2025-10-15 | A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of BIG-IP APM that allows an attacker to run JavaScript in the context of the targeted logged-out user. Note: Software versions which have reached End of T… |
CVE-2025-59269 | Medium | 6.1 | — | 2025-10-15 | A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which… |
CVE-2025-58153 | Medium | 5.9 | — | 2025-10-15 | Under undisclosed traffic conditions along with conditions beyond the attacker's control, hardware systems with a High-Speed Bridge (HSB) may experience a lockup of the HSB. |
CVE-2025-60015 | Medium | 5.7 | — | 2025-10-15 | An out-of-bounds write vulnerability exists in F5OS-A and F5OS-C that could lead to memory corruption. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
CVE-2025-59268 | Medium | 5.3 | — | 2025-10-15 | On the BIG-IP system, undisclosed endpoints that contain static non-sensitive information are accessible to an unauthenticated remote attacker through the Configuration utility. Note: Software versions which have reached End of Technical… |
CVE-2025-58474 | Medium | 5.3 | — | 2025-10-15 | When BIG-IP Advanced WAF is configured on a virtual server with Server-Side Request Forgery (SSRF) protection or when an NGINX server is configured with App Protect Bot Defense, undisclosed requests can disrupt new client requests. Note… |
CVE-2025-58424 | Medium | 5.3 | — | 2025-10-15 | On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data modification in protocols which do not have message integrity protection. Note: Software versions which have reached End of Technical Support (EoTS) ar… |
CVE-2025-54755 | Medium | 4.9 | — | 2025-10-15 | A directory traversal vulnerability exists in TMUI that allows a highly privileged authenticated attacker to access files which are not limited to the intended files. Note: Software versions which have reached End of Technical Support (Eo… |
CVE-2025-60013 | Medium | 4.6 | — | 2025-10-15 | When a highly-privileged, authenticated attacker attempts to initialize the rSeries FIPS module using a password with special shell metacharacters, arbitrary system commands may be executed, and the FIPS hardware security module (HSM) may… |
CVE-2025-53860 | Medium | 4.1 | — | 2025-10-15 | A vulnerability exists in F5OS-A software that allows a highly privileged authenticated attacker to access sensitive FIPS hardware security module (HSM) information on F5 rSeries systems. Note: Software versions which have reached End of… |
Linux · 36 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-39967 | High | 7.8 | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: fbcon: fix integer overflow in fbcon_do_set_font Fix integer overflow vulnerabilities in fbcon_do_set_font() where font size calculations could overflow when handling us… |
CVE-2025-39966 | High | 7.0 | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix race during abort for file descriptors fput() doesn't actually call file_operations release() synchronously, it puts the file on a work queue and it will be… |
CVE-2025-39965 | Medium | 5.5 | — | 2025-10-13 | In the Linux kernel, the following vulnerability has been resolved: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI x->id.spi == 0 means "no SPI assigned", but since commit 94f39804d891 ("xfrm: Duplicate SPI Handling"), we now create states … |
CVE-2025-39964 | Low | 3.3 | — | 2025-10-13 | In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg Issuing two writes to the same af_alg socket is bogus as the data will be interleaved in an unpredictable f… |
CVE-2025-40000 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() There is a bug observed when rtw89_core_tx_kick_off_and_wait() tries to access already freed skb_dat… |
CVE-2025-39999 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix blk_mq_tags double free while nr_requests grown In the case user trigger tags grow by queue sysfs attribute nr_requests, hctx->sched_tags will be freed direc… |
CVE-2025-39998 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: scsi: target: target_core_configfs: Add length check to avoid buffer overflow A buffer overflow arises from the usage of snprintf to write into the buffer "buf" in targe… |
CVE-2025-39997 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free The previous commit 0718a78f6a9f ("ALSA: usb-audio: Kill timer properly at removal") patched a UAF issue c… |
CVE-2025-39996 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove The original code uses cancel_delayed_work() in flexcop_pci_remove(), which does not guar… |
CVE-2025-39995 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe The state->timer is a cyclic timer that schedules work_i2c_poll and delayed_work_enable_hot… |
CVE-2025-39994 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: media: tuner: xc5000: Fix use-after-free in xc5000_release The original code uses cancel_delayed_work() in xc5000_release(), which does not guarantee that the delayed wo… |
CVE-2025-39993 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imon_disconnect() Syzbot reports a KASAN issue as below: BUG: KASAN: use-after-free in __create_pipe include/linux/usb.h:1945 [inline] BUG: KAS… |
CVE-2025-39992 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: mm: swap: check for stable address space before operating on the VMA It is possible to hit a zero entry while traversing the vmas in unuse_mm() called from swapoff path… |
CVE-2025-39991 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() If ab->fw.m3_data points to data, then fw pointer remains null. |
CVE-2025-39990 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in get_helper_proto kernel test robot reported verifier bug [1] where the helper func pointer could be NULL due to disabled confi… |
CVE-2025-39988 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow Sending an PF_PACKET allows to bypass the CAN framework logic and to directly reach the xmit() func… |
CVE-2025-39987 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: can: hi311x: populate ndo_change_mtu() to prevent buffer overflow Sending an PF_PACKET allows to bypass the CAN framework logic and to directly reach the xmit() function… |
CVE-2025-39986 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow Sending an PF_PACKET allows to bypass the CAN framework logic and to directly reach the xmit() funct… |
CVE-2025-39985 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow Sending an PF_PACKET allows to bypass the CAN framework logic and to directly reach the xmit() functi… |
CVE-2025-39984 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: net: tun: Update napi->skb after XDP process The syzbot report a UAF issue: BUG: KASAN: slab-use-after-free in skb_reset_mac_header include/linux/skbuff.h:3150 [inlin… |
CVE-2025-39983 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue This fixes the following UAF caused by not properly locking hdev when processing HCI_EV_NUM_COMP_PKTS: BUG: KASAN… |
CVE-2025-39982 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync This fixes the following UFA in hci_acl_create_conn_sync where a connection still pending is command submission… |
CVE-2025-39981 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible UAFs This attemps to fix possible UAFs caused by struct mgmt_pending being freed while still being processed like in the following trace, i… |
CVE-2025-39980 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: nexthop: Forbid FDB status change while nexthop is in a group The kernel forbids the creation of non-FDB nexthop groups with FDB nexthops: # ip nexthop add id 1 via 19… |
CVE-2025-39979 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace [1] caused by releasing an HWS action of a local flow counter in mlx5_cmd_hws_delete_fte(), where the HW… |
CVE-2025-39978 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() This code calls kfree_rcu(new_node, rcu) and then dereferences "new_node" and then dereferences it on th… |
CVE-2025-39977 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futex_wait_requeue_pi() futex_… |
CVE-2025-39976 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: futex: Use correct exit on failure from futex_hash_allocate_default() copy_process() uses the wrong error exit path from futex_hash_allocate_default(). |
CVE-2025-39975 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix wrong index reference in smb2_compound_op() In smb2_compound_op(), the loop that processes each command's response uses wrong indices when accessing res… |
CVE-2025-39974 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix slab-out-of-bounds in _parse_integer_limit() When config osnoise cpus by write() syscall, the following KASAN splat may be observed: BUG: KASAN: sl… |
CVE-2025-39973 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: i40e: add validation for ring_len param The `ring_len` parameter provided by the virtual function (VF) is assigned directly to the hardware memory context (HMC) without … |
CVE-2025-39972 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in i40e_validate_queue_map Ensure idx is within range of active/initialized TCs when iterating over vf->ch[idx] in i40e_validate_queue_map(). |
CVE-2025-39971 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in config queues msg Ensure idx is within range of active/initialized TCs when iterating over vf->ch[idx] in i40e_vc_config_queues_msg(). |
CVE-2025-39970 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: i40e: fix input validation logic for action_meta Fix condition to check 'greater or equal' to prevent OOB dereference. |
CVE-2025-39969 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: i40e: fix validation of VF state in get resources VF state I40E_VF_STATE_ACTIVE is not the only state in which VF is actually active so it should not be used to determin… |
CVE-2025-39968 | — | — | — | 2025-10-15 | In the Linux kernel, the following vulnerability has been resolved: i40e: add max boundary check for VF filters There is no check for max filters that VF can request. |
N/a · 30 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-60279 | Critical | 9.6 | — | 2025-10-17 | A server-side request forgery (SSRF) vulnerability in Illia Cloud illia-Builder before v4.8.5 allows authenticated users to send arbitrary requests to internal services via the API. |
CVE-2025-11849 | Critical | 9.3 | — | 2025-10-17 | Versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package mammoth before 1.11.0; versions of the package org.zwobble.mammoth:mammoth before 1.11.0… |
CVE-2025-57567 | Critical | 9.1 | — | 2025-10-17 | A remote code execution (RCE) vulnerability exists in the PluXml CMS theme editor, specifically in the minify.php file located under the default theme directory (/themes/defaut/css/minify.php). |
CVE-2025-61553 | High | 8.2 | — | 2025-10-16 | An out-of-bounds write in VirtIO network device emulation in BitVisor from commit 108df6 (2020-05-20) to commit 480907 (2025-07-06) allows local attackers to cause a denial of service (host hypervisor crash) via a crafted PCI configuration… |
CVE-2025-61536 | High | 8.2 | — | 2025-10-16 | FelixRiddle dev-jobs-handlebars 1.0 uses absolute password-reset (magic) links using the untrusted `req.headers.host` header and forces the `http://` scheme. |
CVE-2025-22381 | High | 8.2 | — | 2025-10-16 | Aggie 2.6.1 has a Host Header injection vulnerability in the forgot password functionality, allowing an attacker to reset a user's password. |
CVE-2025-60536 | High | 7.5 | — | 2025-10-14 | An issue in the Configure New Cluster interface of kafka-ui v0.6.0 to v0.7.2 allows attackers to cause a Denial of Service (DoS) via uploading a crafted configuration file. |
CVE-2025-57618 | High | 7.3 | — | 2025-10-14 | A path traversal vulnerability in FastX3 thru 3.3.67 allows an unauthenticated attacker to read arbitrary files on the server. |
CVE-2025-60535 | High | 7.3 | — | 2025-10-14 | A Cross-Site Request Forgery (CSRF) in the component /endpoints/currency/currency of Wallos v4.1.1 allows attackers to execute arbitrary operations via a crafted GET request. |
CVE-2025-61543 | High | 7.1 | — | 2025-10-16 | A Host Header Injection vulnerability exists in the password reset functionality of CraftMyCMS 4.0.2.2. |
CVE-2025-61541 | High | 7.1 | — | 2025-10-16 | Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality (forgot_send.cgi). |
CVE-2025-60514 | Medium | 6.5 | — | 2025-10-17 | Tillywork v0.1.3 and below is vulnerable to SQL Injection in app/common/helpers/query.builder.helper.ts. |
CVE-2025-61514 | Medium | 6.5 | — | 2025-10-16 | An arbitrary file upload vulnerability in SageMath, Inc CoCalc before commit 0d2ff58 allows attackers to execute arbitrary code via uploading a crafted SVG file. |
CVE-2025-61330 | Medium | 6.5 | — | 2025-10-16 | A hard-coded weak password vulnerability has been discovered in all Magic-branded devices from Chinese network equipment manufacturer H3C. |
CVE-2025-60641 | Medium | 6.5 | — | 2025-10-16 | The file mexcel.php in the Vfront 0.99.52 codebase contains a vulnerable call to unserialize(base64_decode($_POST['mexcel'])), where $_POST['mexcel'] is user-controlled input. |
CVE-2025-60639 | Medium | 6.5 | — | 2025-10-16 | Hardcoded credentials in gsigel14 ATLAS-EPIC commit f29312c (2025-05-26). |
CVE-2025-60540 | Medium | 6.5 | — | 2025-10-14 | karakeep v0.26.0 to v0.7.0 was discovered to contain a Server-Side Request Forgery (SSRF). |
CVE-2025-60537 | Medium | 6.5 | — | 2025-10-14 | Improper input validation in the component /kafka/ui/serdes/CustomSerdeLoader.java of kafka-ui v0.6.0 to v0.7.2 allows attackers to execute arbitrary code via supplying crafted data. |
CVE-2025-57563 | Medium | 6.5 | — | 2025-10-14 | A path traversal in StarNet Communications Corporation FastX v.4 through v4.1.51 allows unauthenticated attackers to read arbitrary files. |
CVE-2025-54603 | Medium | 6.5 | — | 2025-10-14 | An incorrect OIDC authentication flow in Claroty Secure Access 3.3.0 through 4.0.2 can result in unauthorized user creation or impersonation of existing OIDC users. |
CVE-2025-60374 | Medium | 6.1 | — | 2025-10-14 | Stored Cross-Site Scripting (XSS) in Perfex CRM chatbot before 3.3.1 allows attackers to inject arbitrary HTML/JavaScript. |
CVE-2025-60360 | Medium | 5.5 | — | 2025-10-17 | radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_init. |
CVE-2025-60359 | Medium | 5.5 | — | 2025-10-17 | radare2 v5.9.8 and before contains a memory leak in the function r_bin_object_new. |
CVE-2025-61554 | Medium | 5.5 | — | 2025-10-16 | A divide-by-zero in VirtIO network device emulation in BitVisor from commit 108df6 (2020-05-20) to commit 480907 (2025-07-06) allows local attackers to cause a denial of service (host hypervisor crash) via a crafted PCI configuration space… |
CVE-2025-60358 | Medium | 5.5 | — | 2025-10-16 | radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations. |
CVE-2025-56320 | Medium | 5.4 | — | 2025-10-17 | Enterprise Contract Management Portal v.22.4.0 is vulnerable to Stored Cross-Site Scripting (XSS) in its chat box component. |
CVE-2025-56700 | Medium | 5.4 | — | 2025-10-16 | Boolean SQL injection vulnerability in the web app of Base Digitale Group spa product Centrax Open PSIM version 6.1 allows a low level priviliged user that has access to the platform, to execute arbitrary SQL commands via the datafine para… |
CVE-2025-56699 | Medium | 5.4 | — | 2025-10-16 | SQL injection vulnerability in the cmd component of Base Digitale Group spa product Centrax Open PSIM version 6.1 allows an unauthenticated user to execute arbitrary SQL commands via the sender parameter. |
CVE-2025-60855 | Medium | 5.1 | — | 2025-10-16 | Reolink Video Doorbell WiFi DB_566128M5MP_W performs insufficient validation of firmware update signatures. |
CVE-2025-60361 | Low | 3.3 | — | 2025-10-17 | radare2 v5.9.8 and before contains a memory leak in the function bochs_open. |
Fortinet · 27 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-58325 | High | 8.2 | — | 2025-10-14 | An Incorrect Provision of Specified Functionality vulnerability [CWE-684] in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2.5 through 7.2.10, 7.0.0 through 7.0.15, 6.4 all versions may allow a local authenticated attacker to execute system comman… |
CVE-2025-49201 | High | 8.1 | — | 2025-10-14 | A weak authentication vulnerability in Fortinet FortiPAM 1.5.0, FortiPAM 1.4.0 through 1.4.2, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiSwitchManager 7.2.0 through 7.2… |
CVE-2025-57741 | High | 7.8 | — | 2025-10-14 | An Incorrect Permission Assignment for Critical Resource vulnerability [CWE-732] in FortiClientMac 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local attacker to run arbitrary code or commands via LaunchDaemon hi… |
CVE-2025-57740 | High | 7.5 | — | 2025-10-14 | An Heap-based Buffer Overflow vulnerability [CWE-122] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions; FortiPAM version 1.5.0, version 1.4.2 and below, 1.3 all versi… |
CVE-2025-46774 | High | 7.5 | — | 2025-10-14 | An Improper Verification of Cryptographic Signature vulnerability [CWE-347] in FortiClient MacOS installer version 7.4.2 and below, version 7.2.9 and below, 7.0 all versions may allow a local user to escalate their privileges via FortiClie… |
CVE-2025-25253 | High | 7.5 | — | 2025-10-14 | An Improper Validation of Certificate with Host Mismatch vulnerability [CWE-297] in FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions and FortiOS version 7.6.2 and below, version 7.4.8 and belo… |
CVE-2024-33507 | High | 7.4 | — | 2025-10-14 | An insufficient session expiration vulnerability [CWE-613] and an incorrect authorization vulnerability [CWE-863] in FortiIsolator 2.4.0 through 2.4.4, 2.3 all versions, 2.2.0, 2.1 all versions, 2.0 all versions authentication mechanism ma… |
CVE-2024-50571 | High | 7.2 | — | 2025-10-14 | A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.2, FortiAnalyzer 7.4.0 through 7.4.5, FortiAnalyzer 7.2.0 through 7.2.9, FortiAnalyzer 7.0.0 through 7.0.13, FortiAnalyzer 6.4 all versions, FortiAnalyz… |
CVE-2025-47856 | High | 7.2 | — | 2025-10-14 | Two improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiVoice version 7.2.0, 7.0.0 through 7.0.6 and before 6.4.10 allows a privileged attacker to execute arb… |
CVE-2024-48891 | High | 7.0 | — | 2025-10-14 | An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiSOAR 7.6.0 through 7.6.1, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an attacker who has al… |
CVE-2025-57716 | Medium | 6.7 | — | 2025-10-14 | An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious… |
CVE-2023-46718 | Medium | 6.7 | — | 2025-10-14 | A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthori… |
CVE-2025-59921 | Medium | 6.5 | — | 2025-10-14 | An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiADC version 7.4.0, version 7.2.3 and below, version 7.1.4 and below, 7.0 all versions, 6.2 all versions may allow an authenticated attac… |
CVE-2025-53845 | Medium | 6.5 | — | 2025-10-14 | An improper authentication vulnerability [CWE-287] in Fortinet FortiAnalyzer version 7.6.0 through 7.6.3 and before 7.4.6 allows an unauthenticated attacker to obtain information pertaining to the device's health and status, or cause a den… |
CVE-2025-22258 | Medium | 6.5 | — | 2025-10-14 | A heap-based buffer overflow in Fortinet FortiSRA 1.5.0, 1.4.0 through 1.4.2, FortiPAM 1.5.0, 1.4.0 through 1.4.2, 1.3.0 through 1.3.1, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy 7.6.0 through 7.6.1, 7.4.0 through 7.4.7, F… |
CVE-2025-58324 | Medium | 6.4 | — | 2025-10-14 | An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiSIEM 7.2.0 through 7.2.2, 7.1 all versions, 7.0 all versions, 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all ver… |
CVE-2025-31365 | Medium | 5.8 | — | 2025-10-14 | An Improper Control of Generation of Code ('Code Injection') vulnerability [CWE-94] in FortiClientMac 7.4.0 through 7.4.3, 7.2.1 through 7.2.8 may allow an unauthenticated attacker to execute arbitrary code on the victim's host via trickin… |
CVE-2025-54973 | Medium | 5.3 | — | 2025-10-14 | A concurrent execution using shared resource with improper synchronization ('Race Condition') vulnerability [CWE-362] in Fortinet FortiAnalyzer version 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10 and before 7.0.13 allows… |
CVE-2025-25255 | Medium | 5.3 | — | 2025-10-14 | An Improperly Implemented Security Check for Standard vulnerability [CWE-358] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.11, FortiProxy 7.2 all versions, FortiProxy 7… |
CVE-2024-26008 | Medium | 5.3 | — | 2025-10-14 | An improper check or handling of exceptional conditions vulnerability [CWE-703] in FortiOS version 7.4.0 through 7.4.3 and before 7.2.7, FortiProxy version 7.4.0 through 7.4.3 and before 7.2.9, FortiPAM before 1.2.0 and FortiSwitchManager… |
CVE-2025-25252 | Medium | 4.8 | — | 2025-10-14 | An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL VPN 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4 all versions may allow a remote attacker (e.g. |
CVE-2025-31366 | Medium | 4.7 | — | 2025-10-14 | An Improper Neutralization of Input During Web Page Generation vulnerability [CWE-79] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all v… |
CVE-2025-54822 | Medium | 4.3 | — | 2025-10-14 | An improper authorization vulnerability [CWE-285] vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through 7.2.8, FortiOS 7.0.0 through 7.0.11, FortiProxy 7.4.0 through 7.4.8, FortiProxy 7.2 all versions, FortiProxy 7.0… |
CVE-2024-47569 | Medium | 4.3 | — | 2025-10-14 | A insertion of sensitive information into sent data vulnerability in Fortinet FortiMail 7.4.0 through 7.4.2, FortiMail 7.2.0 through 7.2.6, FortiMail 7.0 all versions, FortiManager 7.6.0 through 7.6.1, FortiManager 7.4.1 through 7.4.3, For… |
CVE-2025-58903 | Low | 2.7 | — | 2025-10-14 | An Unchecked Return Value vulnerability [CWE-252] in Fortinet FortiOS version 7.6.0 through 7.6.3 and before 7.4.8 API allows an authenticated user to cause a Null Pointer Dereference, crashing the http daemon via a specialy crafted reque… |
CVE-2025-31514 | Low | 2.7 | — | 2025-10-14 | A insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6… |
CVE-2025-47890 | Low | 2.6 | — | 2025-10-14 | An URL Redirection to Untrusted Site vulnerabilities [CWE-601] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiProxy 7.6… |
Eclipse · 20 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-55089 | Critical | 9.8 | — | 2025-10-16 | In FileX before 6.4.2, the file support module for Eclipse Foundation ThreadX, there was a possible buffer overflow in the FileX RAM disk driver. |
CVE-2025-55100 | Critical | 9.1 | — | 2025-10-17 | In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio10_sam_parse_func() when parsing a list of sampling frequencies. |
CVE-2025-55081 | Critical | 9.1 | — | 2025-10-15 | In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the _nx_secure_tls_process_clienthello() function was missing length verification of certain SSL/TLS client hello message: the ciphersuite length and compression method l… |
CVE-2025-55085 | High | 7.5 | — | 2025-10-17 | In NextX Duo before 6.4.4, in the HTTP client module, the network support code for Eclipse Foundation ThreadX, the parsing of HTTP header fields was missing bounds verification. |
CVE-2025-55094 | High | 7.5 | — | 2025-10-17 | In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_icmpv6_validate_options() when handling a packet with ICMP6 options. |
CVE-2025-55087 | High | 7.5 | — | 2025-10-17 | In NextX Duo's snmp addon versions before 6.4.4, a part of the Eclipse Foundation ThreadX, an attacker could cause an out-of-bound read by a crafted SNMPv3 security parameters. |
CVE-2025-55080 | High | 7.1 | — | 2025-10-15 | In Eclipse ThreadX before 6.4.3, when memory protection is enabled, syscall parameters verification wasn't enough, allowing an attacker to obtain an arbitrary memory read/write. |
CVE-2025-55091 | Medium | 6.5 | — | 2025-10-16 | In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ip_packet_receive() function when received an Ethernet with type set as IP but no IP data. |
CVE-2025-55090 | Medium | 6.5 | — | 2025-10-16 | In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() function when received an Ethernet frame with less than 4 bytes of IP packet. |
CVE-2025-55099 | Medium | 6.1 | — | 2025-10-17 | In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio_alternate_setting_locate() when parsing a descriptor with attacker-controlled frequency fiel… |
CVE-2025-55098 | Medium | 6.1 | — | 2025-10-17 | In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio_device_type_get() when parsing a descriptor of an USB audio device. |
CVE-2025-55097 | Medium | 6.1 | — | 2025-10-17 | In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio_streaming_sampling_get() when parsing a descriptor of an USB streaming device. |
CVE-2025-55096 | Medium | 6.1 | — | 2025-10-17 | In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_hid_report_descriptor_get() when parsing a descriptor of an USB HID device. |
CVE-2025-55079 | Medium | 5.5 | — | 2025-10-15 | In Eclipse ThreadX before version 6.4.3, the thread module has a setting of maximum priority. |
CVE-2025-55078 | Medium | 5.5 | — | 2025-10-14 | In Eclipse ThreadX before version 6.4.3, an attacker can cause a denial of service (crash) by providing a pointer to a reserved or unmapped memory region. |
CVE-2025-55093 | Medium | 5.3 | — | 2025-10-17 | In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() when handling unicast DHCP messages that could cause corruption of 4 bytes o… |
CVE-2025-55092 | Medium | 5.3 | — | 2025-10-17 | In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_option_process() when processing an IPv4 packet with the timestamp option. |
CVE-2025-55084 | Medium | 5.3 | — | 2025-10-16 | In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check in_nx_secure_tls_proc_clienthello_supported_versions_extension() in the extension version field. |
CVE-2025-55083 | Medium | 5.3 | — | 2025-10-15 | In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two out of bound read. |
CVE-2025-55082 | Medium | 5.3 | — | 2025-10-15 | In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was a potential out of bound read in _nx_secure_tls_process_clienthello() because of a missing validation of PSK length provided in the user message. |
Ivanti · 17 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-9713 | High | 8.8 | — | 2025-10-13 | Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. |
CVE-2025-11622 | High | 7.8 | — | 2025-10-13 | Insecure deserialization in Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to escalate their privileges. |
CVE-2025-10985 | High | 7.2 | — | 2025-10-14 | OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution. |
CVE-2025-10243 | High | 7.2 | — | 2025-10-14 | OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution. |
CVE-2025-10242 | High | 7.2 | — | 2025-10-14 | OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution. |
CVE-2025-62392 | Medium | 6.5 | — | 2025-10-13 | SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database. |
CVE-2025-62391 | Medium | 6.5 | — | 2025-10-13 | SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database. |
CVE-2025-62390 | Medium | 6.5 | — | 2025-10-13 | SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database. |
CVE-2025-62389 | Medium | 6.5 | — | 2025-10-13 | SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database. |
CVE-2025-62388 | Medium | 6.5 | — | 2025-10-13 | SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database. |
CVE-2025-62387 | Medium | 6.5 | — | 2025-10-13 | SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database. |
CVE-2025-62386 | Medium | 6.5 | — | 2025-10-13 | SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database. |
CVE-2025-62385 | Medium | 6.5 | — | 2025-10-13 | SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database. |
CVE-2025-62384 | Medium | 6.5 | — | 2025-10-13 | SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database. |
CVE-2025-62383 | Medium | 6.5 | — | 2025-10-13 | SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database. |
CVE-2025-11623 | Medium | 6.5 | — | 2025-10-13 | SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database. |
CVE-2025-10986 | Medium | 4.7 | — | 2025-10-14 | Path traversal in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to write data in unintended locations on disk. |
Adobe · 14 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-54264 | High | 8.1 | — | 2025-10-14 | Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged at… |
CVE-2025-54263 | High | 8.1 | — | 2025-10-14 | Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. |
CVE-2025-54276 | High | 7.8 | — | 2025-10-14 | Substance3D - Modeler versions 1.22.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. |
CVE-2025-54280 | High | 7.8 | — | 2025-10-14 | Substance3D - Viewer versions 0.25.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. |
CVE-2025-54274 | High | 7.8 | — | 2025-10-14 | Substance3D - Viewer versions 0.25.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. |
CVE-2025-54273 | High | 7.8 | — | 2025-10-14 | Substance3D - Viewer versions 0.25.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. |
CVE-2025-54267 | Medium | 6.5 | — | 2025-10-14 | Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. |
CVE-2025-54265 | Medium | 5.9 | — | 2025-10-14 | Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. |
CVE-2025-54271 | Medium | 5.6 | — | 2025-10-15 | Creative Cloud Desktop versions 6.7.0.278 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to arbitrary file system write. |
CVE-2025-54275 | Medium | 5.5 | — | 2025-10-14 | Substance3D - Viewer versions 0.25.2 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. |
CVE-2025-61797 | Medium | 5.4 | — | 2025-10-14 | Adobe Experience Manager versions 11.6 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. |
CVE-2025-61796 | Medium | 5.4 | — | 2025-10-14 | Adobe Experience Manager versions 11.6 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. |
CVE-2025-54272 | Medium | 5.4 | — | 2025-10-14 | Adobe Experience Manager versions 11.6 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. |
CVE-2025-54266 | Medium | 4.8 | — | 2025-10-14 | Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious… |
Arubanetworks · 13 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-37134 | High | 7.2 | — | 2025-10-14 | An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. |
CVE-2025-37133 | High | 7.2 | — | 2025-10-14 | An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. |
CVE-2025-37132 | High | 7.2 | — | 2025-10-14 | An arbitrary file write vulnerability exists in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. |
CVE-2025-37137 | Medium | 6.5 | — | 2025-10-14 | Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. |
CVE-2025-37136 | Medium | 6.5 | — | 2025-10-14 | Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. |
CVE-2025-37135 | Medium | 6.5 | — | 2025-10-14 | Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. |
CVE-2025-37138 | Medium | 6.2 | — | 2025-10-14 | An authenticated command injection vulnerability exists in the command line interface binary of AOS-10 GW and AOS-8 Controllers/Mobility Conductor operating system. |
CVE-2025-37145 | Medium | 4.9 | — | 2025-10-14 | Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. |
CVE-2025-37144 | Medium | 4.9 | — | 2025-10-14 | Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. |
CVE-2025-37143 | Medium | 4.9 | — | 2025-10-14 | An arbitrary file download vulnerability exists in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. |
CVE-2025-37142 | Medium | 4.9 | — | 2025-10-14 | Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. |
CVE-2025-37141 | Medium | 4.9 | — | 2025-10-14 | Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. |
CVE-2025-37140 | Medium | 4.9 | — | 2025-10-14 | Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. |
Mediatek · 13 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-20720 | High | 8.8 | — | 2025-10-14 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. |
CVE-2025-20719 | High | 8.8 | — | 2025-10-14 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. |
CVE-2025-20712 | High | 8.8 | — | 2025-10-14 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. |
CVE-2025-20711 | High | 8.8 | — | 2025-10-14 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. |
CVE-2025-20710 | High | 8.8 | — | 2025-10-14 | In wlan AP driver, there is a possible out of bounds write due to an integer overflow. |
CVE-2025-20709 | High | 8.8 | — | 2025-10-14 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. |
CVE-2025-20718 | High | 7.8 | — | 2025-10-14 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. |
CVE-2025-20717 | High | 7.8 | — | 2025-10-14 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. |
CVE-2025-20716 | High | 7.8 | — | 2025-10-14 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. |
CVE-2025-20715 | High | 7.8 | — | 2025-10-14 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. |
CVE-2025-20714 | High | 7.8 | — | 2025-10-14 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. |
CVE-2025-20713 | High | 7.8 | — | 2025-10-14 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. |
CVE-2025-20724 | Medium | 5.5 | — | 2025-10-14 | In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. |
Rockwell Automation · 12 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-9063 | Critical | 9.8 | — | 2025-10-14 | An authentication bypass security issue exists within FactoryTalk View Machine Edition Web Browser ActiveX control. |
CVE-2025-7328 | Critical | 9.8 | — | 2025-10-14 | Multiple Broken Authentication security issues exist in the affected product. |
CVE-2025-9064 | Critical | 9.1 | — | 2025-10-14 | A path traversal security issue exists within FactoryTalk View Machine Edition, allowing unauthenticated attackers on the same network as the device to delete any file within the panels operating system. |
CVE-2025-9068 | High | 7.8 | — | 2025-10-14 | A security issue exists within the Rockwell Automation Driver Package x64 Microsoft Installer File (MSI) repair functionality, installed with FTLinx. |
CVE-2025-9067 | High | 7.8 | — | 2025-10-14 | A security issue exists within the x86 Microsoft Installer File (MSI), installed with FTLinx. |
CVE-2025-7330 | Medium | 6.5 | — | 2025-10-14 | A cross-site request forgery security issue exists in the product and version listed. |
CVE-2025-7329 | Medium | 4.8 | — | 2025-10-14 | A Stored Cross-Site Scripting security issue exists in the affected product that could potentially allow a malicious user to view and modify sensitive data or make the webpage unavailable. |
CVE-2025-9178 | — | — | — | 2025-10-14 | A denial-of-service security issue exists in the affected product and version. |
CVE-2025-9177 | — | — | — | 2025-10-14 | A denial-of-service security issue exists in the affected product and version. |
CVE-2025-9124 | — | — | — | 2025-10-14 | A denial-of-service security issue in the affected product. |
CVE-2025-9066 | — | — | — | 2025-10-14 | A security issue was discovered within FactoryTalk® ViewPoint, allowing unauthenticated attackers to achieve XXE. |
CVE-2025-9437 | — | — | — | 2025-10-14 | A security issue exists within the Studio 5000 Logix Designer add-on profile (AOP) for the ArmorStart Classic distributed motor controller, resulting in denial-of-service. |
Siemens · 12 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-40771 | Critical | 9.8 | — | 2025-10-14 | A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.4.24), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.4.24), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.4… |
CVE-2025-40765 | Critical | 9.8 | — | 2025-10-14 | A vulnerability has been identified in TeleControl Server Basic V3.1 (All versions >= V3.1.2.2 < V3.1.2.3). |
CVE-2025-40755 | High | 8.8 | — | 2025-10-14 | A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP1). |
CVE-2025-40812 | High | 7.8 | — | 2025-10-14 | A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 14), Solid Edge SE2025 (All versions < V225.0 Update 6). |
CVE-2025-40811 | High | 7.8 | — | 2025-10-14 | A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 14), Solid Edge SE2025 (All versions < V225.0 Update 6). |
CVE-2025-40810 | High | 7.8 | — | 2025-10-14 | A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 14), Solid Edge SE2025 (All versions < V225.0 Update 6). |
CVE-2025-40809 | High | 7.8 | — | 2025-10-14 | A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 14), Solid Edge SE2025 (All versions < V225.0 Update 6). |
CVE-2011-20001 | High | 7.5 | — | 2025-10-14 | A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family (incl. |
CVE-2025-40772 | High | 7.4 | — | 2025-10-14 | A vulnerability has been identified in SiPass integrated (All versions < V3.0). |
CVE-2011-20002 | High | 7.4 | — | 2025-10-14 | A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family (incl. |
CVE-2025-40774 | Medium | 4.4 | — | 2025-10-14 | A vulnerability has been identified in SiPass integrated (All versions < V3.0). |
CVE-2025-40773 | Low | 3.5 | — | 2025-10-14 | A vulnerability has been identified in SiPass integrated (All versions < V3.0). |
Neojapan Inc. · 10 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-52583 | Medium | 6.1 | — | 2025-10-16 | Reflected cross-site scripting (XSS) vulnerability in desknet's Web Server allows execution of arbitrary JavaScript in a user’s web browser. |
CVE-2025-58115 | Medium | 6.1 | — | 2025-10-16 | ChatLuck contains a cross-site scripting vulnerability in Guest User Sign-up. |
CVE-2025-55072 | Medium | 5.4 | — | 2025-10-16 | Stored cross-site scripting (XSS) vulnerability in desknet's NEO V2.0R1.0 to V9.0R2.0 allow execution of arbitrary JavaScript in a user’s web browser. |
CVE-2025-54760 | Medium | 5.4 | — | 2025-10-16 | Stored cross-site scripting (XSS) vulnerability in desknet's NEO V9.0R2.0 and earlier allow execution of arbitrary JavaScript in a user’s web browser. |
CVE-2025-24833 | Medium | 5.4 | — | 2025-10-16 | Stored cross-site scripting (XSS) vulnerability in desknet's NEO versions V4.0R1.0–V9.0R2.0 allow execution of arbitrary JavaScript in a user’s web browser. |
CVE-2025-53858 | Medium | 5.4 | — | 2025-10-16 | ChatLuck contains a cross-site scripting vulnerability in Chat Rooms. |
CVE-2025-54461 | Medium | 5.3 | — | 2025-10-16 | ChatLuck contains an insufficient granularity of access control vulnerability in Invitation of Guest Users. |
CVE-2025-54859 | Medium | 4.8 | — | 2025-10-16 | Stored cross-site scripting (XSS) vulnerability in desknet's NEO V9.0R2.0 and earlier allow execution of arbitrary JavaScript in a user’s web browser. |
CVE-2025-58426 | Medium | 4.3 | — | 2025-10-16 | desknet's NEO V4.0R1.0 to V9.0R2.0 contains a hard-coded cryptographic key, which allows an attacker to create malicious AppSuite applications. |
CVE-2025-58079 | Medium | 4.3 | — | 2025-10-16 | Improper Protection of Alternate Path (CWE-424) in the AppSuite of desknet's NEO V4.0R1.0 to V9.0R2.0 allows an attacker to create malicious AppSuite applications. |
Rbi · 10 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62645 | Critical | 9.9 | — | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows a remote authenticated attacker to obtain a token with administrative privileges for the entire platform via the createToken GraphQL mutation. |
CVE-2025-62650 | High | 8.3 | — | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 relies on client-side authentication for use of the diagnostic screen. |
CVE-2025-62651 | Medium | 6.5 | — | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 does not implement access control for the bathroom rating interface. |
CVE-2025-62648 | Medium | 6.4 | — | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows remote attackers to adjust Drive Thru speaker audio volume. |
CVE-2025-62649 | Medium | 5.8 | — | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 relies on client-side authentication for submission of equipment orders. |
CVE-2025-62642 | Medium | 5.8 | — | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 has an "Anyone Can Join This Party" signup API that does not verify user account creation, allowing a remote unauthenticated attacker to create a user account. |
CVE-2025-62647 | Medium | 5.0 | — | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 provides the functionality of returning a JWT that can be used to call an API to return a signed AWS upload URL, for any store's path. |
CVE-2025-62646 | Medium | 5.0 | — | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows remote attackers to review the stored audio of conversations between associates and Drive Thru customers. |
CVE-2025-62644 | Medium | 5.0 | — | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 has a Global Store Directory that shares personal information among authenticated users. |
CVE-2025-62643 | Low | 3.4 | — | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 transmits passwords of user accounts in cleartext e-mail messages. |
Centreon · 9 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-8459 | High | 7.7 | — | 2025-10-14 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Monitoring recurrent downtime scheduler modules) allows Stored XSS.This issue affects Infra Monitoring… |
CVE-2025-5946 | High | 7.2 | — | 2025-10-14 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Centreon Infra Monitoring (Poller reload setup in the configuration modules) allows OS Command Injection. |
CVE-2025-8430 | Medium | 6.8 | — | 2025-10-14 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Commands Connectors configuration modules) allows Stored XSS by users with elevated privileges. |
CVE-2025-8429 | Medium | 6.8 | — | 2025-10-14 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (ACL Action access configuration modules) allows Stored XSS by users with elevated privileges. |
CVE-2025-54893 | Medium | 6.8 | — | 2025-10-14 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Hosts templates configuration modules) allows Stored XSS by users with elevated privileges. |
CVE-2025-8428 | Medium | 6.8 | — | 2025-10-14 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (HTTP Loader widget modules) allows Stored XSS.This issue affects Infra Monitoring: from 24.10.0 before… |
CVE-2025-54892 | Medium | 6.8 | — | 2025-10-14 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (SNMP traps group configuration modules) allows Stored XSS by users with elevated privileges. |
CVE-2025-54891 | Medium | 6.8 | — | 2025-10-14 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (ACL Resource access configuration modules) allows Stored XSS by users with elevated privileges. |
CVE-2025-54889 | Medium | 6.8 | — | 2025-10-14 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (SNMP traps manufacturer configuration modules) allows Stored XSS by users with elevated privileges. |
Mozilla · 9 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11721 | Critical | 9.8 | — | 2025-10-14 | Memory safety bug present in Firefox 143 and Thunderbird 143. |
CVE-2025-11710 | Critical | 9.8 | — | 2025-10-14 | A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. |
CVE-2025-11709 | Critical | 9.8 | — | 2025-10-14 | A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. |
CVE-2025-11708 | Critical | 9.8 | — | 2025-10-14 | Use-after-free in MediaTrackGraphImpl::GetInstance(). |
CVE-2025-11715 | High | 8.8 | — | 2025-10-14 | Memory safety bugs present in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. |
CVE-2025-11714 | High | 8.8 | — | 2025-10-14 | Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. |
CVE-2025-11713 | High | 8.1 | — | 2025-10-14 | Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into executing unexpected code on Windows. |
CVE-2025-11711 | Medium | 6.5 | — | 2025-10-14 | There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable. |
CVE-2025-11712 | Medium | 6.1 | — | 2025-10-14 | A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. |
Sap_se · 9 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-42937 | Critical | 9.8 | — | 2025-10-14 | SAP Print Service (SAPSprint) performs insufficient validation of path information provided by users. |
CVE-2025-42910 | Critical | 9.0 | — | 2025-10-14 | Due to missing verification of file type or content, SAP Supplier Relationship Management allows an authenticated attacker to upload arbitrary files. |
CVE-2025-42908 | Medium | 5.4 | — | 2025-10-14 | Due to a Cross-Site Request Forgery (CSRF) vulnerability in SAP NetWeaver Application Server for ABAP, an authenticated attacker could initiate transactions directly via the session manager, bypassing the first transaction screen and the a… |
CVE-2025-42901 | Medium | 5.4 | — | 2025-10-14 | SAP Application Server for ABAP allows an authenticated attacker to store malicious JavaScript payloads which could be executed in victim user's browser when accessing the affected functionality of BAPI explorer. |
CVE-2025-42906 | Medium | 5.3 | — | 2025-10-14 | SAP Commerce Cloud contains a path traversal vulnerability that may allow users to access web applications such as the Administration Console from addresses where the Administration Console is not explicitly deployed. |
CVE-2025-42902 | Medium | 5.3 | — | 2025-10-14 | Due to the memory corruption vulnerability in SAP NetWeaver AS ABAP and ABAP Platform, an unauthenticated attacker can send a corrupted SAP Logon Ticket or SAP Assertion Ticket to the SAP application server. |
CVE-2025-42939 | Medium | 4.3 | — | 2025-10-14 | SAP S/4HANA (Manage Processing Rules - For Bank Statements) allows an authenticated attacker with basic privileges to delete conditions from any shared rule of any user by tampering the request parameter. |
CVE-2025-42903 | Medium | 4.3 | — | 2025-10-14 | A vulnerability in SAP Financial Service Claims Management RFC function ICL_USER_GET_NAME_AND_ADDRESS allows user enumeration and potential disclosure of personal data through response discrepancies, causing low impact on confidentiality w… |
CVE-2025-42909 | Low | 3.0 | — | 2025-10-14 | SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an insecure S/4HANA default profile setting in an existing SAP CAL appliances to gain access to other appliances. |
Hcl Software · 8 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-0277 | Medium | 6.5 | — | 2025-10-16 | HCL BigFix Mobile 3.3 and earlier are vulnerable to certain insecure directives within the Content Security Policy (CSP). |
CVE-2025-0276 | Medium | 6.5 | — | 2025-10-16 | HCL BigFix Modern Client Management (MCM) 3.3 and earlier are vulnerable to certain insecure directives within the Content Security Policy (CSP). |
CVE-2024-42192 | Medium | 5.5 | — | 2025-10-16 | HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage which could allow an attacker to access other computers or applications. |
CVE-2025-0275 | Medium | 5.3 | — | 2025-10-16 | HCL BigFix Mobile 3.3 and earlier is affected by improper access control. |
CVE-2025-0274 | Medium | 5.3 | — | 2025-10-16 | HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control. |
CVE-2025-31996 | Medium | 5.3 | — | 2025-10-13 | HCL Unica Platform is affected by unprotected files due to improper access controls. |
CVE-2025-31994 | Medium | 4.3 | — | 2025-10-13 | HCL Unica Campaign 12.1.10 is vulnerable to Reflected Cross-Site Scripting (XSS) where an attacker injects malicious script into an HTTP request, which is then reflected unsafely in the server's immediate response to the victim's browser… |
CVE-2025-31995 | Low | 3.5 | — | 2025-10-13 | HCL Unica MaxAI Workbench is vulnerable to improper input validation. |
Ilevia · 8 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-34516 | Critical | 9.8 | — | 2025-10-16 | Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a use of default credentials vulnerability that allows an unauthenticated attacker to obtain remote access. |
CVE-2025-34515 | Critical | 9.8 | — | 2025-10-16 | Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an execution with unnecessary privileges vulnerability in sync_project.sh that allows an attacker to escalate privileges to root. Ilevia has declined to service this vulnerabil… |
CVE-2025-34513 | Critical | 9.8 | — | 2025-10-16 | Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an OS command injection vulnerability in mbus_build_from_csv.php that allows an unauthenticated attacker to execute arbitrary code. Ilevia has declined to service this vulnerab… |
CVE-2025-34514 | High | 8.8 | — | 2025-10-16 | Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain authenticated OS command injection vulnerabilities in multiple web-accessible PHP scripts that call exec() and allow an authenticated attacker to execute arbitrary commands. Il… |
CVE-2025-34519 | High | 7.5 | — | 2025-10-16 | Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an insecure hashing algorithm vulnerability. The product stores passwords using the MD5 hash function without applying a per‑password salt. Because MD5 is a fast, unsalted hash… |
CVE-2025-34518 | High | 7.5 | — | 2025-10-16 | Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a relative path traversal vulnerability in get_file_content.php that allows an attacker to read arbitrary files. Ilevia has declined to service this vulnerability, and recommen… |
CVE-2025-34517 | High | 7.5 | — | 2025-10-16 | Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an absolute path traversal vulnerability in get_file_content.php that allows an attacker to read arbitrary files. Ilevia has declined to service this vulnerability, and recomme… |
CVE-2025-34512 | Medium | 6.1 | — | 2025-10-16 | Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a reflected cross-site scripting (XSS) vulnerability in index.php that allows an unauthenticated attacker to execute arbitrary script in the victim's browser. Ilevia has declin… |
Mattermost · 8 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-58075 | High | 8.1 | — | 2025-10-16 | Mattermost versions 10.11.x <= 10.11.1, 10.10.x <= 10.10.2, 10.5.x <= 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server… |
CVE-2025-58073 | High | 8.1 | — | 2025-10-16 | Mattermost versions 10.11.x <= 10.11.1, 10.10.x <= 10.10.2, 10.5.x <= 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server… |
CVE-2025-55035 | Medium | 6.1 | — | 2025-10-16 | Mattermost Desktop App versions <=5.13.0 fail to manage modals in the Mattermost Desktop App that stops a user with a server that uses basic authentication from accessing their server which allows an attacker that provides a malicious serv… |
CVE-2025-41410 | Medium | 5.4 | — | 2025-10-16 | Mattermost versions 10.10.x <= 10.10.2, 10.5.x <= 10.5.10, 10.11.x <= 10.11.2 fail to validate email ownership during Slack import process which allows attackers to create verified user accounts with arbitrary email domains via malicious S… |
CVE-2025-41443 | Medium | 4.3 | — | 2025-10-16 | Mattermost versions 10.5.x <= 10.5.12, 10.11.x <= 10.11.2 fail to properly validate guest user permissions when accessing channel information which allows guest users to discover active public channels and their metadata via the `/api/v4/t… |
CVE-2025-58084 | Low | 3.5 | — | 2025-10-13 | Mattermost Desktop App versions <= 5.13.0 fail to validate URLs external to the configured Mattermost servers, allowing an attacker on a server the user has configured to crash the user's application by sending the user a malformed URL. |
CVE-2025-54499 | Low | 3.1 | — | 2025-10-16 | Mattermost versions 10.5.x <= 10.5.10, 10.11.x <= 10.11.2 fail to use constant-time comparison for sensitive string comparisons which allows attackers to exploit timing oracles to perform byte-by-byte brute force attacks via response time… |
CVE-2025-10545 | Low | 3.1 | — | 2025-10-16 | Mattermost versions 10.5.x <= 10.5.10, 10.11.x <= 10.11.2 fail to properly validate guest user permissions when adding channel members which allows guest users to add any team members to their private channels via the `/api/v4/channels/{ch… |
Google · 7 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11717 | Critical | 9.1 | — | 2025-10-14 | When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. |
CVE-2025-11720 | High | 8.1 | — | 2025-10-14 | The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. |
CVE-2025-20723 | High | 7.8 | — | 2025-10-14 | In gnss driver, there is a possible out of bounds write due to an incorrect bounds check. |
CVE-2025-20721 | High | 7.8 | — | 2025-10-14 | In imgsensor, there is a possible out of bounds write due to a missing bounds check. |
CVE-2025-11718 | Medium | 6.5 | — | 2025-10-14 | When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange event. |
CVE-2025-11716 | Medium | 6.5 | — | 2025-10-14 | Links in a sandboxed iframe could open an external app on Android without the required "allow-" permission. |
CVE-2025-20722 | Medium | 5.5 | — | 2025-10-14 | In gnss driver, there is a possible out of bounds read due to an integer overflow. |
Labredescefetrj · 7 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62360 | High | 8.8 | — | 2025-10-13 | WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users.Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependente_documento.php endpoint, specifically in the id_… |
CVE-2025-62179 | High | 8.8 | — | 2025-10-13 | WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. |
CVE-2025-62177 | High | 8.8 | — | 2025-10-13 | WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. |
CVE-2025-62361 | Medium | 6.1 | — | 2025-10-13 | WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. |
CVE-2025-62359 | Medium | 6.1 | — | 2025-10-13 | WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. |
CVE-2025-62358 | Medium | 5.4 | — | 2025-10-13 | WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. |
CVE-2025-62178 | Low | 3.5 | — | 2025-10-13 | WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. |
Liferay · 7 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62251 | Medium | 6.5 | — | 2025-10-13 | Liferay Portal 7.3.0 through 7.4.3.119, and Liferay DXP 2023.Q3.1 through 2023.Q3.8, 2023.Q4.0 through 2023.Q4.5, 7.4 GA through update 92 and 7.3 GA though update 36 shows content to users who do not have permission to view it via the Men… |
CVE-2025-62246 | Medium | 5.4 | — | 2025-10-13 | Multiple stored cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, and o… |
CVE-2025-62243 | Medium | 5.4 | — | 2025-10-13 | Insecure direct object reference (IDOR) vulnerability in Publications in Liferay Portal 7.4.1 through 7.4.3.112, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92 allows remote authentic… |
CVE-2025-62252 | Medium | 4.3 | — | 2025-10-13 | Insecure Direct Object Reference (IDOR) vulnerability in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older… |
CVE-2025-62242 | Medium | 4.3 | — | 2025-10-13 | Insecure Direct Object Reference (IDOR) vulnerability with account addresses in Liferay Portal 7.4.3.4 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92 allows remote… |
CVE-2025-62241 | Medium | 4.3 | — | 2025-10-13 | Insecure Direct Object Reference (IDOR) vulnerability with shipment addresses in Liferay DXP 2023.Q4.1 through 2023.Q4.5 allows remote authenticated users to from one virtual instance to view the shipment addresses of different virtual ins… |
CVE-2025-62244 | Medium | 4.3 | — | 2025-10-13 | Insecure direct object reference (IDOR) vulnerability in Publications in Liferay Portal 7.3.1 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92, and 7.3 GA through upd… |
Quickjs · 7 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62496 | High | 8.8 | — | 2025-10-16 | A vulnerability exists in the QuickJS engine's BigInt string parsing logic (js_bigint_from_string) when attempting to create a BigInt from a string with an excessively large number of digits. |
CVE-2025-62495 | High | 8.8 | — | 2025-10-16 | An integer overflow vulnerability exists in the QuickJS regular expression engine (libregexp) due to an inconsistent representation of the bytecode buffer size. |
CVE-2025-62494 | High | 8.8 | — | 2025-10-16 | A type confusion vulnerability exists in the handling of the string addition (+) operation within the QuickJS engine. |
CVE-2025-62491 | High | 8.8 | — | 2025-10-16 | A Use-After-Free (UAF) vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises (ts->rejected_promise_list). |
CVE-2025-62490 | High | 8.8 | — | 2025-10-16 | In quickjs, in js_print_object, when printing an array, the function first fetches the array length and then loops over it. The issue is, printing a value is not side-effect free. |
CVE-2025-62493 | Medium | 6.5 | — | 2025-10-16 | A vulnerability exists in the QuickJS engine's BigInt string conversion logic (js_bigint_to_string1) due to an incorrect calculation of the required number of digits, which in turn leads to reading memory past the allocated BigInt structur… |
CVE-2025-62492 | Medium | 6.5 | — | 2025-10-16 | A vulnerability stemming from floating-point arithmetic precision errors exists in the QuickJS engine's implementation of TypedArray.prototype.indexOf() when a negative fromIndex argument is supplied. |
Shenzhen Ruiming Technology · 7 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11912 | Medium | 6.3 | — | 2025-10-17 | A flaw has been found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. |
CVE-2025-11911 | Medium | 6.3 | — | 2025-10-17 | A vulnerability was detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. |
CVE-2025-11910 | Medium | 6.3 | — | 2025-10-17 | A security vulnerability has been detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. |
CVE-2025-11909 | Medium | 6.3 | — | 2025-10-17 | A weakness has been identified in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. |
CVE-2025-11908 | Medium | 6.3 | — | 2025-10-17 | A security flaw has been discovered in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. |
CVE-2025-11914 | Medium | 4.3 | — | 2025-10-17 | A vulnerability was found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. |
CVE-2025-11913 | Medium | 4.3 | — | 2025-10-17 | A vulnerability has been found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. |
Oranbyte · 6 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11661 | High | 7.3 | — | 2025-10-13 | A vulnerability was found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. |
CVE-2025-11660 | High | 7.3 | — | 2025-10-13 | A vulnerability has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. |
CVE-2025-11659 | High | 7.3 | — | 2025-10-13 | A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. |
CVE-2025-11658 | High | 7.3 | — | 2025-10-13 | A vulnerability was detected in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. |
CVE-2025-11657 | High | 7.3 | — | 2025-10-13 | A security vulnerability has been detected in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. |
CVE-2025-11656 | High | 7.3 | — | 2025-10-13 | A weakness has been identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. |
Phoenix Contact · 6 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-41699 | High | 8.8 | — | 2025-10-14 | An low privileged remote attacker with an account for the Web-based management can change the system configuration to perform a command injection as root, resulting in a total loss of confidentiality, availability and integrity due to impr… |
CVE-2025-41703 | High | 7.5 | — | 2025-10-14 | An unauthenticated remote attacker can cause a Denial of Service by turning off the output of the UPS via Modbus command. |
CVE-2025-41705 | Medium | 6.8 | — | 2025-10-14 | An unauthenticated remote attacker (MITM) can intercept the websocket messages to gain access to the login credentials for the Webfrontend. |
CVE-2025-41707 | Medium | 5.3 | — | 2025-10-14 | The websocket handler is vulnerable to a denial of service condition. |
CVE-2025-41706 | Medium | 5.3 | — | 2025-10-14 | The webserver is vulnerable to a denial of service condition. |
CVE-2025-41704 | Medium | 5.3 | — | 2025-10-14 | An unauthanticated remote attacker can perform a DoS of the Modbus service by sending a specific function and sub-function code without affecting the core functionality. |
Apple · 5 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-54658 | High | 7.8 | — | 2025-10-16 | An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 throu… |
CVE-2025-43281 | High | 7.8 | — | 2025-10-15 | The issue was addressed with improved authentication. |
CVE-2025-43313 | Medium | 5.5 | — | 2025-10-15 | A logic issue was addressed with improved restrictions. |
CVE-2025-43282 | Medium | 5.5 | — | 2025-10-15 | A double free issue was addressed with improved memory management. |
CVE-2025-43280 | Medium | 4.7 | — | 2025-10-15 | The issue was resolved by not loading remote images. |
Bagisto · 5 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62417 | High | 7.8 | — | 2025-10-16 | Bagisto is an open source laravel eCommerce platform. |
CVE-2025-62418 | Medium | 6.9 | — | 2025-10-16 | Bagisto is an open source laravel eCommerce platform. |
CVE-2025-62415 | Medium | 6.9 | — | 2025-10-16 | Bagisto is an open source laravel eCommerce platform. |
CVE-2025-62414 | Medium | 6.9 | — | 2025-10-16 | Bagisto is an open source laravel eCommerce platform. |
CVE-2025-62416 | Medium | 5.1 | — | 2025-10-16 | Bagisto is an open source laravel eCommerce platform. |
Cisco · 5 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-20350 | High | 7.5 | — | 2025-10-15 | A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affect… |
CVE-2025-20359 | Medium | 6.5 | — | 2025-10-15 | Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the disclosure of possible sensitive data or cause the Snort 3 Detection Engine to crash. … |
CVE-2025-20351 | Medium | 6.1 | — | 2025-10-15 | A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user… |
CVE-2025-20360 | Medium | 5.8 | — | 2025-10-15 | Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulnerability is due to a lack of complete e… |
CVE-2025-20329 | Medium | 4.9 | — | 2025-10-15 | A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. |
Hewlett Packard Enterprise (Hpe) · 5 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-37146 | High | 7.2 | — | 2025-10-14 | A vulnerability in the web-based management interface of network access point configuration services could allow an authenticated remote attacker to perform remote command execution. |
CVE-2025-37147 | High | 7.1 | — | 2025-10-14 | A Secure Boot Bypass Vulnerability exists in affected Access Points that allows an adversary to bypass the hardware root of trust verification in place to ensure only vendor-signed firmware can execute on the device. |
CVE-2025-37148 | Medium | 6.5 | — | 2025-10-14 | A vulnerability in the parsing of ethernet frames in AOS-8 Instant and AOS 10 could allow an unauthenticated remote attacker to conduct a denial of service attack. |
CVE-2025-37139 | Medium | 6.0 | — | 2025-10-14 | A vulnerability in an AOS firmware binary allows an authenticated malicious actor to permanently delete necessary boot information. |
CVE-2025-37149 | Medium | 6.0 | — | 2025-10-14 | A potential out-of-bound reads vulnerability in HPE ProLiant RL300 Gen11 Server's UEFI firmware. |
Lenovo · 5 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-8486 | High | 7.8 | — | 2025-10-15 | A potential vulnerability was reported in PC Manager that could allow a local authenticated user to execute code with elevated privileges. |
CVE-2025-10581 | High | 7.8 | — | 2025-10-15 | A potential DLL hijacking vulnerability was discovered in the Lenovo PC Manager during an internal security assessment that could allow a local authenticated user to execute code with elevated privileges. |
CVE-2025-9548 | Medium | 5.5 | — | 2025-10-15 | A potential null pointer dereference vulnerability was reported in the Lenovo Power Management Driver that could allow a local authenticated user to cause a Windows blue screen error. |
CVE-2025-10699 | Medium | 5.3 | — | 2025-10-15 | A vulnerability was reported in the Lenovo LeCloud client application that, under certain conditions, could allow information disclosure. |
CVE-2025-6026 | Low | 3.1 | — | 2025-10-15 | An improper certificate validation vulnerability was reported in the Lenovo Universal Device Client (UDC) that could allow a user capable of intercepting network traffic to obtain application metadata, including device information, geoloca… |
Moxa · 5 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-6950 | — | — | — | 2025-10-17 | An Use of Hard-coded Credentials vulnerability has been identified in Moxa’s network security appliances and routers. |
CVE-2025-6949 | — | — | — | 2025-10-17 | An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. |
CVE-2025-6894 | — | — | — | 2025-10-17 | An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. |
CVE-2025-6893 | — | — | — | 2025-10-17 | An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. |
CVE-2025-6892 | — | — | — | 2025-10-17 | An Incorrect Authorization vulnerability has been identified in Moxa’s network security appliances and routers. |
Unknown · 5 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-9698 | Medium | 6.8 | — | 2025-10-13 | The Plus Addons for Elementor WordPress plugin before 6.3.16 does not sanitize SVG file contents, which could allow users with minimum role access as Author to perform Stored Cross-Site Scripting attacks. |
CVE-2025-10720 | Medium | 6.5 | — | 2025-10-13 | The WP Private Content Plus through 3.6.2 provides a global content protection feature that requires a password. |
CVE-2025-10357 | Medium | 6.1 | — | 2025-10-14 | The Simple SEO WordPress plugin before 2.0.32 does not sanitise and escape some parameters when outputing them in the page, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks. |
CVE-2025-10406 | Medium | 5.5 | — | 2025-10-15 | The BlindMatrix e-Commerce WordPress plugin before 3.1 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users, such as contributors, to perform LFI att… |
CVE-2025-8594 | Low | 3.8 | — | 2025-10-14 | The Pz-LinkCard WordPress plugin before 2.5.7 does not validate a parameter before making a request to it, which could allow users with a role as low as Contributor to perform SSRF attack. |
3ds · 4 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10558 | High | 8.7 | — | 2025-10-13 | A stored Cross-site Scripting (XSS) vulnerability affecting 3DSearch in 3DSwymer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session. |
CVE-2025-10557 | High | 8.7 | — | 2025-10-13 | A stored Cross-site Scripting (XSS) vulnerability affecting Issue Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script cod… |
CVE-2025-10556 | High | 8.7 | — | 2025-10-13 | A stored Cross-site Scripting (XSS) vulnerability affecting Specification Management in ENOVIA Specification Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code i… |
CVE-2025-10552 | High | 8.7 | — | 2025-10-13 | A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session. |
Ami · 4 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-33044 | High | 7.8 | — | 2025-10-14 | APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Restriction of Operations within the Bounds of a Memory Buffer by local means. |
CVE-2025-22832 | High | 7.8 | — | 2025-10-14 | APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. |
CVE-2025-22831 | High | 7.8 | — | 2025-10-14 | APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. |
CVE-2025-22833 | High | 7.3 | — | 2025-10-14 | APTIOV contains a vulnerability in BIOS where an attacker may cause a Buffer Copy without Checking Size of Input by local accessing. |
Apache · 4 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-54539 | Critical | 9.8 | — | 2025-10-16 | A Deserialization of Untrusted Data vulnerability exists in the Apache ActiveMQ NMS AMQP Client. |
CVE-2025-61581 | High | 7.5 | — | 2025-10-16 | ** UNSUPPORTED WHEN ASSIGNED ** Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. |
CVE-2025-55039 | Medium | 6.5 | — | 2025-10-15 | This issue affects Apache Spark versions before 3.4.4, 3.5.2 and 4.0.0. |
CVE-2024-44088 | Medium | 6.1 | — | 2025-10-14 | Malicious script injection ('Cross-site Scripting') vulnerability in Apache Geode web-api (REST). |
Chancms · 4 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11905 | Medium | 6.3 | — | 2025-10-17 | A vulnerability was found in yanyutao0402 ChanCMS up to 3.3.2. |
CVE-2025-11904 | Medium | 6.3 | — | 2025-10-17 | A vulnerability has been found in yanyutao0402 ChanCMS up to 3.3.2. |
CVE-2025-11903 | Medium | 6.3 | — | 2025-10-17 | A flaw has been found in yanyutao0402 ChanCMS up to 3.3.2. |
CVE-2025-11902 | Medium | 6.3 | — | 2025-10-17 | A vulnerability was detected in yanyutao0402 ChanCMS up to 3.3.2. |
Creativeitem · 4 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-56749 | Critical | 9.4 | — | 2025-10-15 | Creativeitem Academy LMS up to and including 6.14 uses a hardcoded default JWT secret for token signing. |
CVE-2025-56747 | Medium | 6.5 | — | 2025-10-14 | Creativeitem Academy LMS up to and including 5.13 contains a privilege escalation vulnerability in the Api_instructor controller where regular authenticated users can access instructor-only functions without proper role validation, allowin… |
CVE-2025-56748 | Medium | 6.4 | — | 2025-10-15 | Creativeitem Academy LMS up to and including 5.13 uses predictable password reset tokens based on Base64 encoded templates without rate limiting, allowing brute force attacks to guess valid reset tokens and compromise user accounts. |
CVE-2025-56746 | Low | 2.2 | — | 2025-10-15 | Creativeitem Academy LMS up to and including 5.13 does not regenerate session IDs upon successful authentication, enabling session fixation attacks where attackers can hijack user sessions by predetermining session identifiers. |
D-link · 4 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-34253 | Medium | 5.4 | — | 2025-10-16 | D-Link Nuclias Connect firmware versions <= 1.3.1.4 contain a stored cross-site scripting (XSS) vulnerability due to improper sanitization of the 'Network' field when editing the configuration, creating a profile, and adding a network. |
CVE-2025-34255 | Medium | 5.3 | — | 2025-10-16 | D-Link Nuclias Connect firmware versions <= 1.3.1.4 contain an observable response discrepancy vulnerability. The application's 'Forgot Password' endpoint returns distinct JSON responses depending on whether the supplied email address is a… |
CVE-2025-34254 | Medium | 5.3 | — | 2025-10-16 | D-Link Nuclias Connect firmware versions <= 1.3.1.4 contain an observable response discrepancy vulnerability. The application's 'Login' endpoint returns distinct JSON responses depending on whether the supplied username is associated with… |
CVE-2025-11665 | Medium | 4.7 | — | 2025-10-13 | A vulnerability was detected in D-Link DAP-2695 2.00RC131. |
Dataease · 4 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62422 | High | 8.8 | — | 2025-10-17 | DataEase is an open source data visualization and analytics platform. |
CVE-2025-62420 | High | 8.8 | — | 2025-10-17 | DataEase is a data visualization and analytics platform. |
CVE-2025-62419 | High | 7.5 | — | 2025-10-17 | DataEase is a data visualization and analytics platform. |
CVE-2025-62421 | Medium | 5.4 | — | 2025-10-17 | DataEase is a data visualization and analytics platform. |
Freepbx · 4 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-59429 | Medium | 5.4 | — | 2025-10-14 | FreePBX is an open source GUI for managing Asterisk. |
CVE-2025-61678 | — | — | — | 2025-10-14 | FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. |
CVE-2025-61675 | — | — | — | 2025-10-14 | FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. |
CVE-2025-59051 | — | — | — | 2025-10-14 | The FreePBX Endpoint Manager module includes a Network Scanning feature that provides web-based access to nmap functionality for network device discovery. |
Icinga · 4 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-61908 | Medium | 6.5 | — | 2025-10-16 | Icinga 2 is an open source monitoring system. |
CVE-2025-61907 | Medium | 6.5 | — | 2025-10-16 | Icinga 2 is an open source monitoring system. |
CVE-2025-61789 | Medium | 5.3 | — | 2025-10-16 | Icinga DB Web provides a graphical interface for Icinga monitoring. |
CVE-2025-61909 | Medium | 4.4 | — | 2025-10-16 | Icinga 2 is an open source monitoring system. |
Sergestec · 4 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-41018 | Critical | 9.8 | — | 2025-10-16 | SQL injection in Sergestec's Exito v8.0. |
CVE-2025-41020 | High | 7.5 | — | 2025-10-16 | Insecure direct object reference (IDOR) vulnerability in Sergestec's Exito v8.0. |
CVE-2025-41021 | Medium | 5.4 | — | 2025-10-16 | Stored Cross-Site Scripting (XSS) in Sergestec's Exito v8.0, consisting of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'obs' parameter in '/admin/index.php?action=product_update'. |
CVE-2025-41019 | — | — | — | 2025-10-16 | SQL injection in Sergestec's SISTICK v7.2. |
Strapi · 4 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2024-56143 | High | 8.2 | — | 2025-10-16 | Strapi is an open-source headless content management system. |
CVE-2025-53092 | Medium | 6.5 | — | 2025-10-16 | Strapi is an open source headless content management system. |
CVE-2025-25298 | Medium | 5.3 | — | 2025-10-16 | Strapi is an open source headless CMS. |
CVE-2025-3930 | — | — | — | 2025-10-16 | Strapi uses JSON Web Tokens (JWT) for authentication. |
The Wikimedia Foundation · 4 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62655 | — | — | — | 2025-10-17 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in The Wikimedia Foundation MediaWiki Cargo extension allows SQL Injection.This issue affects MediaWiki Cargo extension: 1.39, 1.43, 1.44. |
CVE-2025-62654 | — | — | — | 2025-10-17 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki QuizGame extension allows Stored XSS.This issue affects MediaWiki QuizGame extension: 1.39, 1.4… |
CVE-2025-62653 | — | — | — | 2025-10-17 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki PollNY extension allows Stored XSS.This issue affects MediaWiki PollNY extension: 1.39, 1.43, 1… |
CVE-2025-62652 | — | — | — | 2025-10-17 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki WebAuthn extension allows Stored XSS.This issue affects MediaWiki WebAuthn extension: 1.39, 1.4… |
Wso2 · 4 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-9152 | Critical | 9.8 | — | 2025-10-16 | An improper privilege management vulnerability exists in WSO2 API Manager due to missing authentication and authorization checks in the keymanager-operations Dynamic Client Registration (DCR) endpoint. |
CVE-2025-10611 | Critical | 9.8 | — | 2025-10-16 | Due to an insufficient access control implementation in multiple WSO2 Products, authentication and authorization checks for certain REST APIs can be bypassed, allowing them to be invoked without proper validation. |
CVE-2025-9804 | Critical | 9.6 | — | 2025-10-16 | An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. |
CVE-2025-9955 | Medium | 5.7 | — | 2025-10-16 | An improper access control vulnerability exists in WSO2 Enterprise Integrator product due to insufficient permission restrictions on internal SOAP admin services related to system logs and user-store configuration. |
Asus · 3 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-9337 | — | — | — | 2025-10-13 | A null pointer dereference has been identified in the AsIO3.sys driver. |
CVE-2025-9336 | — | — | — | 2025-10-13 | A stack buffer overflow has been identified in the AsIO3.sys driver. |
CVE-2025-9968 | — | — | — | 2025-10-13 | A link following vulnerability exists in the UnifyScanner component of Armoury Crate. |
Ericsson · 3 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-27258 | Critical | 9.8 | — | 2025-10-13 | Ericsson Network Manager (ENM) versions prior to ENM 25.1 GA contain a vulnerability, if exploited, can result in an escalation of privilege. |
CVE-2025-0636 | High | 8.4 | — | 2025-10-13 | EMCLI contains a high severity vulnerability where improper neutralization of special elements used in an OS command could be exploited leading to Arbitrary Code Execution. |
CVE-2025-27259 | Medium | 5.4 | — | 2025-10-13 | Ericsson Network Manager versions prior to ENM 25.2 GA contain a vulnerability that, if exploited, can exfiltrate limited data or redirect victims to other sites or domains. |
Joinmastodon · 3 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62176 | Medium | 4.3 | — | 2025-10-13 | Mastodon is a free, open-source social network server based on ActivityPub. |
CVE-2025-62175 | Medium | 4.3 | — | 2025-10-13 | Mastodon is a free, open-source social network server based on ActivityPub. |
CVE-2025-62174 | Low | 3.5 | — | 2025-10-13 | Mastodon is a free, open-source social network server based on ActivityPub. |
Librenms · 3 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62365 | Medium | 6.1 | — | 2025-10-13 | LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. |
CVE-2025-62411 | Medium | 5.5 | — | 2025-10-16 | LibreNMS is a community-based GPL-licensed network monitoring system. |
CVE-2025-62412 | Low | 3.8 | — | 2025-10-16 | LibreNMS is a community-based GPL-licensed network monitoring system. |
Macwarrior · 3 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62424 | Medium | 6.7 | — | 2025-10-17 | ClipBucket is a web-based video-sharing platform. |
CVE-2025-62423 | Medium | 6.7 | — | 2025-10-16 | ClipBucket V5 provides open source video hosting with PHP. |
CVE-2025-62430 | Medium | 5.4 | — | 2025-10-17 | ClipBucket v5 is an open source video sharing platform. |
Naver · 3 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62583 | Critical | 9.8 | — | 2025-10-16 | Whale Browser before 4.33.325.17 allows an attacker to escape the iframe sandbox in a dual-tab environment. |
CVE-2025-62585 | High | 7.5 | — | 2025-10-16 | Whale browser before 4.33.325.17 allows an attacker to bypass the Content Security Policy via a specific scheme in a dual-tab environment. |
CVE-2025-62584 | High | 7.5 | — | 2025-10-16 | Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual-tab environment. |
Nvidia · 3 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-23356 | High | 8.4 | — | 2025-10-14 | NVIDIA Isaac Lab contains a vulnerability in SB3 configuration parsing. |
CVE-2025-33182 | High | 7.6 | — | 2025-10-14 | NVIDIA Jetson Linux contains a vulnerability in UEFI, where improper authentication may allow a privileged user to cause corruption of the Linux Device Tree. |
CVE-2025-33177 | Medium | 5.5 | — | 2025-10-14 | NVIDIA Jetson Linux and IGX OS contain a vulnerability in NvMap, where improper tracking of memory allocations could allow a local attacker to cause memory overallocation. |
Prestashop · 3 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-61922 | Critical | 9.1 | — | 2025-10-16 | PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. |
CVE-2025-61923 | Medium | 4.1 | — | 2025-10-16 | PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. |
CVE-2025-61924 | Low | 3.8 | — | 2025-10-16 | PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. |
Rsupport Co., Ltd. · 3 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-26861 | High | 7.8 | — | 2025-10-15 | RemoteCall Remote Support Program (for Operator) versions prior to 5.3.0 contain an uncontrolled search path element vulnerability. |
CVE-2025-26860 | High | 7.8 | — | 2025-10-15 | RemoteCall Remote Support Program (for Operator) versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. |
CVE-2025-26859 | High | 7.8 | — | 2025-10-15 | RemoteView PC Application Console versions prior to 6.0.2 contain an uncontrolled search path element vulnerability. |
Utt · 3 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11653 | High | 8.8 | — | 2025-10-13 | A vulnerability was determined in UTT HiPER 2620G up to 3.1.4. |
CVE-2025-11652 | High | 8.8 | — | 2025-10-13 | A vulnerability was found in UTT 进取 518G up to V3v3.2.7-210919-161313. |
CVE-2025-11651 | High | 8.8 | — | 2025-10-13 | A vulnerability has been found in UTT 进取 518G up to V3v3.2.7-210919-161313. |
Apeman · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11852 | Medium | 5.3 | — | 2025-10-16 | A vulnerability was found in Apeman ID71 218.53.203.117. |
CVE-2025-11851 | Low | 3.5 | — | 2025-10-16 | A vulnerability has been found in Apeman ID71 EN75.8.53.20. |
Argoproj · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62156 | High | 8.1 | — | 2025-10-14 | Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. |
CVE-2025-62157 | Medium | 6.5 | — | 2025-10-14 | Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. |
Ascertia · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-56221 | Critical | 9.8 | — | 2025-10-17 | A lack of rate limiting in the login mechanism of SigningHub v8.6.8 allows attackers to bypass authentication via a brute force attack. |
CVE-2025-56218 | Critical | 9.8 | — | 2025-10-17 | An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file. |
Azure-access · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11832 | Critical | 9.8 | — | 2025-10-15 | Allocation of Resources Without Limits or Throttling vulnerability in Azure Access Technology BLU-IC2, Azure Access Technology BLU-IC4 allows Flooding.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. |
CVE-2025-11925 | Medium | 6.1 | — | 2025-10-17 | Incorrect Content-Type header in one of the APIs (`text/html` instead of `application/json`) replies may potentially allow injection of HTML/JavaScript into reply.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. |
Campcodes · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11664 | Medium | 4.7 | — | 2025-10-13 | A security vulnerability has been detected in Campcodes Online Beauty Parlor Management System 1.0. |
CVE-2025-11663 | Medium | 4.7 | — | 2025-10-13 | A weakness has been identified in Campcodes Online Beauty Parlor Management System 1.0. |
Code-projects · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11667 | Medium | 6.3 | — | 2025-10-13 | A vulnerability was found in code-projects Automated Voting System 1.0. |
CVE-2025-11668 | Medium | 4.7 | — | 2025-10-13 | A vulnerability was determined in code-projects Automated Voting System 1.0. |
Connectwise · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11492 | Critical | 9.6 | — | 2025-10-16 | In the ConnectWise Automate Agent, communications could be configured to use HTTP instead of HTTPS. |
CVE-2025-11493 | High | 8.8 | — | 2025-10-16 | The ConnectWise Automate Agent does not fully verify the authenticity of files downloaded from the server, such as updates, dependencies, and integrations. |
Delta Electronics · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62580 | High | 7.8 | — | 2025-10-16 | ASDA-Soft Stack-based Buffer Overflow Vulnerability |
CVE-2025-62579 | High | 7.8 | — | 2025-10-16 | ASDA-Soft Stack-based Buffer Overflow Vulnerability |
Ebm Technologies · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11672 | Medium | 5.3 | — | 2025-10-13 | Uniweb/SoliPACS WebServer developed by EBM Technologies has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access a specific page to obtain user group names. |
CVE-2025-11671 | Medium | 5.3 | — | 2025-10-13 | Uniweb/SoliPACS WebServer developed by EBM Technologies has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access a specific page to obtain information such as account names and IP addresses. |
Eladnava · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62380 | — | — | — | 2025-10-15 | mailgen is a Node.js package that generates responsive HTML e-mails for sending transactional mail. |
CVE-2025-62366 | — | — | — | 2025-10-14 | mailgen is a Node.js package that generates responsive HTML e-mails for sending transactional mail. |
Envoyproxy · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62409 | High | 7.5 | — | 2025-10-16 | Envoy is a cloud-native, open source edge and service proxy. |
CVE-2025-62504 | Medium | 6.5 | — | 2025-10-16 | Envoy is an open source edge and service proxy. |
Flowiseai · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-34267 | Critical | 9.9 | — | 2025-10-14 | Flowise v3.0.1 < 3.0.8 and all versions after with 'ALLOW_BUILTIN_DEP' enabled contain an authenticated remote code execution vulnerability and node VM sandbox escape due to insecure use of integrated modules (Puppeteer and Playwright) wit… |
CVE-2025-57164 | Medium | 6.5 | — | 2025-10-17 | Flowise through v3.0.4 is vulnerable to remote code execution via unsanitized evaluation of user input in the "Supabase RPC Filter" field. |
Flowring Technology · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11899 | High | 8.1 | — | 2025-10-17 | Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. |
CVE-2025-11898 | High | 7.5 | — | 2025-10-17 | Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files. |
Gnu · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11840 | Low | 3.3 | — | 2025-10-16 | A weakness has been identified in GNU Binutils 2.45. |
CVE-2025-11839 | Low | 3.3 | — | 2025-10-16 | A security flaw has been discovered in GNU Binutils 2.45. |
Hikvision · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2023-28815 | Critical | 9.8 | — | 2025-10-17 | Some versions of Hikvision's iSecure Center Product contain insufficient parameter validation, resulting in a command injection vulnerability. |
CVE-2023-28814 | Critical | 9.8 | — | 2025-10-17 | Some versions of Hikvision's iSecure Center Product have an improper file upload control vulnerability. |
Hp, Inc. · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10577 | — | — | — | 2025-10-15 | Potential vulnerabilities have been identified in the audio package for certain HP PC products using the Sound Research SECOMN64 driver, which might allow escalation of privilege. |
CVE-2025-10576 | — | — | — | 2025-10-15 | Potential vulnerabilities have been identified in the audio package for certain HP PC products using the Sound Research SECOMN64 driver, which might allow escalation of privilege. |
Ibm · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-36087 | High | 8.1 | — | 2025-10-13 | IBM Security Verify Access 10.0.0 through 10.0.9, 11.0.0, IBM Verify Identity Access Container 10.0.0 through 10.0.9, and 11.0.0, under certain configurations, contains hard-coded credentials, such as a password or cryptographic key, which… |
CVE-2025-2529 | Low | 2.9 | — | 2025-10-15 | Applications using affected versions of Ehcache 3.x can experience degraded cache-write performance if the application using Ehcache utilizes keys sourced from (malicious) external parties in an unfiltered/unsalted way. |
Kiloview · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-9265 | — | — | — | 2025-10-13 | A broken authorization vulnerability in Kiloview NDI N30 allows a remote unauthenticated attacker to deactivate user verification, giving them access to state changing actions that should only be initiated by administratorsThis issue affec… |
CVE-2025-8915 | — | — | — | 2025-10-13 | Hardcoded TLS private key and certificate in firmware in Kiloview N30 2.02.246 allows malicious adversary to do a Mann-in-the-middle attack via the network |
Letscms · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10038 | Medium | 6.5 | — | 2025-10-15 | The Binary MLM Plan plugin for WordPress is vulnerable to limited Privilege Escalation in all versions up to, and including, 3.0. |
CVE-2025-11895 | Medium | 4.3 | — | 2025-10-17 | The Binary MLM Plan plugin for WordPress is vulnerable to insecure direct object reference in versions up to, and including, 5.0. |
Myupb · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-61540 | Medium | 6.5 | — | 2025-10-16 | SQL injection vulnerability in Ultimate PHP Board 2.2.7 via the username field in lostpassword.php. |
CVE-2025-61539 | Medium | 6.1 | — | 2025-10-16 | Cross site scripting (XSS) vulnerability in Ultimate PHP Board 2.2.7 via the u_name parameter in lostpassword.php. |
Piextract · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11673 | High | 7.2 | — | 2025-10-13 | SOOP-CLM developed by PiExtract has a Hidden Functionality vulnerability, allowing privileged remote attackers to exploit a hidden functionality to execute arbitrary code on the server. |
CVE-2025-11674 | Medium | 6.8 | — | 2025-10-13 | SOOP-CLM developed by PiExtract has a Server-Side Request Forgery vulnerability, allowing privileged remote attackers to read server files or probe internal network information. |
Quicoto · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11701 | Medium | 5.3 | — | 2025-10-15 | The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check as well as missing post status validation in the za_create_zip_callback function in all versions up to, and including… |
CVE-2025-11692 | Medium | 5.3 | — | 2025-10-15 | The Zip Attachments plugin for WordPress is vulnerable to unauthorized loss of data due to a missing authorization and capability checks on the download.php file in all versions up to, and including, 1.6. |
Red Hat · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-9640 | Medium | 4.3 | — | 2025-10-15 | A flaw was found in Samba, in the vfs_streams_xattr module, where uninitialized heap memory could be written into alternate data streams. |
CVE-2025-11731 | Low | 3.1 | — | 2025-10-14 | A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func:result> elements during stylesheet parsing. |
Ricetheme · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10850 | Critical | 9.8 | — | 2025-10-16 | The Felan Framework plugin for WordPress is vulnerable to improper authentication in versions up to, and including, 1.1.4. |
CVE-2025-10849 | Medium | 5.3 | — | 2025-10-16 | The Felan Framework plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'process_plugin_actions' function called via an AJAX action in versions up to, and including, 1.1.4. |
Ruijie Networks Co., Ltd. · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-58778 | High | 7.2 | — | 2025-10-16 | Multiple versions of RG-EST300 provided by Ruijie Networks provide SSH server functionality. |
CVE-2023-7304 | — | — | — | 2025-10-15 | Ruijie RG-UAC Application Management Gateway contains a command injection vulnerability via the 'nmc_sync.php' interface. |
Siderolabs · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-61688 | High | 8.6 | — | 2025-10-13 | Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. |
CVE-2025-59836 | Medium | 5.3 | — | 2025-10-13 | Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. |
Tbenyon · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11177 | High | 7.5 | — | 2025-10-15 | The External Login plugin for WordPress is vulnerable to SQL Injection via the 'log' parameter in all versions up to, and including, 1.11.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t… |
CVE-2025-11196 | Medium | 4.3 | — | 2025-10-15 | The External Login plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.11.2 due to the 'exlog_test_connection' AJAX action lacking capability checks or nonce validation. |
Thingsboard · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-34282 | Critical | 9.1 | — | 2025-10-17 | ThingsBoard versions < 4.2.1 contain a server-side request forgery (SSRF) vulnerability in the dashboard's Image Upload Gallery feature. |
CVE-2025-34281 | Medium | 5.4 | — | 2025-10-17 | ThingsBoard in versions prior to v4.2.1 allows an authenticated user to upload malicious SVG images via the "Image Gallery", leading to a Stored Cross-Site Scripting (XSS) vulnerability. |
Vmware · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-41253 | High | 7.5 | — | 2025-10-16 | The following versions of Spring Cloud Gateway Server Webflux may be vulnerable to the ability to expose environment variables and system properties to attackers. |
CVE-2025-41254 | Medium | 4.3 | — | 2025-10-16 | STOMP over WebSocket applications may be vulnerable to a security bypass that allows an attacker to send unauthorized messages. |
Windsurf · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62353 | Critical | 9.8 | — | 2025-10-17 | A path traversal vulnerability in all versions of the Windsurf IDE enables a threat actor to read and write arbitrary local files in and outside of current projects on an end user’s system. |
CVE-2025-36730 | — | — | — | 2025-10-14 | A prompt injection vulnerability exists in Windsurft version 1.10.7 in Write mode using SWE-1 model. |
Wpbakery · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11161 | Medium | 6.4 | — | 2025-10-15 | The WPBakery Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the vc_custom_heading shortcode in all versions up to, and including, 8.6.1. |
CVE-2025-11160 | Medium | 6.4 | — | 2025-10-15 | The WPBakery Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom JS module in all versions up to, and including, 8.6.1. |
Zheny-creator · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62363 | High | 7.8 | — | 2025-10-13 | yt-grabber-tui is a terminal user interface application for downloading videos. |
CVE-2025-62511 | Medium | 6.3 | — | 2025-10-17 | yt-grabber-tui is a C++ terminal user interface application for downloading YouTube content. |
Zoom · 2 CVEs
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-58133 | Medium | 5.3 | — | 2025-10-15 | Authentication bypass in some Zoom Rooms Clients before version 6.5.1 may allow an unauthenticated user to conduct a disclosure of information via network access. |
CVE-2025-58132 | Medium | 4.1 | — | 2025-10-15 | Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access. |
8theme · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11746 | High | 8.8 | — | 2025-10-15 | The XStore theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 9.5.4 via theet_ajax_required_plugins_popup() function. |
Ajitdas · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10041 | Critical | 9.8 | — | 2025-10-15 | The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in thesave_qr_code_to_db() function in all versions up to, and including, 1.2.5. |
Akbrohi · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11365 | Medium | 6.5 | — | 2025-10-15 | The WP Google Map Plugin plugin for WordPress is vulnerable to blind SQL Injection via the 'id' parameter of the 'google_map' shortcode in all versions up to, and including, 1.0 due to insufficient escaping on the user supplied parameter a… |
Akin Software Computer Import Export Industry And Trade Co. Ltd. · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-9902 | High | 7.5 | — | 2025-10-13 | Authorization Bypass Through User-Controlled Key vulnerability in AKIN Software Computer Import Export Industry and Trade Co. |
Alloy-rs · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62370 | High | 7.5 | — | 2025-10-15 | Alloy Core libraries at the root of the Rust Ethereum ecosystem. |
Amazon · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62371 | High | 7.4 | — | 2025-10-15 | OpenSearch Data Prepper as an open source data collector for observability data. |
Amd · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-0033 | Medium | 6.0 | — | 2025-10-14 | Improper access control within AMD SEV-SNP could allow an admin privileged attacker to write to the RMP during SNP initialization, potentially resulting in a loss of SEV-SNP guest memory integrity. |
Andreiigna · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10140 | Medium | 6.4 | — | 2025-10-15 | The Quick Social Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'quick-login' shortcode in all versions up to, and including, 1.4.6 due to insufficient input sanitization and output escaping on use… |
Angeljudesuarez · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11736 | High | 7.3 | — | 2025-10-14 | A flaw has been found in itsourcecode Online Examination System 1.0. |
Angular · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62427 | — | — | — | 2025-10-16 | The Angular SSR is a server-rise rendering tool for Angular applications. |
Ash-project · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-48044 | — | — | — | 2025-10-17 | Incorrect Authorization vulnerability in ash-project ash allows Authentication Bypass. |
B&r Industrial Automation Gmbh · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11498 | Medium | 6.1 | — | 2025-10-14 | An Improper Neutralization of Formula Elements in a CSV File vulnerability exists in System Diagnostics Manager (SDM) of B&R Automation Runtime versions before 6.4 enabling a remote attacker to inject formula data into a generated CSV file. |
Blakeblackshear · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62382 | High | 7.7 | — | 2025-10-15 | Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. |
Brainstorm Force · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11814 | Medium | 6.4 | — | 2025-10-16 | The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to 3.21.1 (exclusive) due to insufficient input sanitization and output escaping. |
Brainstormforce · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10732 | Medium | 4.3 | — | 2025-10-14 | The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 1.12.1. |
Buffalo Inc. · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-61941 | High | 7.2 | — | 2025-10-15 | A path traversal issue exists in WXR9300BE6P series firmware versions prior to Ver.1.10. |
Bytevalue (Luoyang Baiwei Intelligent Technology Co., Ltd.) · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2023-7311 | — | — | — | 2025-10-15 | BYTEVALUE Intelligent Flow Control Router contains a command injection vulnerability via the /goform/webRead/open endpoint. The `path` parameter is not properly validated and is echoed into a shell context, allowing an attacker to inject a… |
Capricorn86 · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62410 | — | — | — | 2025-10-15 | In versions before 20.0.2, it was found that --disallow-code-generation-from-strings is not sufficient for isolating untrusted JavaScript in happy-dom. |
Cats Information Technology Software Development Technologies · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-6919 | Critical | 9.8 | — | 2025-10-13 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cats Information Technology Software Development Technologies Aykome License Tracking System allows SQL Injection. |
Ciscoheat · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62381 | — | — | — | 2025-10-15 | sveltekit-superforms makes SvelteKit forms a pleasure to use. |
Clevo · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11577 | High | 7.6 | — | 2025-10-14 | Clevo’s UEFI firmware update packages, including B10717.exe, inadvertently contained private signing keys used for Boot Guard and Boot Policy Manifest verification. |
Cridio Studio · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10706 | High | 8.8 | — | 2025-10-16 | The Classified Pro theme for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check in the 'cwp_addons_update_plugin_cb' function in all versions up to, and including, 1.0.14. |
Cyberlord92 · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10648 | Medium | 5.3 | — | 2025-10-15 | The YourMembership Single Sign On – YM SSO Login plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'moym_display_test_attributes' function in all versions up to, and including, 1.1.7… |
Dahua · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-31702 | Medium | 6.8 | — | 2025-10-15 | A vulnerability exists in certain Dahua embedded products. |
Dash8x · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10132 | Medium | 6.4 | — | 2025-10-15 | The Dhivehi Text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dhivehi' shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping on user supplied a… |
Dassault Systèmes · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-9976 | Critical | 9.0 | — | 2025-10-13 | An OS Command Injection vulnerability affecting Station Launcher App in 3DEXPERIENCE platform from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x could allow an attacker to execute arbitrary code on the user's machine. |
Dbl Technology (Dbltek) · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2017-20204 | — | — | — | 2025-10-15 | DBLTek GoIP devices (models GoIP 1, 4, 8, 16, and 32) contain an undocumented vendor backdoor in the Telnet administrative interface that allows remote authentication as an undocumented user via a proprietary challenge–response scheme whic… |
Dell · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-43991 | Medium | 6.3 | — | 2025-10-13 | SupportAssist for Home PCs versions 4.8.2 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain an UNIX Symbolic Link (Symlink) following vulnerability. |
Devolutions · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11619 | High | 8.8 | — | 2025-10-15 | Improper certificate validation when connecting to gateways in Devolutions Server 2025.3.2 and earlier allows attackers in MitM position to intercept traffic. |
Digiseller · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10141 | Medium | 6.4 | — | 2025-10-15 | The Digiseller plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ds' shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping on user supplied attribut… |
Drawing-captcha · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62428 | — | — | — | 2025-10-16 | Drawing-Captcha APP provides interactive, engaging verification for Web-Based Applications. |
Dreamstechnologies · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10742 | Critical | 9.8 | — | 2025-10-16 | The Truelysell Core plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 1.8.6. |
Eaton · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-59889 | High | 8.6 | — | 2025-10-14 | Improper authentication of library files in the Eaton IPP software installer could lead to arbitrary code execution of an attacker with the access to the software package. This security issue has been fixed in the latest version of IPP w… |
Eflyjason · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10194 | Medium | 6.4 | — | 2025-10-15 | The Shortcode Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'button' shortcode in all versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping on user suppl… |
Elastic · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-37729 | Critical | 9.1 | — | 2025-10-13 | Improper neutralization of special elements used in a template engine in Elastic Cloud Enterprise (ECE) can lead to a malicious actor with Admin access exfiltrating sensitive information and issuing commands via a specially crafted string… |
Element-hq · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62425 | High | 8.3 | — | 2025-10-16 | MAS (Matrix Authentication Service) is a user management and authentication service for Matrix homeservers, written and maintained by Element. |
Elemntor · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10700 | Medium | 4.3 | — | 2025-10-16 | The Ally – Web Accessibility & Usability plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.0. |
Emqx · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62413 | Medium | 6.1 | — | 2025-10-16 | MQTTX is an MQTT 5.0 desktop client and MQTT testing tool. |
Espocrm · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-59428 | Medium | 5.4 | — | 2025-10-14 | EspoCRM is an open source customer relationship management application. |
Falldeaf · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10135 | Medium | 6.4 | — | 2025-10-15 | The WP ViewSTL plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'viewstl' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied att… |
Flenskiproject · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10301 | Medium | 4.3 | — | 2025-10-15 | The FunKItools plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. |
Fmeaddons · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10300 | Medium | 4.3 | — | 2025-10-15 | The TopBar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. |
Frappe · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62407 | Medium | 6.1 | — | 2025-10-16 | Frappe is a full-stack web application framework. |
Geolocationtechnology · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10754 | High | 7.2 | — | 2025-10-15 | The DocoDoco Store Locator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the zip upload functionality in all versions up to, and including, 1.0.1. |
Git-lfs · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-26625 | — | — | — | 2025-10-17 | Git LFS is a Git extension for versioning large files. |
Gopiplushotmailcom · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10730 | Medium | 6.5 | — | 2025-10-15 | The Wp tabber widget plugin for WordPress is vulnerable to SQL Injection via the 'wp-tabber-widget' shortcode in all versions up to, and including, 4.0 due to insufficient escaping on the user supplied parameter and lack of sufficient prep… |
Gpp-woo · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62362 | — | — | — | 2025-10-13 | gpp-burgerportaal is a Dutch government citizen portal application. |
Gsayed786 · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-9967 | Critical | 9.8 | — | 2025-10-15 | The Orion SMS OTP Verification plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.7. |
Guangzhou Smart Software Co., Ltd. · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2023-7305 | — | — | — | 2025-10-15 | SmartBI V8, V9, and V10 contain an unrestricted file upload vulnerability via the RMIServlet request handling logic. |
Hakik · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10299 | High | 8.8 | — | 2025-10-15 | The WPBifröst – Instant Passwordless Temporary Login Links plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the ctl_create_link AJAX action in all versions up to, and including, 1.0.7. |
Hgiga · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11900 | Critical | 9.8 | — | 2025-10-17 | The iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server. |
Home-assistant · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62172 | — | — | — | 2025-10-14 | Home Assistant is open source home automation software that puts local control and privacy first. |
Huijietong · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2024-13991 | — | — | — | 2025-10-15 | Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an unauthenticated attacker can supply arbitrary file paths to the `fullPath` parameter of the `/fileDownload?action=downloadBackupFile` endpoint and retri… |
Ibi · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11548 | — | — | — | 2025-10-14 | A remote, unauthenticated privilege escalation in ibi WebFOCUS allows an attacker to gain administrative access to the application which may lead to unauthenticated Remote Code Execution |
Ikhodal · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11722 | High | 7.5 | — | 2025-10-15 | The Woocommerce Category and Products Accordion Panel plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0 via the 'categoryaccordionpanel' shortcode. |
Imagemagick · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62171 | Medium | 5.9 | — | 2025-10-17 | ImageMagick is an open source software suite for displaying, converting, and editing raster image files. |
In-toto · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62375 | — | — | — | 2025-10-15 | go-witness and witness are Go modules for generating attestations. |
Is-human Wordpress Plugin · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2011-10033 | — | — | — | 2025-10-15 | The WordPress plugin is-human <= v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' parameter is set to 'log-reset'. |
Ivycat · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10575 | Medium | 6.5 | — | 2025-10-15 | The WP jQuery Pager plugin for WordPress is vulnerable to SQL Injection via the 'ids' shortcode attribute parameter handled by the WPJqueryPaged::get_gallery_page_imgs() function in all versions up to, and including, 1.4.0 due to insuffici… |
Jankimoradiya · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10313 | High | 7.2 | — | 2025-10-15 | The Find And Replace content for WordPress plugin for WordPress is vulnerable to unauthorized Stored Cross-Site Scripting and Arbitrary Content Replacement due to a missing capability check on the far_admin_ajax_fun() function in all versi… |
Jason C. · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-48087 | Medium | 6.5 | — | 2025-10-17 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jason C. |
Jayce53 · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10310 | Medium | 4.9 | — | 2025-10-15 | The Rich Snippet Site Report plugin for WordPress is vulnerable to SQL Injection via the 'last' parameter in all versions up to, and including, 2.0.0105 due to insufficient escaping on the user supplied parameter and lack of sufficient pr… |
Jjlemstra · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10186 | Medium | 5.3 | — | 2025-10-15 | The WhyDonate – FREE Donate button – Crowdfunding – Fundraising plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the remove_row function in all versions up to, and including, 4.0.15. |
Keras · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-49655 | Critical | 9.8 | — | 2025-10-17 | Deserialization of untrusted data can occur in versions of the Keras framework running versions 3.11.0 up to but not including 3.11.3, enabling a maliciously uploaded Keras file containing a TorchModuleWrapper class to run arbitrary code o… |
Kybernetikservices · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11176 | Medium | 4.3 | — | 2025-10-15 | The Quick Featured Images plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 13.7.2 via the qfi_set_thumbnail and qfi_delete_thumbnail AJAX actions due to missing validation on a us… |
Langgenius · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-58747 | Medium | 6.1 | — | 2025-10-17 | Dify is an LLM application development platform. |
Latchset · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11568 | Medium | 4.4 | — | 2025-10-15 | A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. |
Llamaindex · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-7707 | High | 7.8 | — | 2025-10-13 | The llama_index library version 0.12.33 sets the NLTK data directory to a subdirectory of the codebase by default, which is world-writable in multi-user environments. |
Lobehub · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62505 | Low | 3.0 | — | 2025-10-17 | LobeChat is an open source chat application platform. |
Markomaksym · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11501 | High | 7.5 | — | 2025-10-15 | The Dynamically Display Posts plugin for WordPress is vulnerable to SQL Injection via the 'tax_query' parameter in all versions up to, and including, 1.1 due to insufficient escaping on the user supplied parameter and lack of sufficient pr… |
Marsupialtail · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62515 | Critical | 9.8 | — | 2025-10-17 | pyquokka is a framework for making data lakes work for time series. |
Maycorolbuche1 · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10743 | High | 7.5 | — | 2025-10-15 | The Outdoor plugin for WordPress is vulnerable to SQL Injection via the 'edit' action in all versions up to, and including, 1.3.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existin… |
Mayurik · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11662 | High | 7.3 | — | 2025-10-13 | A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. |
Mingsoft · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-56316 | Critical | 9.8 | — | 2025-10-17 | A SQL injection vulnerability in the content_title parameter of the /cms/content/list endpoint in MCMS 5.5.0 allows remote attackers to execute arbitrary SQL queries via unsanitized input in the FreeMarker template rendering. |
Minio · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62506 | High | 8.1 | — | 2025-10-16 | MinIO is a high-performance object storage system. |
Miunosoft · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10056 | Medium | 4.4 | — | 2025-10-15 | The Task Scheduler plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.3 via the “Check Website” task. |
Mongodb · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11695 | High | 8.0 | — | 2025-10-13 | When tlsInsecure=False appears in a connection string, certificate validation is disabled. |
Murrelektronik · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-41718 | High | 7.5 | — | 2025-10-14 | A cleartext transmission of sensitive information vulnerability in the affected products allows an unauthorized remote attacker to gain login credentials and access the Web-UI. |
Netty · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-59419 | — | — | — | 2025-10-15 | Netty is an asynchronous, event-driven network application framework. |
Nexist · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10293 | High | 8.8 | — | 2025-10-15 | The Keyy Two Factor Authentication (like Clef) plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.2.3. |
Nextcloud · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-58051 | Medium | 6.5 | — | 2025-10-16 | Nextcloud Tables allows you to create your own tables with individual columns. |
Nicholasbosch · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10660 | Medium | 6.5 | — | 2025-10-15 | The WP Dashboard Chat plugin for WordPress is vulnerable to SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on… |
Nucleoidai · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11864 | High | 7.3 | — | 2025-10-16 | A vulnerability was identified in NucleoidAI Nucleoid up to 0.7.10. |
Oceanpayment · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11728 | Medium | 5.3 | — | 2025-10-15 | The Oceanpayment CreditCard Gateway plugin for WordPress is vulnerable to unauthenticated and unauthorized modification of data due to missing authentication and capability checks on the 'return_payment' and 'notice_payment' functions in a… |
Oct8ne · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10869 | Medium | 6.1 | — | 2025-10-15 | Stored Cross-site Scripting (XSS) in Oct8ne Chatbot v2.3. |
Onofficeweb · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10045 | Medium | 4.9 | — | 2025-10-15 | The onOffice for WP-Websites plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 6.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient prepa… |
Oobabooga · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62364 | Medium | 6.2 | — | 2025-10-13 | text-generation-webui is an open-source web interface for running Large Language Models. |
Openbao · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-59043 | High | 7.5 | — | 2025-10-17 | OpenBao is an open source identity-based secrets management system. |
Opexus · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62586 | Critical | 9.8 | — | 2025-10-16 | OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password. |
Ovatheme · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-8561 | Medium | 6.4 | — | 2025-10-15 | The Ova Advent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping on user supplied attributes. |
Owthub · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10303 | Medium | 4.3 | — | 2025-10-15 | The Library Management System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the owt7_library_management_ajax_handler() function in all versions up to, and including, 3.1. |
Parse-community · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62374 | Medium | 6.4 | — | 2025-10-14 | Parse Javascript SDK provides access to the powerful Parse Server backend from your JavaScript app. |
Pebas · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-6042 | High | 7.3 | — | 2025-10-15 | The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.4.0. |
Pega · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-9559 | Medium | 6.5 | — | 2025-10-16 | Pega Platform versions 8.7.5 to Infinity 24.2.2 are affected by a Insecure Direct Object Reference issue in a user interface component that can only be used to read data. |
Pwncollege · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62376 | — | — | — | 2025-10-14 | pwn.college DOJO is an education platform for learning cybersecurity. |
Qgis · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11183 | — | — | — | 2025-10-13 | Cross-Site Scripting vulnerability in attribute table in QGIS QWC2 <2025.08.14 allows an authorized attacker to plant arbitrary JavaScript code in the page |
Qodo · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62356 | High | 7.5 | — | 2025-10-17 | A path traversal vulnerability in all versions of the Qodo Qodo Gen IDE enables a threat actor to read arbitrary local files in and outside of current projects on an end user’s system. |
Qwc-services · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11184 | — | — | — | 2025-10-13 | Cross-site scripting vulnerability in QGIS QWC2 Registration GUI <=v2025.03.31 allows an authorized attacker to plant arbitrary JavaScript code in the page |
Ragic · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11675 | High | 7.2 | — | 2025-10-13 | Enterprise Cloud Database developed by Ragic has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server. |
Rathena · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62170 | High | 7.5 | — | 2025-10-13 | rAthena is an open-source cross-platform MMORPG server. |
Reflex-dev · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62379 | Low | 3.1 | — | 2025-10-15 | Reflex is a library to build full-stack web apps in pure Python. |
Remko · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10139 | Medium | 6.4 | — | 2025-10-15 | The WP BookWidgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bw_link' shortcode in all versions up to, and including, 0.9 due to insufficient input sanitization and output escaping on user supplied… |
Rolantis Information Technologies · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10228 | High | 8.8 | — | 2025-10-14 | Session Fixation vulnerability in Rolantis Information Technologies Agentis allows Session Hijacking. |
Salamzadeh · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10133 | Medium | 6.4 | — | 2025-10-15 | The URLYar URL Shortner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'urlyar_shortlink' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping… |
Sfs Consulting Information Processing Industry And Foreign Trade Inc. · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10610 | Critical | 9.8 | — | 2025-10-14 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SFS Consulting Information Processing Industry and Foreign Trade Inc. |
Shazwazza · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11842 | Medium | 6.3 | — | 2025-10-16 | A security vulnerability has been detected in Shazwazza Smidge up to 4.5.1. |
Silabs.com · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-8414 | — | — | — | 2025-10-17 | Due to improper input validation, a buffer overflow vulnerability is present in Zigbee EZSP Host Applications. |
Sismics · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11853 | Medium | 6.3 | — | 2025-10-16 | A vulnerability was determined in Sismics Teedy up to 1.11. |
Squid-cache · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62168 | Critical | 10.0 | — | 2025-10-17 | Squid is a caching proxy for the Web. |
Starcitizentools · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62508 | Medium | 6.5 | — | 2025-10-17 | Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. |
Steadycontent · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10486 | Medium | 5.3 | — | 2025-10-15 | The Content Writer plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.8 through publicly exposed log files. |
Steve-forster · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10312 | Medium | 4.3 | — | 2025-10-15 | The Theme Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. |
Tariffuxx · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10682 | Medium | 6.5 | — | 2025-10-15 | The TARIFFUXX plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.4. |
Tenda · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11666 | Medium | 6.7 | — | 2025-10-13 | A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. |
The Qt Company · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-6338 | — | — | — | 2025-10-16 | There is an incomplete cleanup vulnerability in Qt Network's Schannel support on Windows which can lead to a Denial of Service over a long period.This issue affects Qt from 5.15.0 through 6.8.3, from 6.9.0 before 6.9.2. |
Themeinwp · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10051 | High | 7.2 | — | 2025-10-15 | The Demo Import Kit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.1.0 via the import functionality. |
Toddr · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11683 | Medium | 6.5 | — | 2025-10-16 | YAML::Syck versions before 1.36 for Perl has missing null-terminators which causes out-of-bounds read and potential information disclosure Missing null terminators in token.c leads to but-of-bounds read which allows adjacent variable to b… |
Total.js · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11655 | Medium | 4.7 | — | 2025-10-13 | A security flaw has been discovered in Total.js Flow up to 673ef9144dd25d4f4fd4fdfda5af27f230198924. |
Underctrl-io · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-62378 | Medium | 6.1 | — | 2025-10-15 | CommandKit is the discord.js meta-framework for building Discord bots. |
Valve Software · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2017-20205 | — | — | — | 2025-10-15 | Valve's Source SDK (source-sdk-2013)'s ragdoll model parsing logic contains a stack-based buffer overflow vulnerability.The tokenizer function `nexttoken` copies characters from an input string into a fixed-size stack buffer without perfor… |
Vesta · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2018-25117 | — | — | — | 2025-10-15 | VestaCP commit a3f0fa1 (2018-05-31) up to commit ee03eff (2018-06-13) contain embedded malicious code that resulted in a supply-chain compromise. |
Victornavarro · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-10294 | Critical | 9.8 | — | 2025-10-15 | The OwnID Passwordless Login plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.3.4. |
Whimsies-yat · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-61775 | — | — | — | 2025-10-13 | Vickey is a Misskey-based microblogging platform. |
Xmlunit · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2024-31573 | Medium | 4.0 | — | 2025-10-17 | XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet (used for an XSLT transformation), because XSLT extension functions are enabled. |
Xpdf · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11896 | — | — | — | 2025-10-16 | In Xpdf 4.05 (and earlier), a PDF object loop in a CMap, via the "UseCMap" entry, leads to infinite recursion and a stack overflow. |
Yousaf530 · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-11654 | High | 7.3 | — | 2025-10-13 | A vulnerability was identified in yousaf530 Inferno Online Clothing Store up to 827dd42bfbe380e8de76fdc67958c24cf1246208. |
Zte · 1 CVE
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-46581 | Critical | 9.8 | — | 2025-10-14 | ZTE's ZXCDN product is affected by a Struts remote code execution (RCE) vulnerability. |