CVE-2025-47578 - Twitter Follow Button Cross-site Scripting Vulnerability
CVE ID : CVE-2025-47578
Published : May 12, 2025, 4:15 p.m. | 57 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Edward Caissie BNS Twitter Follow Button allows DOM-Based XSS.This issue affects BNS Twitter Follow Button: from n/a through 0.3.8.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47578
Published : May 12, 2025, 4:15 p.m. | 57 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Edward Caissie BNS Twitter Follow Button allows DOM-Based XSS.This issue affects BNS Twitter Follow Button: from n/a through 0.3.8.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3632 - IBM 4769 Developers Toolkit Buffer Overflow Denial of Service
CVE ID : CVE-2025-3632
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : IBM 4769 Developers Toolkit 7.0.0 through 7.5.52 could allow a remote attacker to cause a denial of service in the Hardware Security Module (HSM) due to improper memory allocation of an excessive size.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3632
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : IBM 4769 Developers Toolkit 7.0.0 through 7.5.52 could allow a remote attacker to cause a denial of service in the Hardware Security Module (HSM) due to improper memory allocation of an excessive size.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-45779 - Tenda AC10 Unauthenticated Buffer Overflow
CVE ID : CVE-2025-45779
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : Tenda AC10 V1.0re_V15.03.06.46 is vulnerable to Buffer Overflow in the formSetPPTPUserList handler via the list POST parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-45779
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : Tenda AC10 V1.0re_V15.03.06.46 is vulnerable to Buffer Overflow in the formSetPPTPUserList handler via the list POST parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46739 - Adobe Acrobat Authentication Bypass
CVE ID : CVE-2025-46739
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An unauthenticated user could discover account credentials via a brute-force attack without rate limiting
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46739
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An unauthenticated user could discover account credentials via a brute-force attack without rate limiting
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46740 - Adobe Acrobat Account Name Manipulation Vulnerability
CVE ID : CVE-2025-46740
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user without user administrative permissions could change the administrator Account Name.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46740
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user without user administrative permissions could change the administrator Account Name.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46741 - Blueframe Session Fixation Vulnerability
CVE ID : CVE-2025-46741
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : A suspended or recently logged-out user could continue to interact with Blueframe until the time-out period occurred.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46741
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : A suspended or recently logged-out user could continue to interact with Blueframe until the time-out period occurred.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46742 - Oracle WebLogic Server Authentication Bypass
CVE ID : CVE-2025-46742
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : Users who were required to change their password could still access system information before changing their password
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46742
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : Users who were required to change their password could still access system information before changing their password
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46743 - Apache HTTP Server Session Token Reuse
CVE ID : CVE-2025-46743
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user's token could be used by another source after the user had logged out prior to the token expiring.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46743
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user's token could be used by another source after the user had logged out prior to the token expiring.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46744 - Apache Struts Username Manipulation
CVE ID : CVE-2025-46744
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated administrator could modify the Created By username for a user account
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46744
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated administrator could modify the Created By username for a user account
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46745 - Apache User Account Information Disclosure
CVE ID : CVE-2025-46745
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user without user-management permissions could view other users' account information.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46745
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user without user-management permissions could view other users' account information.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46746 - Citrix SharePoint Information Disclosure
CVE ID : CVE-2025-46746
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An administrator could discover another account's credentials.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46746
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An administrator could discover another account's credentials.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46747 - Adobe Acrobat Information Disclosure Vulnerability
CVE ID : CVE-2025-46747
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user without user-management permissions could identify other user accounts.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46747
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user without user-management permissions could identify other user accounts.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46748 - Apache Password Change Vulnerability
CVE ID : CVE-2025-46748
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user attempting to change their password could do so without using the current password.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46748
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user attempting to change their password could do so without using the current password.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46749 - Apache Struts XSS
CVE ID : CVE-2025-46749
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46749
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46750 - SELogic BIOS Password Bypass Vulnerability
CVE ID : CVE-2025-46750
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : SEL BIOS packages prior to 1.3.49152.117 or 2.6.49152.98 allow a local attacker to bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file with no password set.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46750
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : SEL BIOS packages prior to 1.3.49152.117 or 2.6.49152.98 allow a local attacker to bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file with no password set.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-34732 - Flytxt NEON-dX Password Brute Force Vulnerability
CVE ID : CVE-2023-34732
Published : May 12, 2025, 6:15 p.m. | 2 hours, 58 minutes ago
Description : An issue in the userId parameter in the change password function of Flytxt NEON-dX v0.0.1-SNAPSHOT-6.9-qa-2-9-g5502a0c allows attackers to execute brute force attacks to discover user passwords.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-34732
Published : May 12, 2025, 6:15 p.m. | 2 hours, 58 minutes ago
Description : An issue in the userId parameter in the change password function of Flytxt NEON-dX v0.0.1-SNAPSHOT-6.9-qa-2-9-g5502a0c allows attackers to execute brute force attacks to discover user passwords.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-44175 - "Tenda AC10 Buffer Overflow Vulnerability"
CVE ID : CVE-2025-44175
Published : May 12, 2025, 6:15 p.m. | 2 hours, 58 minutes ago
Description : Tenda AC10 v4 V16.03.10.13 is vulnerable to Buffer Overflow in the GetParentControlInfo function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-44175
Published : May 12, 2025, 6:15 p.m. | 2 hours, 58 minutes ago
Description : Tenda AC10 v4 V16.03.10.13 is vulnerable to Buffer Overflow in the GetParentControlInfo function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-44176 - Tenda FH451 Unauthenticated Remote Code Execution Vulnerability
CVE ID : CVE-2025-44176
Published : May 12, 2025, 6:15 p.m. | 2 hours, 58 minutes ago
Description : Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-44176
Published : May 12, 2025, 6:15 p.m. | 2 hours, 58 minutes ago
Description : Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-4981 - Pagure Git Repository Symbolic Link Exfiltration
CVE ID : CVE-2024-4981
Published : May 12, 2025, 7:15 p.m. | 1 hour, 58 minutes ago
Description : A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show incorporate and make visible content from outside the git repo.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-4981
Published : May 12, 2025, 7:15 p.m. | 1 hour, 58 minutes ago
Description : A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show incorporate and make visible content from outside the git repo.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-4982 - Pagure Git Directory Traversal Vulnerability
CVE ID : CVE-2024-4982
Published : May 12, 2025, 7:15 p.m. | 1 hour, 58 minutes ago
Description : A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-4982
Published : May 12, 2025, 7:15 p.m. | 1 hour, 58 minutes ago
Description : A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-55466 - ThingsBoard Image Gallery Remote Code Execution
CVE ID : CVE-2024-55466
Published : May 12, 2025, 7:15 p.m. | 1 hour, 58 minutes ago
Description : An arbitrary file upload vulnerability in the Image Gallery of ThingsBoard Community, ThingsBoard Cloud and ThingsBoard Professional v3.8.1 allows attackers to execute arbitrary code via uploading a crafted file.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-55466
Published : May 12, 2025, 7:15 p.m. | 1 hour, 58 minutes ago
Description : An arbitrary file upload vulnerability in the Image Gallery of ThingsBoard Community, ThingsBoard Cloud and ThingsBoard Professional v3.8.1 allows attackers to execute arbitrary code via uploading a crafted file.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...