CVE-2025-46741 - Blueframe Session Fixation Vulnerability
CVE ID : CVE-2025-46741
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : A suspended or recently logged-out user could continue to interact with Blueframe until the time-out period occurred.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46741
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : A suspended or recently logged-out user could continue to interact with Blueframe until the time-out period occurred.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46742 - Oracle WebLogic Server Authentication Bypass
CVE ID : CVE-2025-46742
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : Users who were required to change their password could still access system information before changing their password
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46742
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : Users who were required to change their password could still access system information before changing their password
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46743 - Apache HTTP Server Session Token Reuse
CVE ID : CVE-2025-46743
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user's token could be used by another source after the user had logged out prior to the token expiring.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46743
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user's token could be used by another source after the user had logged out prior to the token expiring.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46744 - Apache Struts Username Manipulation
CVE ID : CVE-2025-46744
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated administrator could modify the Created By username for a user account
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46744
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated administrator could modify the Created By username for a user account
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46745 - Apache User Account Information Disclosure
CVE ID : CVE-2025-46745
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user without user-management permissions could view other users' account information.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46745
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user without user-management permissions could view other users' account information.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46746 - Citrix SharePoint Information Disclosure
CVE ID : CVE-2025-46746
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An administrator could discover another account's credentials.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46746
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An administrator could discover another account's credentials.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46747 - Adobe Acrobat Information Disclosure Vulnerability
CVE ID : CVE-2025-46747
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user without user-management permissions could identify other user accounts.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46747
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user without user-management permissions could identify other user accounts.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46748 - Apache Password Change Vulnerability
CVE ID : CVE-2025-46748
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user attempting to change their password could do so without using the current password.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46748
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user attempting to change their password could do so without using the current password.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46749 - Apache Struts XSS
CVE ID : CVE-2025-46749
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46749
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46750 - SELogic BIOS Password Bypass Vulnerability
CVE ID : CVE-2025-46750
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : SEL BIOS packages prior to 1.3.49152.117 or 2.6.49152.98 allow a local attacker to bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file with no password set.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46750
Published : May 12, 2025, 5:15 p.m. | 3 hours, 58 minutes ago
Description : SEL BIOS packages prior to 1.3.49152.117 or 2.6.49152.98 allow a local attacker to bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file with no password set.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-34732 - Flytxt NEON-dX Password Brute Force Vulnerability
CVE ID : CVE-2023-34732
Published : May 12, 2025, 6:15 p.m. | 2 hours, 58 minutes ago
Description : An issue in the userId parameter in the change password function of Flytxt NEON-dX v0.0.1-SNAPSHOT-6.9-qa-2-9-g5502a0c allows attackers to execute brute force attacks to discover user passwords.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-34732
Published : May 12, 2025, 6:15 p.m. | 2 hours, 58 minutes ago
Description : An issue in the userId parameter in the change password function of Flytxt NEON-dX v0.0.1-SNAPSHOT-6.9-qa-2-9-g5502a0c allows attackers to execute brute force attacks to discover user passwords.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-44175 - "Tenda AC10 Buffer Overflow Vulnerability"
CVE ID : CVE-2025-44175
Published : May 12, 2025, 6:15 p.m. | 2 hours, 58 minutes ago
Description : Tenda AC10 v4 V16.03.10.13 is vulnerable to Buffer Overflow in the GetParentControlInfo function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-44175
Published : May 12, 2025, 6:15 p.m. | 2 hours, 58 minutes ago
Description : Tenda AC10 v4 V16.03.10.13 is vulnerable to Buffer Overflow in the GetParentControlInfo function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-44176 - Tenda FH451 Unauthenticated Remote Code Execution Vulnerability
CVE ID : CVE-2025-44176
Published : May 12, 2025, 6:15 p.m. | 2 hours, 58 minutes ago
Description : Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-44176
Published : May 12, 2025, 6:15 p.m. | 2 hours, 58 minutes ago
Description : Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-4981 - Pagure Git Repository Symbolic Link Exfiltration
CVE ID : CVE-2024-4981
Published : May 12, 2025, 7:15 p.m. | 1 hour, 58 minutes ago
Description : A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show incorporate and make visible content from outside the git repo.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-4981
Published : May 12, 2025, 7:15 p.m. | 1 hour, 58 minutes ago
Description : A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show incorporate and make visible content from outside the git repo.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-4982 - Pagure Git Directory Traversal Vulnerability
CVE ID : CVE-2024-4982
Published : May 12, 2025, 7:15 p.m. | 1 hour, 58 minutes ago
Description : A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-4982
Published : May 12, 2025, 7:15 p.m. | 1 hour, 58 minutes ago
Description : A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-55466 - ThingsBoard Image Gallery Remote Code Execution
CVE ID : CVE-2024-55466
Published : May 12, 2025, 7:15 p.m. | 1 hour, 58 minutes ago
Description : An arbitrary file upload vulnerability in the Image Gallery of ThingsBoard Community, ThingsBoard Cloud and ThingsBoard Professional v3.8.1 allows attackers to execute arbitrary code via uploading a crafted file.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-55466
Published : May 12, 2025, 7:15 p.m. | 1 hour, 58 minutes ago
Description : An arbitrary file upload vulnerability in the Image Gallery of ThingsBoard Community, ThingsBoard Cloud and ThingsBoard Professional v3.8.1 allows attackers to execute arbitrary code via uploading a crafted file.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47682 - Cozy Vision Technologies Pvt. Ltd. SMS Alert Order Notifications – WooCommerce SQL Injection
CVE ID : CVE-2025-47682
Published : May 12, 2025, 7:15 p.m. | 1 hour, 58 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision Technologies Pvt. Ltd. SMS Alert Order Notifications – WooCommerce allows SQL Injection.This issue affects SMS Alert Order Notifications – WooCommerce: from n/a through 3.8.2.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47682
Published : May 12, 2025, 7:15 p.m. | 1 hour, 58 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision Technologies Pvt. Ltd. SMS Alert Order Notifications – WooCommerce allows SQL Injection.This issue affects SMS Alert Order Notifications – WooCommerce: from n/a through 3.8.2.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-1079 - Google Web Designer Unvalidated Symbolic Link Resolution Remote Code Execution Vulnerability
CVE ID : CVE-2025-1079
Published : May 12, 2025, 8:15 p.m. | 58 minutes ago
Description : Client RCE on macOS and Linux via improper symbolic link resolution in Google Web Designer's preview feature
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-1079
Published : May 12, 2025, 8:15 p.m. | 58 minutes ago
Description : Client RCE on macOS and Linux via improper symbolic link resolution in Google Web Designer's preview feature
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31233 - Apple Video File Processing Buffer Overflow
CVE ID : CVE-2025-31233
Published : May 12, 2025, 10:15 p.m. | 3 hours, 3 minutes ago
Description : The issue was addressed with improved input sanitization. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31233
Published : May 12, 2025, 10:15 p.m. | 3 hours, 3 minutes ago
Description : The issue was addressed with improved input sanitization. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31234 - Apple VisionOS iOS iPadOS macOS tvOS Kernel Corruption Vulnerability
CVE ID : CVE-2025-31234
Published : May 12, 2025, 10:15 p.m. | 3 hours, 3 minutes ago
Description : The issue was addressed with improved input sanitization. This issue is fixed in visionOS 2.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5. An attacker may be able to cause unexpected system termination or corrupt kernel memory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31234
Published : May 12, 2025, 10:15 p.m. | 3 hours, 3 minutes ago
Description : The issue was addressed with improved input sanitization. This issue is fixed in visionOS 2.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5. An attacker may be able to cause unexpected system termination or corrupt kernel memory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31235 - "Apple iPadOS and macOS Double Free Vulnerability"
CVE ID : CVE-2025-31235
Published : May 12, 2025, 10:15 p.m. | 3 hours, 3 minutes ago
Description : A double free issue was addressed with improved memory management. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to cause unexpected system termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31235
Published : May 12, 2025, 10:15 p.m. | 3 hours, 3 minutes ago
Description : A double free issue was addressed with improved memory management. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to cause unexpected system termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...