CVE-2025-1754 - GitLab Unauthenticated File Upload Vulnerability
CVE ID : CVE-2025-1754
Published : June 26, 2025, 6:15 a.m. | 2 hours, 1 minute ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed unauthenticated attackers to upload arbitrary files to public projects by sending crafted API requests, potentially leading to resource abuse and unauthorized content storage.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-1754
Published : June 26, 2025, 6:15 a.m. | 2 hours, 1 minute ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed unauthenticated attackers to upload arbitrary files to public projects by sending crafted API requests, potentially leading to resource abuse and unauthorized content storage.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2938 - GitLab Elevation of Privilege Vulnerability
CVE ID : CVE-2025-2938
Published : June 26, 2025, 6:15 a.m. | 2 hours, 1 minute ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to gain elevated project privileges by requesting access to projects where role modifications during the approval process resulted in unintended permission grants.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2938
Published : June 26, 2025, 6:15 a.m. | 2 hours, 1 minute ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to gain elevated project privileges by requesting access to projects where role modifications during the approval process resulted in unintended permission grants.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-37101 - HPE OneView for VMware vCenter Vertical Privilege Escalation
CVE ID : CVE-2025-37101
Published : June 26, 2025, 6:15 a.m. | 2 hours, 1 minute ago
Description : A potential security vulnerability has been identified in HPE OneView for VMware vCenter (OV4VC). This vulnerability could be exploited allowing an attacker with read only privilege to cause Vertical Privilege Escalation (operator can perform admin actions).
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-37101
Published : June 26, 2025, 6:15 a.m. | 2 hours, 1 minute ago
Description : A potential security vulnerability has been identified in HPE OneView for VMware vCenter (OV4VC). This vulnerability could be exploited allowing an attacker with read only privilege to cause Vertical Privilege Escalation (operator can perform admin actions).
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3279 - GitLab GraphQL Denial of Service Vulnerability
CVE ID : CVE-2025-3279
Published : June 26, 2025, 6:15 a.m. | 2 hours, 1 minute ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated attackers to create a DoS condition by sending crafted GraphQL requests.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3279
Published : June 26, 2025, 6:15 a.m. | 2 hours, 1 minute ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated attackers to create a DoS condition by sending crafted GraphQL requests.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-41404 - Iroha Board Information Disclosure
CVE ID : CVE-2025-41404
Published : June 26, 2025, 6:15 a.m. | 2 hours, 1 minute ago
Description : Direct request ('Forced Browsing') issue exists in iroha Board versions v0.10.12 and earlier. If this vulnerability is exploited, non-public contents may be viewed by an attacker who can log in to the affected product.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-41404
Published : June 26, 2025, 6:15 a.m. | 2 hours, 1 minute ago
Description : Direct request ('Forced Browsing') issue exists in iroha Board versions v0.10.12 and earlier. If this vulnerability is exploited, non-public contents may be viewed by an attacker who can log in to the affected product.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-48497 - Iroha Board CSRF
CVE ID : CVE-2025-48497
Published : June 26, 2025, 6:15 a.m. | 2 hours, 1 minute ago
Description : Cross-site request forgery vulnerability exists in iroha Board versions v0.10.12 and earlier. If a user accesses a specially crafted URL while being logged in to the affected product, arbitrary learning histories may be registered.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48497
Published : June 26, 2025, 6:15 a.m. | 2 hours, 1 minute ago
Description : Cross-site request forgery vulnerability exists in iroha Board versions v0.10.12 and earlier. If a user accesses a specially crafted URL while being logged in to the affected product, arbitrary learning histories may be registered.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5315 - GitLab Guest Role Bypass API Vulnerability (Authentication Bypass)
CVE ID : CVE-2025-5315
Published : June 26, 2025, 6:15 a.m. | 2 hours, 1 minute ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed UI-enforced role restrictions.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5315
Published : June 26, 2025, 6:15 a.m. | 2 hours, 1 minute ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed UI-enforced role restrictions.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5846 - GitLab EE GraphQL Framework Assignment Vulnerability
CVE ID : CVE-2025-5846
Published : June 26, 2025, 6:15 a.m. | 2 hours, 1 minute ago
Description : An issue has been discovered in GitLab EE affecting all versions from 16.10 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to assign unrelated compliance frameworks to projects by sending crafted GraphQL mutations that bypassed framework-specific permission checks.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5846
Published : June 26, 2025, 6:15 a.m. | 2 hours, 1 minute ago
Description : An issue has been discovered in GitLab EE affecting all versions from 16.10 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to assign unrelated compliance frameworks to projects by sending crafted GraphQL mutations that bypassed framework-specific permission checks.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5459 - Puppet Enterprise Root Command Execution Vulnerability
CVE ID : CVE-2025-5459
Published : June 26, 2025, 7:15 a.m. | 1 hour, 1 minute ago
Description : A user with specific node group editing permissions and a specially crafted class parameter could be used to execute commands as root on the primary host. It affects Puppet Enterprise versions 2018.1.8 through 2023.8.3 and 2025.3 and has been resolved in versions 2023.8.4 and 2025.4.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5459
Published : June 26, 2025, 7:15 a.m. | 1 hour, 1 minute ago
Description : A user with specific node group editing permissions and a specially crafted class parameter could be used to execute commands as root on the primary host. It affects Puppet Enterprise versions 2018.1.8 through 2023.8.3 and 2025.3 and has been resolved in versions 2023.8.4 and 2025.4.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52934 - Apache HTTP Server Missing Configuration
CVE ID : CVE-2025-52934
Published : June 26, 2025, 8:15 a.m. | 4 hours, 1 minute ago
Description : Rejected reason: Not a vulnerability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52934
Published : June 26, 2025, 8:15 a.m. | 4 hours, 1 minute ago
Description : Rejected reason: Not a vulnerability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-11584 - Cloud-init systemd Socket Unit Permission Vulnerability
CVE ID : CVE-2024-11584
Published : June 26, 2025, 10:15 a.m. | 2 hours, 1 minute ago
Description : cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This being used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivelege user could trigger hotplug-hook commands.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-11584
Published : June 26, 2025, 10:15 a.m. | 2 hours, 1 minute ago
Description : cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This being used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivelege user could trigger hotplug-hook commands.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-6174 - Microsoft Azure Cloud-Init Local IP Access Grant
CVE ID : CVE-2024-6174
Published : June 26, 2025, 10:15 a.m. | 2 hours, 1 minute ago
Description : When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-6174
Published : June 26, 2025, 10:15 a.m. | 2 hours, 1 minute ago
Description : When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5338 - Royal Elementor Addons WordPress Stored Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-5338
Published : June 26, 2025, 10:15 a.m. | 2 hours, 1 minute ago
Description : The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.7.1024 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5338
Published : June 26, 2025, 10:15 a.m. | 2 hours, 1 minute ago
Description : The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.7.1024 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5842 - WordPress Modern Design Library Stored Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-5842
Published : June 26, 2025, 10:15 a.m. | 2 hours, 1 minute ago
Description : The Modern Design Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class’ parameter in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5842
Published : June 26, 2025, 10:15 a.m. | 2 hours, 1 minute ago
Description : The Modern Design Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class’ parameter in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6212 - "Ultra Addons for Contact Form 7 Stored Cross-Site Scripting Vulnerability"
CVE ID : CVE-2025-6212
Published : June 26, 2025, 10:15 a.m. | 2 hours, 1 minute ago
Description : The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Database module in versions 3.5.11 to 3.5.19 due to insufficient input sanitization and output escaping. The unfiltered field names are stored alongside the sanitized values. Later, the admin-side AJAX endpoint ajax_get_table_data() returns those raw names as JSON column headers, and the client-side DataTables renderer injects them directly into the DOM without any HTML encoding. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6212
Published : June 26, 2025, 10:15 a.m. | 2 hours, 1 minute ago
Description : The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Database module in versions 3.5.11 to 3.5.19 due to insufficient input sanitization and output escaping. The unfiltered field names are stored alongside the sanitized values. Later, the admin-side AJAX endpoint ajax_get_table_data() returns those raw names as JSON column headers, and the client-side DataTables renderer injects them directly into the DOM without any HTML encoding. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6703 - Mozilla neqo Unvalidated Input Crash
CVE ID : CVE-2025-6703
Published : June 26, 2025, 10:15 a.m. | 2 hours, 1 minute ago
Description : Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo: from 0.4.24 through 0.13.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6703
Published : June 26, 2025, 10:15 a.m. | 2 hours, 1 minute ago
Description : Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo: from 0.4.24 through 0.13.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3722 - Symantec ePO Path Traversal Vulnerability
CVE ID : CVE-2025-3722
Published : June 26, 2025, 11:15 a.m. | 1 hour, 1 minute ago
Description : A path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and exposing sensitive information disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3722
Published : June 26, 2025, 11:15 a.m. | 1 hour, 1 minute ago
Description : A path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and exposing sensitive information disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3771 - Acronis True Image Local File Write
CVE ID : CVE-2025-3771
Published : June 26, 2025, 11:15 a.m. | 1 hour, 1 minute ago
Description : Vulnerability allows local user to write registry backup files into another location set by the user by creating junction symlink in System Information Reporter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3771
Published : June 26, 2025, 11:15 a.m. | 1 hour, 1 minute ago
Description : Vulnerability allows local user to write registry backup files into another location set by the user by creating junction symlink in System Information Reporter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-48923 - Drupal Toc.Js Cross-Site Scripting (XSS)
CVE ID : CVE-2025-48923
Published : June 26, 2025, 2:15 p.m. | 2 hours, 1 minute ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Toc.Js allows Cross-Site Scripting (XSS).This issue affects Toc.Js: from 0.0.0 before 3.2.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48923
Published : June 26, 2025, 2:15 p.m. | 2 hours, 1 minute ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Toc.Js allows Cross-Site Scripting (XSS).This issue affects Toc.Js: from 0.0.0 before 3.2.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-49003 - DataEase Java RCE (Character Conversion)
CVE ID : CVE-2025-49003
Published : June 26, 2025, 2:15 p.m. | 2 hours, 1 minute ago
Description : DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, a threat actor may take advantage of a feature in Java in which the character "ı" becomes "I" when converted to uppercase, and the character "ſ" becomes "S" when converted to uppercase. A threat actor who uses a carefully crafted message that exploits this character conversion can cause remote code execution. The vulnerability has been fixed in v2.10.11. No known workarounds are available.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-49003
Published : June 26, 2025, 2:15 p.m. | 2 hours, 1 minute ago
Description : DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, a threat actor may take advantage of a feature in Java in which the character "ı" becomes "I" when converted to uppercase, and the character "ſ" becomes "S" when converted to uppercase. A threat actor who uses a carefully crafted message that exploits this character conversion can cause remote code execution. The vulnerability has been fixed in v2.10.11. No known workarounds are available.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52573 - "iOS Simulator MCP Server Command Injection Vulnerability"
CVE ID : CVE-2025-52573
Published : June 26, 2025, 2:15 p.m. | 2 hours, 1 minute ago
Description : iOS Simulator MCP Server (ios-simulator-mcp) is a Model Context Protocol (MCP) server for interacting with iOS simulators. Versions prior to 1.3.3 are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. The MCP Server exposes the tool `ui_tap` which relies on Node.js child process API `exec` which is an unsafe and vulnerable API if concatenated with untrusted user input. LLM exposed user input for `duration`, `udid`, and `x` and `y` args can be replaced with shell meta-characters like `;` or `&&` or others to change the behavior from running the expected command `idb` to another command. When LLMs are tricked through prompt injection (and other techniques and attack vectors) to call the tool with input that uses special shell characters such as `; rm -rf /tmp;#` and other payload variations, the full command-line text will be interepted by the shell and result in other commands except of `ps` executing on the host running the MCP Server. Version 1.3.3 contains a patch for the issue.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52573
Published : June 26, 2025, 2:15 p.m. | 2 hours, 1 minute ago
Description : iOS Simulator MCP Server (ios-simulator-mcp) is a Model Context Protocol (MCP) server for interacting with iOS simulators. Versions prior to 1.3.3 are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. The MCP Server exposes the tool `ui_tap` which relies on Node.js child process API `exec` which is an unsafe and vulnerable API if concatenated with untrusted user input. LLM exposed user input for `duration`, `udid`, and `x` and `y` args can be replaced with shell meta-characters like `;` or `&&` or others to change the behavior from running the expected command `idb` to another command. When LLMs are tricked through prompt injection (and other techniques and attack vectors) to call the tool with input that uses special shell characters such as `; rm -rf /tmp;#` and other payload variations, the full command-line text will be interepted by the shell and result in other commands except of `ps` executing on the host running the MCP Server. Version 1.3.3 contains a patch for the issue.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...