CVE-2025-9229 - MiR Error Handling Information Disclosure Vulnerability
CVE ID : CVE-2025-9229
Published : Aug. 20, 2025, 9:15 a.m. | 2 hours, 59 minutes ago
Description : Information disclosure vulnerability in error handling in MiR software prior to version 3.0.0 allows unauthenticated attackers to view detailed error information, such as file paths and other data, via access to verbose error pages.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9229
Published : Aug. 20, 2025, 9:15 a.m. | 2 hours, 59 minutes ago
Description : Information disclosure vulnerability in error handling in MiR software prior to version 3.0.0 allows unauthenticated attackers to view detailed error information, such as file paths and other data, via access to verbose error pages.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57727 - JetBrains IntelliJ IDEA Remote Reference Credentials Disclosure Vulnerability
CVE ID : CVE-2025-57727
Published : Aug. 20, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : In JetBrains IntelliJ IDEA before 2025.2 credentials disclosure was possible via remote reference
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57727
Published : Aug. 20, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : In JetBrains IntelliJ IDEA before 2025.2 credentials disclosure was possible via remote reference
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57728 - JetBrains IntelliJ IDEA Code With Me Guest File Disclosure
CVE ID : CVE-2025-57728
Published : Aug. 20, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : In JetBrains IntelliJ IDEA before 2025.2 improper access control allowed Code With Me guest to discover hidden files
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57728
Published : Aug. 20, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : In JetBrains IntelliJ IDEA before 2025.2 improper access control allowed Code With Me guest to discover hidden files
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57729 - JetBrains IntelliJ IDEA Plugin Startup Vulnerability
CVE ID : CVE-2025-57729
Published : Aug. 20, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57729
Published : Aug. 20, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57730 - JetBrains IntelliJ IDEA HTML Injection Vulnerability
CVE ID : CVE-2025-57730
Published : Aug. 20, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : In JetBrains IntelliJ IDEA before 2025.2 hTML injection was possible via Remote Development feature
Severity: 5.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57730
Published : Aug. 20, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : In JetBrains IntelliJ IDEA before 2025.2 hTML injection was possible via Remote Development feature
Severity: 5.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57731 - JetBrains YouTrack Stored XSS
CVE ID : CVE-2025-57731
Published : Aug. 20, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : In JetBrains YouTrack before 2025.2.92387 stored XSS was possible via Mermaid diagram content
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57731
Published : Aug. 20, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : In JetBrains YouTrack before 2025.2.92387 stored XSS was possible via Mermaid diagram content
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57732 - JetBrains TeamCity Directory Ownership Escalation
CVE ID : CVE-2025-57732
Published : Aug. 20, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57732
Published : Aug. 20, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57733 - JetBrains TeamCity SMTP Injection Vulnerability
CVE ID : CVE-2025-57733
Published : Aug. 20, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57733
Published : Aug. 20, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57734 - JetBrains TeamCity AWS Credentials Exposed
CVE ID : CVE-2025-57734
Published : Aug. 20, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57734
Published : Aug. 20, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9173 - Emlog Pro Unrestricted File Upload Vulnerability
CVE ID : CVE-2025-9173
Published : Aug. 20, 2025, 11:15 a.m. | 59 minutes ago
Description : A weakness has been identified in Emlog Pro up to 2.5.18. This issue affects some unknown processing of the file /admin/media.php?action=upload&sid=0. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9173
Published : Aug. 20, 2025, 11:15 a.m. | 59 minutes ago
Description : A weakness has been identified in Emlog Pro up to 2.5.18. This issue affects some unknown processing of the file /admin/media.php?action=upload&sid=0. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30256 - Tenda AC6 HTTP Header Parsing Denial of Service
CVE ID : CVE-2025-30256
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network packets to trigger this vulnerability.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30256
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network packets to trigger this vulnerability.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31355 - Tenda AC6 Firmware Signature Validation Code Execution Vulnerability
CVE ID : CVE-2025-31355
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31355
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-32010 - Tenda AC6 Cloud API Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-32010
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this vulnerability.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-32010
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this vulnerability.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50503 - Touch Lebanon Mobile App Password Reset Bypass Vulnerability
CVE ID : CVE-2025-50503
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : A vulnerability in the password reset workflow of the Touch Lebanon Mobile App 2.20.2 allows an attacker to bypass the OTP reset password mechanism. By manipulating the reset process, an unauthorized user may be able to reset the password and gain access to the account without needing to provide a legitimate authentication factor, such as an OTP. This compromises account security and allows for potential unauthorized access to user data.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50503
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : A vulnerability in the password reset workflow of the Touch Lebanon Mobile App 2.20.2 allows an attacker to bypass the OTP reset password mechanism. By manipulating the reset process, an unauthorized user may be able to reset the password and gain access to the account without needing to provide a legitimate authentication factor, such as an OTP. This compromises account security and allows for potential unauthorized access to user data.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54923 - Apache Service Remote Code Execution Vulnerability
CVE ID : CVE-2025-54923
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code execution and compromise of system integrity when authenticated users send crafted data to a network-exposed service that performs unsafe deserialization.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54923
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code execution and compromise of system integrity when authenticated users send crafted data to a network-exposed service that performs unsafe deserialization.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54924 - Adobe Acrobat SSRF
CVE ID : CVE-2025-54924
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthorized access to sensitive data when an attacker sends a specially crafted document to a vulnerable endpoint.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54924
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthorized access to sensitive data when an attacker sends a specially crafted document to a vulnerable endpoint.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54925 - Apache HTTP Server SSRF
CVE ID : CVE-2025-54925
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthorized access to sensitive data when an attacker configures the application to access a malicious url.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54925
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthorized access to sensitive data when an attacker configures the application to access a malicious url.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54926 - Apache HTTP Server Remote Code Execution Path Traversal
CVE ID : CVE-2025-54926
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause remote code execution when an authenticated attacker with admin privileges uploads a malicious file over HTTP which then gets executed.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54926
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause remote code execution when an authenticated attacker with admin privileges uploads a malicious file over HTTP which then gets executed.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54927 - Apache HTTP Server Path Traversal Vulnerability
CVE ID : CVE-2025-54927
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized access to sensitive files when an authenticated attackers uses a crafted path input that is processed by the system.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54927
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized access to sensitive files when an authenticated attackers uses a crafted path input that is processed by the system.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55483 - Tenda AC6 Buffer Overflow Vulnerability
CVE ID : CVE-2025-55483
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the function formSetMacFilterCfg via the parameters macFilterType and deviceList.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55483
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the function formSetMacFilterCfg via the parameters macFilterType and deviceList.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55499 - Tenda AC6 Buffer Overflow Vulnerability
CVE ID : CVE-2025-55499
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the ntpServer parameter in the fromSetSysTime function.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55499
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the ntpServer parameter in the fromSetSysTime function.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...