CVE-2025-59675 - Cisco WebEx Meeting Center Stored XSS
CVE ID : CVE-2025-59675
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 50 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-59675
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 50 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-59676 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-59676
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 50 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-59676
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 50 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-59677 - Apache HTTP Server Untrusted User Input
CVE ID : CVE-2025-59677
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 50 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-59677
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 50 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-59678 - Google Maps Unvalidated Redirect
CVE ID : CVE-2025-59678
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 50 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-59678
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 50 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-59712 - Snipe-IT Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-59712
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 50 minutes ago
Description : Snipe-IT before 8.1.18 allows XSS.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-59712
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 50 minutes ago
Description : Snipe-IT before 8.1.18 allows XSS.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-59713 - Snipe-IT Deserialization Vulnerability
CVE ID : CVE-2025-59713
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 49 minutes ago
Description : Snipe-IT before 8.1.18 allows unsafe deserialization.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-59713
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 49 minutes ago
Description : Snipe-IT before 8.1.18 allows unsafe deserialization.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-59714 - Internet2 Grouper Privilege Escalation Vulnerability
CVE ID : CVE-2025-59714
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 49 minutes ago
Description : In Internet2 Grouper 5.17.1 before 5.20.5, group admins who are not Grouper sysadmins can configure loader jobs.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-59714
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 49 minutes ago
Description : In Internet2 Grouper 5.17.1 before 5.20.5, group admins who are not Grouper sysadmins can configure loader jobs.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-59715 - SMSEagle Reflected Cross-Site Scripting
CVE ID : CVE-2025-59715
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 49 minutes ago
Description : SMSEagle before 6.11 allows reflected XSS via a username or contact phone number.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-59715
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 49 minutes ago
Description : SMSEagle before 6.11 allows reflected XSS via a username or contact phone number.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7937 - Supermicro BMC firmware update validation bypass
CVE ID : CVE-2025-7937
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 49 minutes ago
Description : There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW . An attacker can update the system firmware with a specially crafted image.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7937
Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 49 minutes ago
Description : There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW . An attacker can update the system firmware with a specially crafted image.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-59717 - DigitalOcean do-markdownit String Injection Vulnerability
CVE ID : CVE-2025-59717
Published : Sept. 19, 2025, 4:16 a.m. | 48 minutes ago
Description : In the @digitalocean/do-markdownit package through 1.16.1 (in npm), the callout and fence_environment plugins perform .includes substring matching if allowedClasses or allowedEnvironments is a string (instead of an array).
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-59717
Published : Sept. 19, 2025, 4:16 a.m. | 48 minutes ago
Description : In the @digitalocean/do-markdownit package through 1.16.1 (in npm), the callout and fence_environment plugins perform .includes substring matching if allowedClasses or allowedEnvironments is a string (instead of an array).
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8487 - Kubio AI Page Builder <= 2.6.3 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Installation
CVE ID : CVE-2025-8487
Published : Sept. 19, 2025, 4:17 a.m. | 48 minutes ago
Description : The Kubio AI Page Builder plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the kubio-image-hub-install-plugin AJAX action in all versions up to, and including, 2.6.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install the Image Hub plugin.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8487
Published : Sept. 19, 2025, 4:17 a.m. | 48 minutes ago
Description : The Kubio AI Page Builder plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the kubio-image-hub-install-plugin AJAX action in all versions up to, and including, 2.6.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install the Image Hub plugin.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-10146 - Download Manager <= 3.3.23 - Reflected Cross-Site Scripting via `user_ids` Parameter
CVE ID : CVE-2025-10146
Published : Sept. 19, 2025, 4:27 a.m. | 38 minutes ago
Description : The Download Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘user_ids’ parameter in all versions up to, and including, 3.3.23 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-10146
Published : Sept. 19, 2025, 4:27 a.m. | 38 minutes ago
Description : The Download Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘user_ids’ parameter in all versions up to, and including, 3.3.23 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5955 - Service Finder SMS System <= 2.0.0 - Authentication Bypass
CVE ID : CVE-2025-5955
Published : Sept. 19, 2025, 4:27 a.m. | 38 minutes ago
Description : The Service Finder SMS System plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.0. This is due to the plugin not verifying a user's phone number before logging them in. This makes it possible for unauthenticated attackers to login as arbitrary users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5955
Published : Sept. 19, 2025, 4:27 a.m. | 38 minutes ago
Description : The Service Finder SMS System plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.0. This is due to the plugin not verifying a user's phone number before logging them in. This makes it possible for unauthenticated attackers to login as arbitrary users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-10456 - Bluetooth: Semi-Arbitrary ability to make the BLE Target send disconnection requests
CVE ID : CVE-2025-10456
Published : Sept. 19, 2025, 6:15 a.m. | 2 hours, 50 minutes ago
Description : A vulnerability was identified in the handling of Bluetooth Low Energy (BLE) fixed channels (such as SMP or ATT). Specifically, an attacker could exploit a flaw that causes the BLE target (i.e., the device under attack) to attempt to disconnect a fixed channel, which is not allowed per the Bluetooth specification. This leads to undefined behavior, including potential assertion failures, crashes, or memory corruption, depending on the BLE stack implementation.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-10456
Published : Sept. 19, 2025, 6:15 a.m. | 2 hours, 50 minutes ago
Description : A vulnerability was identified in the handling of Bluetooth Low Energy (BLE) fixed channels (such as SMP or ATT). Specifically, an attacker could exploit a flaw that causes the BLE target (i.e., the device under attack) to attempt to disconnect a fixed channel, which is not allowed per the Bluetooth specification. This leads to undefined behavior, including potential assertion failures, crashes, or memory corruption, depending on the BLE stack implementation.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-10457 - Bluetooth: Out-Of-Context le_conn_rsp Handling
CVE ID : CVE-2025-10457
Published : Sept. 19, 2025, 6:15 a.m. | 2 hours, 50 minutes ago
Description : The function responsible for handling BLE connection responses does not verify whether a response is expected—that is, whether the device has initiated a connection request. Instead, it relies solely on identifier matching.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-10457
Published : Sept. 19, 2025, 6:15 a.m. | 2 hours, 50 minutes ago
Description : The function responsible for handling BLE connection responses does not verify whether a response is expected—that is, whether the device has initiated a connection request. Instead, it relies solely on identifier matching.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-10458 - Bluetooth: le_conn_rsp does not sanitize CID, MTU, MPS values
CVE ID : CVE-2025-10458
Published : Sept. 19, 2025, 6:15 a.m. | 2 hours, 50 minutes ago
Description : Parameters are not validated or sanitized, and are later used in various internal operations.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-10458
Published : Sept. 19, 2025, 6:15 a.m. | 2 hours, 50 minutes ago
Description : Parameters are not validated or sanitized, and are later used in various internal operations.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5948 - Service Finder Bookings <= 6.0 - Unauthenticated Privilege Escalation via claim_business
CVE ID : CVE-2025-5948
Published : Sept. 19, 2025, 6:15 a.m. | 2 hours, 50 minutes ago
Description : The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0. This is due to the plugin not properly validating a user's identity prior to claiming a business when using the claim_business AJAX action. This makes it possible for unauthenticated attackers to login as any user including admins. Please note that subscriber privileges or brute-forcing are needed when completing the business takeover. The claim_id is needed to takeover the admin account, but brute-forcing is a practical approach to obtaining valid IDs.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5948
Published : Sept. 19, 2025, 6:15 a.m. | 2 hours, 50 minutes ago
Description : The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0. This is due to the plugin not properly validating a user's identity prior to claiming a business when using the claim_business AJAX action. This makes it possible for unauthenticated attackers to login as any user including admins. Please note that subscriber privileges or brute-forcing are needed when completing the business takeover. The claim_id is needed to takeover the admin account, but brute-forcing is a practical approach to obtaining valid IDs.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7403 - Bluetooth: bt_conn_tx_processor unsafe handling
CVE ID : CVE-2025-7403
Published : Sept. 19, 2025, 6:15 a.m. | 2 hours, 50 minutes ago
Description : Unsafe handling in bt_conn_tx_processor causes a use-after-free, resulting in a write-before-zero. The written 4 bytes are attacker-controlled, enabling precise memory corruption.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7403
Published : Sept. 19, 2025, 6:15 a.m. | 2 hours, 50 minutes ago
Description : Unsafe handling in bt_conn_tx_processor causes a use-after-free, resulting in a write-before-zero. The written 4 bytes are attacker-controlled, enabling precise memory corruption.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9906 - Arbitrary Code execution in Keras Safe Mode
CVE ID : CVE-2025-9906
Published : Sept. 19, 2025, 8:15 a.m. | 51 minutes ago
Description : The Keras Model.load_model method can be exploited to achieve arbitrary code execution, even with safe_mode=True. One can create a specially crafted .keras model archive that, when loaded via Model.load_model, will trigger arbitrary code to be executed. This is achieved by crafting a special config.json (a file within the .keras archive) that will invoke keras.config.enable_unsafe_deserialization() to disable safe mode. Once safe mode is disable, one can use the Lambda layer feature of keras, which allows arbitrary Python code in the form of pickled code. Both can appear in the same archive. Simply the keras.config.enable_unsafe_deserialization() needs to appear first in the archive and the Lambda with arbitrary code needs to be second.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9906
Published : Sept. 19, 2025, 8:15 a.m. | 51 minutes ago
Description : The Keras Model.load_model method can be exploited to achieve arbitrary code execution, even with safe_mode=True. One can create a specially crafted .keras model archive that, when loaded via Model.load_model, will trigger arbitrary code to be executed. This is achieved by crafting a special config.json (a file within the .keras archive) that will invoke keras.config.enable_unsafe_deserialization() to disable safe mode. Once safe mode is disable, one can use the Lambda layer feature of keras, which allows arbitrary Python code in the form of pickled code. Both can appear in the same archive. Simply the keras.config.enable_unsafe_deserialization() needs to appear first in the archive and the Lambda with arbitrary code needs to be second.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7702 - Open Redirect in PUSULA's Manageable Email Sending System
CVE ID : CVE-2025-7702
Published : Sept. 19, 2025, 8:15 a.m. | 50 minutes ago
Description : URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Pusula Communication Information Internet Industry and Trade Ltd. Co. Manageable Email Sending System allows Exploiting Trust in Client.This issue affects Manageable Email Sending System: from <=2025.06 before 2025.08.06.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7702
Published : Sept. 19, 2025, 8:15 a.m. | 50 minutes ago
Description : URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Pusula Communication Information Internet Industry and Trade Ltd. Co. Manageable Email Sending System allows Exploiting Trust in Client.This issue affects Manageable Email Sending System: from <=2025.06 before 2025.08.06.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9905 - Arbitary Code execution in Keras load_model()
CVE ID : CVE-2025-9905
Published : Sept. 19, 2025, 8:16 a.m. | 49 minutes ago
Description : The Keras Model.load_model method can be exploited to achieve arbitrary code execution, even with safe_mode=True. One can create a specially crafted .h5/.hdf5 model archive that, when loaded via Model.load_model, will trigger arbitrary code to be executed. This is achieved by crafting a special .h5 archive file that uses the Lambda layer feature of keras which allows arbitrary Python code in the form of pickled code. The vulnerability comes from the fact that the safe_mode=True option is not honored when reading .h5 archives. Note that the .h5/.hdf5 format is a legacy format supported by Keras 3 for backwards compatibility.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9905
Published : Sept. 19, 2025, 8:16 a.m. | 49 minutes ago
Description : The Keras Model.load_model method can be exploited to achieve arbitrary code execution, even with safe_mode=True. One can create a specially crafted .h5/.hdf5 model archive that, when loaded via Model.load_model, will trigger arbitrary code to be executed. This is achieved by crafting a special .h5 archive file that uses the Lambda layer feature of keras which allows arbitrary Python code in the form of pickled code. The vulnerability comes from the fact that the safe_mode=True option is not honored when reading .h5 archives. Note that the .h5/.hdf5 format is a legacy format supported by Keras 3 for backwards compatibility.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...