CVE-2025-66386 - MISP Path Traversal Vulnerability
CVE ID : CVE-2025-66386
Published : Nov. 28, 2025, 7:15 a.m. | 1 hour, 58 minutes ago
Description : app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin.
Severity: 4.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-66386
Published : Nov. 28, 2025, 7:15 a.m. | 1 hour, 58 minutes ago
Description : app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin.
Severity: 4.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13768 - Uniong|WebITR - Authorization Bypass
CVE ID : CVE-2025-13768
Published : Nov. 28, 2025, 8:15 a.m. | 58 minutes ago
Description : WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13768
Published : Nov. 28, 2025, 8:15 a.m. | 58 minutes ago
Description : WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13769 - Uniong|WebITR - SQL Injection
CVE ID : CVE-2025-13769
Published : Nov. 28, 2025, 8:15 a.m. | 58 minutes ago
Description : WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13769
Published : Nov. 28, 2025, 8:15 a.m. | 58 minutes ago
Description : WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13770 - Uniong|WebITR - SQL Injection
CVE ID : CVE-2025-13770
Published : Nov. 28, 2025, 8:15 a.m. | 58 minutes ago
Description : WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13770
Published : Nov. 28, 2025, 8:15 a.m. | 58 minutes ago
Description : WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13771 - Uniong|WebITR - Arbitrary File Read
CVE ID : CVE-2025-13771
Published : Nov. 28, 2025, 8:15 a.m. | 58 minutes ago
Description : WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13771
Published : Nov. 28, 2025, 8:15 a.m. | 58 minutes ago
Description : WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-12143 - Stack Memory Corruption Vulnerability
CVE ID : CVE-2025-12143
Published : Nov. 28, 2025, 12:16 p.m. | 58 minutes ago
Description : Stack-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-12143
Published : Nov. 28, 2025, 12:16 p.m. | 58 minutes ago
Description : Stack-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-11156 - Improper Service Loading Vulnerability in Netskope Endpoint DLP Driver
CVE ID : CVE-2025-11156
Published : Nov. 28, 2025, 3:15 p.m. | 1 hour, 59 minutes ago
Description : Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. If this gap is successfully exploited, a local, authenticated user with Administrator privileges can improperly load the driver as a generic kernel service. This triggers the flaw, causing a system crash (Blue-Screen-of-Death) and resulting in a Denial of Service (DoS) for the affected machine.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-11156
Published : Nov. 28, 2025, 3:15 p.m. | 1 hour, 59 minutes ago
Description : Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. If this gap is successfully exploited, a local, authenticated user with Administrator privileges can improperly load the driver as a generic kernel service. This triggers the flaw, causing a system crash (Blue-Screen-of-Death) and resulting in a Denial of Service (DoS) for the affected machine.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-12638 - Path Traversal Vulnerability in keras-team/keras via Tar Archive Extraction in keras.utils.get_file()
CVE ID : CVE-2025-12638
Published : Nov. 28, 2025, 3:16 p.m. | 1 hour, 59 minutes ago
Description : Keras version 3.11.3 is affected by a path traversal vulnerability in the keras.utils.get_file() function when extracting tar archives. The vulnerability arises because the function uses Python's tarfile.extractall() method without the security-critical filter='data' parameter. Although Keras attempts to filter unsafe paths using filter_safe_paths(), this filtering occurs before extraction, and a PATH_MAX symlink resolution bug triggers during extraction. This bug causes symlink resolution to fail due to path length limits, resulting in a security bypass that allows files to be written outside the intended extraction directory. This can lead to arbitrary file writes outside the cache directory, enabling potential system compromise or malicious code execution. The vulnerability affects Keras installations that process tar archives with get_file() and does not affect versions where this extraction method is secured with the appropriate filter parameter.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-12638
Published : Nov. 28, 2025, 3:16 p.m. | 1 hour, 59 minutes ago
Description : Keras version 3.11.3 is affected by a path traversal vulnerability in the keras.utils.get_file() function when extracting tar archives. The vulnerability arises because the function uses Python's tarfile.extractall() method without the security-critical filter='data' parameter. Although Keras attempts to filter unsafe paths using filter_safe_paths(), this filtering occurs before extraction, and a PATH_MAX symlink resolution bug triggers during extraction. This bug causes symlink resolution to fail due to path length limits, resulting in a security bypass that allows files to be written outside the intended extraction directory. This can lead to arbitrary file writes outside the cache directory, enabling potential system compromise or malicious code execution. The vulnerability affects Keras installations that process tar archives with get_file() and does not affect versions where this extraction method is secured with the appropriate filter parameter.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51733 - HCL Unica CSRF Attack Vector
CVE ID : CVE-2025-51733
Published : Nov. 28, 2025, 3:16 p.m. | 1 hour, 59 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in HCL Technologies Ltd. Unica 12.0.0.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51733
Published : Nov. 28, 2025, 3:16 p.m. | 1 hour, 59 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in HCL Technologies Ltd. Unica 12.0.0.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51734 - HCL Unica Unauthenticated Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-51734
Published : Nov. 28, 2025, 3:16 p.m. | 1 hour, 59 minutes ago
Description : Cross-site scripting (XSS) vulnerability in HCL Technologies Ltd. Unica 12.0.0.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51734
Published : Nov. 28, 2025, 3:16 p.m. | 1 hour, 59 minutes ago
Description : Cross-site scripting (XSS) vulnerability in HCL Technologies Ltd. Unica 12.0.0.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51735 - HCL Technologies Ltd. Unica CSV Formula Injection Vulnerability
CVE ID : CVE-2025-51735
Published : Nov. 28, 2025, 3:16 p.m. | 1 hour, 59 minutes ago
Description : CSV formula injection vulnerability in HCL Technologies Ltd. Unica 12.0.0.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51735
Published : Nov. 28, 2025, 3:16 p.m. | 1 hour, 59 minutes ago
Description : CSV formula injection vulnerability in HCL Technologies Ltd. Unica 12.0.0.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51736 - HCL Unica File Upload Remote Code Execution Vulnerability
CVE ID : CVE-2025-51736
Published : Nov. 28, 2025, 3:16 p.m. | 1 hour, 59 minutes ago
Description : File upload vulnerability in HCL Technologies Ltd. Unica 12.0.0.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51736
Published : Nov. 28, 2025, 3:16 p.m. | 1 hour, 59 minutes ago
Description : File upload vulnerability in HCL Technologies Ltd. Unica 12.0.0.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-59790 - Apache Kvrocks: RESET command grants admin privileges
CVE ID : CVE-2025-59790
Published : Nov. 28, 2025, 3:16 p.m. | 1 hour, 59 minutes ago
Description : Improper Privilege Management vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from v2.9.0 through v2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-59790
Published : Nov. 28, 2025, 3:16 p.m. | 1 hour, 59 minutes ago
Description : Improper Privilege Management vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from v2.9.0 through v2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-59792 - Apache Kvrocks: MONITOR command reveals plaintext credentials to non-admins
CVE ID : CVE-2025-59792
Published : Nov. 28, 2025, 3:16 p.m. | 1 hour, 59 minutes ago
Description : Reveals plaintext credentials in the MONITOR command vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through 2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-59792
Published : Nov. 28, 2025, 3:16 p.m. | 1 hour, 59 minutes ago
Description : Reveals plaintext credentials in the MONITOR command vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through 2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-12183 - org.lz4:lz4-java - Out-of-Bounds Memory Access
CVE ID : CVE-2025-12183
Published : Nov. 28, 2025, 4:15 p.m. | 59 minutes ago
Description : Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-12183
Published : Nov. 28, 2025, 4:15 p.m. | 59 minutes ago
Description : Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13683 - Devolutions Server and Remote Desktop Manager Credential Exposure
CVE ID : CVE-2025-13683
Published : Nov. 28, 2025, 5 p.m. | 14 minutes ago
Description : Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.This issue affects Devolutions Server: through 2025.3.8.0; Remote Desktop Manager: through 2025.3.23.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13683
Published : Nov. 28, 2025, 5 p.m. | 14 minutes ago
Description : Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.This issue affects Devolutions Server: through 2025.3.8.0; Remote Desktop Manager: through 2025.3.23.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-64715 - Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic
CVE ID : CVE-2025-64715
Published : Nov. 29, 2025, 12:11 a.m. | 1 hour, 6 minutes ago
Description : Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.16.17, 1.17.10, and 1.18.4, CiliumNetworkPolicys which use egress.toGroups.aws.securityGroupsIds to reference AWS security group IDs that do not exist or are not attached to any network interface may unintentionally allow broader outbound access than intended by the policy authors. In such cases, the toCIDRset section of the derived policy is not generated, which means outbound traffic may be permitted to more destinations than originally intended. This issue has been patched in versions 1.16.17, 1.17.10, and 1.18.4. There are no workarounds for this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-64715
Published : Nov. 29, 2025, 12:11 a.m. | 1 hour, 6 minutes ago
Description : Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.16.17, 1.17.10, and 1.18.4, CiliumNetworkPolicys which use egress.toGroups.aws.securityGroupsIds to reference AWS security group IDs that do not exist or are not attached to any network interface may unintentionally allow broader outbound access than intended by the policy authors. In such cases, the toCIDRset section of the derived policy is not generated, which means outbound traffic may be permitted to more destinations than originally intended. This issue has been patched in versions 1.16.17, 1.17.10, and 1.18.4. There are no workarounds for this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-65113 - ClipBucket v5 Unauthenticated Object Flagging Vulnerability
CVE ID : CVE-2025-65113
Published : Nov. 29, 2025, 12:34 a.m. | 44 minutes ago
Description : ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.2 - #164, an authorization bypass vulnerability in the AJAX flagging system allows any unauthenticated user to flag any content (users, videos, photos, collections) on the platform. This can lead to mass flagging attacks, content disruption, and moderation system abuse. This issue has been patched in version 5.5.2 - #164.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-65113
Published : Nov. 29, 2025, 12:34 a.m. | 44 minutes ago
Description : ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.2 - #164, an authorization bypass vulnerability in the AJAX flagging system allows any unauthenticated user to flag any content (users, videos, photos, collections) on the platform. This can lead to mass flagging attacks, content disruption, and moderation system abuse. This issue has been patched in version 5.5.2 - #164.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-65112 - PubNet Critical Authentication Bypass Allows Unauthenticated Package Upload and Identity Spoofing
CVE ID : CVE-2025-65112
Published : Nov. 29, 2025, 12:38 a.m. | 39 minutes ago
Description : PubNet is a self-hosted Dart & Flutter package service. Prior to version 1.1.3, the /api/storage/upload endpoint in PubNet allows unauthenticated users to upload packages as any user by providing arbitrary author-id values. This enables identity spoofing, privilege escalation, and supply chain attacks. This issue has been patched in version 1.1.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-65112
Published : Nov. 29, 2025, 12:38 a.m. | 39 minutes ago
Description : PubNet is a self-hosted Dart & Flutter package service. Prior to version 1.1.3, the /api/storage/upload endpoint in PubNet allows unauthenticated users to upload packages as any user by providing arbitrary author-id values. This enables identity spoofing, privilege escalation, and supply chain attacks. This issue has been patched in version 1.1.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-66027 - Rallly Information Disclosure Vulnerability in Participant API Leaks Names and Emails Despite Pro Privacy Settings
CVE ID : CVE-2025-66027
Published : Nov. 29, 2025, 12:43 a.m. | 35 minutes ago
Description : Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.6, an information disclosure vulnerability exposes participant details, including names and email addresses through the /api/trpc/polls.get,polls.participants.list endpoint, even when Pro privacy features are enabled. This bypasses intended privacy controls that should prevent participants from viewing other users’ personal information. This issue has been patched in version 4.5.6.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-66027
Published : Nov. 29, 2025, 12:43 a.m. | 35 minutes ago
Description : Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.6, an information disclosure vulnerability exposes participant details, including names and email addresses through the /api/trpc/polls.get,polls.participants.list endpoint, even when Pro privacy features are enabled. This bypasses intended privacy controls that should prevent participants from viewing other users’ personal information. This issue has been patched in version 4.5.6.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-66034 - fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib
CVE ID : CVE-2025-66034
Published : Nov. 29, 2025, 1:07 a.m. | 11 minutes ago
Description : fontTools is a library for manipulating fonts, written in Python. In versions from 4.33.0 to before 4.60.2, the fonttools varLib (or python3 -m fontTools.varLib) script has an arbitrary file write vulnerability that leads to remote code execution when a malicious .designspace file is processed. The vulnerability affects the main() code path of fontTools.varLib, used by the fonttools varLib CLI and any code that invokes fontTools.varLib.main(). This issue has been patched in version 4.60.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-66034
Published : Nov. 29, 2025, 1:07 a.m. | 11 minutes ago
Description : fontTools is a library for manipulating fonts, written in Python. In versions from 4.33.0 to before 4.60.2, the fonttools varLib (or python3 -m fontTools.varLib) script has an arbitrary file write vulnerability that leads to remote code execution when a malicious .designspace file is processed. The vulnerability affects the main() code path of fontTools.varLib, used by the fonttools varLib CLI and any code that invokes fontTools.varLib.main(). This issue has been patched in version 4.60.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...