๐จ CVE-2025-8998
It was possible to upload files with a specific name to a temporary directory, which may result in process crashes and impact usability. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account.
๐@cveNotify
It was possible to upload files with a specific name to a temporary directory, which may result in process crashes and impact usability. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account.
๐@cveNotify
๐จ CVE-2025-9055
The VAPIX Edge storage API that allowed a privilege escalation, enabling a VAPIX administrator-privileged user to gain Linux Root privileges. This flaw can only be exploited after authenticating with an administrator-privileged service account.
๐@cveNotify
The VAPIX Edge storage API that allowed a privilege escalation, enabling a VAPIX administrator-privileged user to gain Linux Root privileges. This flaw can only be exploited after authenticating with an administrator-privileged service account.
๐@cveNotify
๐จ CVE-2025-9524
The VAPIX API port.cgi did not have sufficient input validation, which may result in process crashes and impact usability. This vulnerability can only be exploited after authenticating with a viewer- operator- or administrator-privileged service account.
๐@cveNotify
The VAPIX API port.cgi did not have sufficient input validation, which may result in process crashes and impact usability. This vulnerability can only be exploited after authenticating with a viewer- operator- or administrator-privileged service account.
๐@cveNotify
๐จ CVE-2017-20210
Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal research.
๐@cveNotify
Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal research.
๐@cveNotify
QNAP Systems, Inc. - Network Attached Storage (NAS)
Security Vulnerability Addressed in Photo Station 5.4.1 and 5.2.7 - Security Advisory
QNAP designs and delivers high-quality network attached storage (NAS) and professional network video recorder (NVR) solutions to users from home, SOHO to small, medium businesses.
๐จ CVE-2025-12539
The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.2. This is due to the plugin storing cPanel API credentials (hostname, username, and API key) in files within the web-accessible wp-content directory without adequate protection in the "Tnc_Wp_Toolbox_Settings::save_settings" function. This makes it possible for unauthenticated attackers to retrieve these credentials and use them to interact with the cPanel API, which can lead to arbitrary file uploads, remote code execution, and full compromise of the hosting environment.
๐@cveNotify
The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.2. This is due to the plugin storing cPanel API credentials (hostname, username, and API key) in files within the web-accessible wp-content directory without adequate protection in the "Tnc_Wp_Toolbox_Settings::save_settings" function. This makes it possible for unauthenticated attackers to retrieve these credentials and use them to interact with the cPanel API, which can lead to arbitrary file uploads, remote code execution, and full compromise of the hosting environment.
๐@cveNotify
GitHub
v2.0.0-dev (pre-testing) ยท The-Network-Crew/TNC-Toolbox-for-WordPress@31bb304
(WP Plugin) for cPanel Servers w/ NGINX+Apache (inc. Cache Purge). (๐ FOSS: Free Open-source Software) - v2.0.0-dev (pre-testing) ยท The-Network-Crew/TNC-Toolbox-for-WordPress@31bb304
๐จ CVE-2025-12787
The Hydra Booking โ Appointment Scheduling & Booking Calendar plugin for WordPress is vulnerable to unauthorized booking cancellation in all versions up to, and including, 1.1.27. This is due to the plugin's "tfhb_meeting_form_submit_callback" function using insufficiently random values to generate booking cancellation tokens, combined with a globally shared nonce. This makes it possible for unauthenticated attackers to cancel arbitrary bookings via brute force attacks against the tfhb_meeting_form_cencel AJAX endpoint.
๐@cveNotify
The Hydra Booking โ Appointment Scheduling & Booking Calendar plugin for WordPress is vulnerable to unauthorized booking cancellation in all versions up to, and including, 1.1.27. This is due to the plugin's "tfhb_meeting_form_submit_callback" function using insufficiently random values to generate booking cancellation tokens, combined with a globally shared nonce. This makes it possible for unauthenticated attackers to cancel arbitrary bookings via brute force attacks against the tfhb_meeting_form_cencel AJAX endpoint.
๐@cveNotify
๐จ CVE-2025-12788
The Hydra Booking โ Appointment Scheduling & Booking Calendar plugin for WordPress is vulnerable to missing payment verification to unauthenticated payment bypass in all versions up to, and including, 1.1.27. This is due to the plugin accepting client-controlled payment confirmation data in the tfhb_meeting_paypal_payment_confirmation_callback function without server-side verification with PayPal's API. This makes it possible for unauthenticated attackers to bypass payment requirements and confirm bookings as paid without any actual payment transaction occurring.
๐@cveNotify
The Hydra Booking โ Appointment Scheduling & Booking Calendar plugin for WordPress is vulnerable to missing payment verification to unauthenticated payment bypass in all versions up to, and including, 1.1.27. This is due to the plugin accepting client-controlled payment confirmation data in the tfhb_meeting_paypal_payment_confirmation_callback function without server-side verification with PayPal's API. This makes it possible for unauthenticated attackers to bypass payment requirements and confirm bookings as paid without any actual payment transaction occurring.
๐@cveNotify
๐จ CVE-2025-12846
The Blocksy Companion plugin for WordPress is vulnerable to authenticated arbitrary file upload in all versions up to, and including, 2.1.19. This is due to insufficient file type validation detecting SVG files, allowing double extension files to bypass sanitization while being accepted as a valid SVG file. This makes it possible for authenticated attackers, with author level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
๐@cveNotify
The Blocksy Companion plugin for WordPress is vulnerable to authenticated arbitrary file upload in all versions up to, and including, 2.1.19. This is due to insufficient file type validation detecting SVG files, allowing double extension files to bypass sanitization while being accepted as a valid SVG file. This makes it possible for authenticated attackers, with author level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
๐@cveNotify
๐จ CVE-2025-12953
The Classified Listing โ AI-Powered Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the "rtcl_ajax_add_listing_type", "rtcl_ajax_update_listing_type", and "rtcl_ajax_delete_listing_type" function in all versions up to, and including, 5.2.0. This makes it possible for authenticated attackers, with subscriber level access and above, to add, update, or delete listing types.
๐@cveNotify
The Classified Listing โ AI-Powered Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the "rtcl_ajax_add_listing_type", "rtcl_ajax_update_listing_type", and "rtcl_ajax_delete_listing_type" function in all versions up to, and including, 5.2.0. This makes it possible for authenticated attackers, with subscriber level access and above, to add, update, or delete listing types.
๐@cveNotify
๐จ CVE-2025-7430
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report.
๐@cveNotify
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report.
๐@cveNotify
Manageengine
CVE-2025-7430 - Stored XSS vulnerability in Exchange Reporter Plus
This page provides details about the CVE-2025-7430 vulnerability in Exchange Reporter Plus and outlines the incident response plan if your system is affected.
๐จ CVE-2025-3115
Injection Vulnerabilities: Attackers can inject malicious code, potentially gaining control over the system executing these functions.
Additionally, insufficient validation of filenames during file uploads can enable attackers to upload and execute malicious files, leading to arbitrary code execution
๐@cveNotify
Injection Vulnerabilities: Attackers can inject malicious code, potentially gaining control over the system executing these functions.
Additionally, insufficient validation of filenames during file uploads can enable attackers to upload and execute malicious files, leading to arbitrary code execution
๐@cveNotify
Spotfire Community
Spotfire Security Advisory: April 08, 2025: Spotfire - CVE-2025-3115
Spotfire Data Function Vulnerability Original release date: April 08, 2025 Last revised: โ CVE-2025-3115 Source: Cloud Software Group Inc. Products Affected Spotfire Statistics Services 14.0.6 and earlier Spotfire Statistics Services 14.1.0, 14.2.0, 14.3.0โฆ
๐จ CVE-2025-11960
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Aryom Software High Technology Systems Inc. KVKNET allows Reflected XSS.This issue affects KVKNET: before 2.1.8.
๐@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Aryom Software High Technology Systems Inc. KVKNET allows Reflected XSS.This issue affects KVKNET: before 2.1.8.
๐@cveNotify
๐จ CVE-2025-41101
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in'/projects/save'.
๐@cveNotify
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in'/projects/save'.
๐@cveNotify
www.incibe.es
Multiple vulnerabilities in Fairsketch's RISE CRM Framework
INCIBE has coordinated the publication of 6 medium-severity vulnerabilities that affect Fairsketch's R
๐จ CVE-2025-41102
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in '/events/save'.
๐@cveNotify
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in '/events/save'.
๐@cveNotify
www.incibe.es
Multiple vulnerabilities in Fairsketch's RISE CRM Framework
INCIBE has coordinated the publication of 6 medium-severity vulnerabilities that affect Fairsketch's R
๐จ CVE-2024-25420
An issue in Ignite Realtime Openfire before 4.8.1 allows a remote attacker to escalate privileges via the admin.authorizedJIDs system property component.
๐@cveNotify
An issue in Ignite Realtime Openfire before 4.8.1 allows a remote attacker to escalate privileges via the admin.authorizedJIDs system property component.
๐@cveNotify
GitHub
Openfire/xmppserver/src/main/java/org/jivesoftware/openfire/admin/AdminManager.java at main ยท igniterealtime/Openfire
An XMPP server licensed under the Open Source Apache License. - igniterealtime/Openfire
๐จ CVE-2025-9566
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file.
Binary-Affected: podman
Upstream-version-introduced: v4.0.0
Upstream-version-fixed: v5.6.1
๐@cveNotify
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file.
Binary-Affected: podman
Upstream-version-introduced: v4.0.0
Upstream-version-fixed: v5.6.1
๐@cveNotify
๐จ CVE-2025-11084
A security issue exists within DataMosaixโข Private Cloud, allowing attackers to bypass MFA during setup and obtain a valid login-token cookie without knowing the users password. This vulnerability occurs when MFA is enabled but not completed within a 7-day period.
๐@cveNotify
A security issue exists within DataMosaixโข Private Cloud, allowing attackers to bypass MFA during setup and obtain a valid login-token cookie without knowing the users password. This vulnerability occurs when MFA is enabled but not completed within a 7-day period.
๐@cveNotify
Rockwell Automation
SD1758 | Security Advisory | Rockwell Automation | US
FactoryTalkยฎ DataMosaixโข Private Cloud โ Multiple Vulnerabilities
๐จ CVE-2025-11085
A security issue exists within DataMosaixโข Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website.
๐@cveNotify
A security issue exists within DataMosaixโข Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website.
๐@cveNotify
Rockwell Automation
SD1758 | Security Advisory | Rockwell Automation | US
FactoryTalkยฎ DataMosaixโข Private Cloud โ Multiple Vulnerabilities
๐จ CVE-2025-11696
A local server-side request forgery (SSRF) security issue exists within Studio 5000ยฎ Simulation Interfaceโข via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes.
๐@cveNotify
A local server-side request forgery (SSRF) security issue exists within Studio 5000ยฎ Simulation Interfaceโข via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes.
๐@cveNotify
Rockwell Automation
SD1760 | Security Advisory | Rockwell Automation | US
Studio 5000 ยฎ Simulation Interface - Multiple Vulnerabilities
๐จ CVE-2025-11697
A local code execution security issue exists within Studio 5000ยฎ Simulation Interfaceโข via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts with Administrator privileges on system reboot.
๐@cveNotify
A local code execution security issue exists within Studio 5000ยฎ Simulation Interfaceโข via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts with Administrator privileges on system reboot.
๐@cveNotify
Rockwell Automation
SD1760 | Security Advisory | Rockwell Automation | US
Studio 5000 ยฎ Simulation Interface - Multiple Vulnerabilities
๐จ CVE-2025-11862
A security issue was discovered within Verve Asset Manager allowing unauthorized read-only users to read, update, and delete users via the API.
๐@cveNotify
A security issue was discovered within Verve Asset Manager allowing unauthorized read-only users to read, update, and delete users via the API.
๐@cveNotify
Rockwell Automation
SD1759 | Security Advisory | Rockwell Automation | US
Verve Asset Manager Access Control Vulnerability