๐จ CVE-2025-68461
Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a Cross-Site-Scripting (XSS) vulnerability via the animate tag in an SVG document.
๐@cveNotify
Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a Cross-Site-Scripting (XSS) vulnerability via the animate tag in an SVG document.
๐@cveNotify
GitHub
Fix Cross-Site-Scripting vulnerability via SVG's animate tag ยท roundcube/roundcubemail@bfa0326
reported by Valentin T., CrowdStrike
๐จ CVE-2025-27063
Memory corruption during video playback when video session open fails with time out error.
๐@cveNotify
Memory corruption during video playback when video session open fails with time out error.
๐@cveNotify
๐จ CVE-2025-47319
Information disclosure while exposing internal TA-to-TA communication APIs to HLOS
๐@cveNotify
Information disclosure while exposing internal TA-to-TA communication APIs to HLOS
๐@cveNotify
๐จ CVE-2025-47320
Memory corruption while processing MFC channel configuration during music playback.
๐@cveNotify
Memory corruption while processing MFC channel configuration during music playback.
๐@cveNotify
๐จ CVE-2025-47321
Memory corruption while copying packets received from unix clients.
๐@cveNotify
Memory corruption while copying packets received from unix clients.
๐@cveNotify
๐จ CVE-2025-47323
Memory corruption while routing GPR packets between user and root when handling large data packet.
๐@cveNotify
Memory corruption while routing GPR packets between user and root when handling large data packet.
๐@cveNotify
๐จ CVE-2025-47325
Information disclosure while processing system calls with invalid parameters.
๐@cveNotify
Information disclosure while processing system calls with invalid parameters.
๐@cveNotify
๐จ CVE-2025-47350
Memory corruption while handling concurrent memory mapping and unmapping requests from a user-space application.
๐@cveNotify
Memory corruption while handling concurrent memory mapping and unmapping requests from a user-space application.
๐@cveNotify
๐จ CVE-2025-47372
Memory Corruption when a corrupted ELF image with an oversized file size is read into a buffer without authentication.
๐@cveNotify
Memory Corruption when a corrupted ELF image with an oversized file size is read into a buffer without authentication.
๐@cveNotify
๐จ CVE-2025-47382
Memory corruption while loading an invalid firmware in boot loader.
๐@cveNotify
Memory corruption while loading an invalid firmware in boot loader.
๐@cveNotify
๐จ CVE-2025-47387
Memory Corruption when processing IOCTLs for JPEG data without verification.
๐@cveNotify
Memory Corruption when processing IOCTLs for JPEG data without verification.
๐@cveNotify
๐จ CVE-2025-5987
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes.
๐@cveNotify
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes.
๐@cveNotify
๐จ CVE-2025-14874
A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header that triggers infinite recursion in the address parser.
๐@cveNotify
A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header that triggers infinite recursion in the address parser.
๐@cveNotify
๐จ CVE-2025-13502
A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash (DoS) via a crafted payload to the GLib remote inspector server.
๐@cveNotify
A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash (DoS) via a crafted payload to the GLib remote inspector server.
๐@cveNotify
๐จ CVE-2025-13947
A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside the browser.
๐@cveNotify
A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside the browser.
๐@cveNotify
๐จ CVE-2025-66287
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling.
๐@cveNotify
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling.
๐@cveNotify
๐จ CVE-2025-13641
The Photo Gallery, Sliders, Proofing and Themes โ NextGEN Gallery plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.59.12 via the 'template' shortcode parameter. This is due to insufficient path validation that allows absolute paths to be provided. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary PHP files on the server, bypassing web server restrictions like .htaccess. Successful exploitation could lead to information disclosure, code execution in the WordPress context, and potential remote code execution if combined with arbitrary file upload capabilities.
๐@cveNotify
The Photo Gallery, Sliders, Proofing and Themes โ NextGEN Gallery plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.59.12 via the 'template' shortcode parameter. This is due to insufficient path validation that allows absolute paths to be provided. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary PHP files on the server, bypassing web server restrictions like .htaccess. Successful exploitation could lead to information disclosure, code execution in the WordPress context, and potential remote code execution if combined with arbitrary file upload capabilities.
๐@cveNotify
๐จ CVE-2025-13730
The OpenID Connect Generic Client plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'openid_connect_generic_auth_url' shortcode in all versions up to, and including, 3.10.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
๐@cveNotify
The OpenID Connect Generic Client plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'openid_connect_generic_auth_url' shortcode in all versions up to, and including, 3.10.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
๐@cveNotify
๐จ CVE-2025-14364
The Demo Importer Plus plugin for WordPress is vulnerable to unauthorized modification of data, loss of data, and privilege escalation due to a missing capability check on the Ajax::handle_request() function in all versions up to, and including, 2.0.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to trigger a full site reset, dropping all database tables except users/usermeta and re-running wp_install(), which also assigns the Administrator role to the attacking subscriber account.
๐@cveNotify
The Demo Importer Plus plugin for WordPress is vulnerable to unauthorized modification of data, loss of data, and privilege escalation due to a missing capability check on the Ajax::handle_request() function in all versions up to, and including, 2.0.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to trigger a full site reset, dropping all database tables except users/usermeta and re-running wp_install(), which also assigns the Administrator role to the attacking subscriber account.
๐@cveNotify
๐จ CVE-2025-13609
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identity, enabling the attacker to impersonate the compromised agent and potentially bypass security controls.
๐@cveNotify
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identity, enabling the attacker to impersonate the compromised agent and potentially bypass security controls.
๐@cveNotify