{
"Source": "CVE FEED",
"Title": "CVE-2025-53174 - Adobe Illustrator Stack Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-53174
Published : July 7, 2025, 3:15 a.m. | 18 minutes ago
Description : Stack overflow risk when vector images are parsed during file preview
Impact: Successful exploitation of this vulnerability may affect the file preview function.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-53174 - Adobe Illustrator Stack Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-53174
Published : July 7, 2025, 3:15 a.m. | 18 minutes ago
Description : Stack overflow risk when vector images are parsed during file preview
Impact: Successful exploitation of this vulnerability may affect the file preview function.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-53175 - Adobe Illustrator Stack Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-53175
Published : July 7, 2025, 3:15 a.m. | 18 minutes ago
Description : Stack overflow risk when vector images are parsed during file preview
Impact: Successful exploitation of this vulnerability may affect the file preview function.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-53175 - Adobe Illustrator Stack Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-53175
Published : July 7, 2025, 3:15 a.m. | 18 minutes ago
Description : Stack overflow risk when vector images are parsed during file preview
Impact: Successful exploitation of this vulnerability may affect the file preview function.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-53176 - Adobe Illustrator Heap-Based Buffer Overflow",
"Content": "CVE ID : CVE-2025-53176
Published : July 7, 2025, 3:15 a.m. | 18 minutes ago
Description : Stack overflow risk when vector images are parsed during file preview
Impact: Successful exploitation of this vulnerability may affect the file preview function.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-53176 - Adobe Illustrator Heap-Based Buffer Overflow",
"Content": "CVE ID : CVE-2025-53176
Published : July 7, 2025, 3:15 a.m. | 18 minutes ago
Description : Stack overflow risk when vector images are parsed during file preview
Impact: Successful exploitation of this vulnerability may affect the file preview function.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-53177 - Fossil Calendar Storage Module Permission Bypass Vulnerability",
"Content": "CVE ID : CVE-2025-53177
Published : July 7, 2025, 3:15 a.m. | 18 minutes ago
Description : Permission bypass vulnerability in the calendar storage module
Impact: Successful exploitation of this vulnerability may affect the schedule syncing function of watches.
Severity: 3.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-53177 - Fossil Calendar Storage Module Permission Bypass Vulnerability",
"Content": "CVE ID : CVE-2025-53177
Published : July 7, 2025, 3:15 a.m. | 18 minutes ago
Description : Permission bypass vulnerability in the calendar storage module
Impact: Successful exploitation of this vulnerability may affect the schedule syncing function of watches.
Severity: 3.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-53167 - "Apache Distributed Collaboration Framework Authentication Bypass"",
"Content": "CVE ID : CVE-2025-53167
Published : July 7, 2025, 3:15 a.m. | 18 minutes ago
Description : Authentication vulnerability in the distributed collaboration framework module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-53167 - "Apache Distributed Collaboration Framework Authentication Bypass"",
"Content": "CVE ID : CVE-2025-53167
Published : July 7, 2025, 3:15 a.m. | 18 minutes ago
Description : Authentication vulnerability in the distributed collaboration framework module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-53473 - Nimesa Backup and Recovery SSRF Vulnerability",
"Content": "CVE ID : CVE-2025-53473
Published : July 7, 2025, 5:15 a.m. | 28 minutes ago
Description : Server-side request forgery (SSRF) vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, unintended requests may be sent to internal servers.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-53473 - Nimesa Backup and Recovery SSRF Vulnerability",
"Content": "CVE ID : CVE-2025-53473
Published : July 7, 2025, 5:15 a.m. | 28 minutes ago
Description : Server-side request forgery (SSRF) vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, unintended requests may be sent to internal servers.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-7111 - Portabilis i-Educar Cross-Site Scripting Vulnerability in Course Module",
"Content": "CVE ID : CVE-2025-7111
Published : July 7, 2025, 5:15 a.m. | 28 minutes ago
Description : A vulnerability has been found in Portabilis i-Educar 2.9.0 and classified as problematic. This vulnerability affects unknown code of the file /intranet/educar_curso_det.php?cod_curso=ID of the component Course Module. The manipulation of the argument Curso leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-7111 - Portabilis i-Educar Cross-Site Scripting Vulnerability in Course Module",
"Content": "CVE ID : CVE-2025-7111
Published : July 7, 2025, 5:15 a.m. | 28 minutes ago
Description : A vulnerability has been found in Portabilis i-Educar 2.9.0 and classified as problematic. This vulnerability affects unknown code of the file /intranet/educar_curso_det.php?cod_curso=ID of the component Course Module. The manipulation of the argument Curso leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-7112 - Portabilis i-Educar Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-7112
Published : July 7, 2025, 5:15 a.m. | 28 minutes ago
Description : A vulnerability was found in Portabilis i-Educar 2.9.0 and classified as problematic. This issue affects some unknown processing of the file /intranet/educar_funcao_det.php?cod_funcao=COD&ref_cod_instituicao=COD of the component Function Management Module. The manipulation of the argument Funรงรฃo leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-7112 - Portabilis i-Educar Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-7112
Published : July 7, 2025, 5:15 a.m. | 28 minutes ago
Description : A vulnerability was found in Portabilis i-Educar 2.9.0 and classified as problematic. This issue affects some unknown processing of the file /intranet/educar_funcao_det.php?cod_funcao=COD&ref_cod_instituicao=COD of the component Function Management Module. The manipulation of the argument Funรงรฃo leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-7113 - Portabilis i-Educar Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-7113
Published : July 7, 2025, 5:15 a.m. | 28 minutes ago
Description : A vulnerability was found in Portabilis i-Educar 2.9.0. It has been classified as problematic. Affected is an unknown function of the file /module/ComponenteCurricular/edit?id=ID of the component Curricular Components Module. The manipulation of the argument Nome leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-7113 - Portabilis i-Educar Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-7113
Published : July 7, 2025, 5:15 a.m. | 28 minutes ago
Description : A vulnerability was found in Portabilis i-Educar 2.9.0. It has been classified as problematic. Affected is an unknown function of the file /module/ComponenteCurricular/edit?id=ID of the component Curricular Components Module. The manipulation of the argument Nome leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-24508 - VMware IT Management Agent Credentials Exposure",
"Content": "CVE ID : CVE-2025-24508
Published : July 7, 2025, 5:15 a.m. | 28 minutes ago
Description : Extraction of Account Connectivity Credentials (ACCs) from the IT Management Agent secure storage
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-24508 - VMware IT Management Agent Credentials Exposure",
"Content": "CVE ID : CVE-2025-24508
Published : July 7, 2025, 5:15 a.m. | 28 minutes ago
Description : Extraction of Account Connectivity Credentials (ACCs) from the IT Management Agent secure storage
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-48501 - Nimesa Backup and Recovery Command Injection Vulnerability",
"Content": "CVE ID : CVE-2025-48501
Published : July 7, 2025, 5:15 a.m. | 28 minutes ago
Description : An OS command injection issue exists in Nimesa Backup and Recovery v2.3 and v2.4. If this vulnerability is exploited, an arbitrary OS commands may be executed on the server where the product is running.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-48501 - Nimesa Backup and Recovery Command Injection Vulnerability",
"Content": "CVE ID : CVE-2025-48501
Published : July 7, 2025, 5:15 a.m. | 28 minutes ago
Description : An OS command injection issue exists in Nimesa Backup and Recovery v2.3 and v2.4. If this vulnerability is exploited, an arbitrary OS commands may be executed on the server where the product is running.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-7110 - Portabilis i-Educar Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-7110
Published : July 7, 2025, 4:15 a.m. | 1 hour, 28 minutes ago
Description : A vulnerability, which was classified as problematic, was found in Portabilis i-Educar 2.9.0. This affects an unknown part of the file /intranet/educar_escola_lst.php of the component School Module. The manipulation of the argument Escola leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-7110 - Portabilis i-Educar Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-7110
Published : July 7, 2025, 4:15 a.m. | 1 hour, 28 minutes ago
Description : A vulnerability, which was classified as problematic, was found in Portabilis i-Educar 2.9.0. This affects an unknown part of the file /intranet/educar_escola_lst.php of the component School Module. The manipulation of the argument Escola leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-7116 - UTT ่ฟๅ Wireless Config Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-7116
Published : July 7, 2025, 7:15 a.m. | 36 minutes ago
Description : A vulnerability classified as critical has been found in UTT ่ฟๅ 750W up to 3.2.2-191225. This affects an unknown part of the file /goform/Fast_wireless_conf. The manipulation of the argument ssid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-7116 - UTT ่ฟๅ Wireless Config Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-7116
Published : July 7, 2025, 7:15 a.m. | 36 minutes ago
Description : A vulnerability classified as critical has been found in UTT ่ฟๅ 750W up to 3.2.2-191225. This affects an unknown part of the file /goform/Fast_wireless_conf. The manipulation of the argument ssid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-7117 - UTT HiPER 840G Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-7117
Published : July 7, 2025, 7:15 a.m. | 36 minutes ago
Description : A vulnerability classified as critical was found in UTT HiPER 840G up to 3.1.1-190328. This vulnerability affects unknown code of the file /goform/websWhiteList. The manipulation of the argument addHostFilter leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-7117 - UTT HiPER 840G Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-7117
Published : July 7, 2025, 7:15 a.m. | 36 minutes ago
Description : A vulnerability classified as critical was found in UTT HiPER 840G up to 3.1.1-190328. This vulnerability affects unknown code of the file /goform/websWhiteList. The manipulation of the argument addHostFilter leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-41672 - Citrix NetScaler JWT Token Default Certificate Vulnerability",
"Content": "CVE ID : CVE-2025-41672
Published : July 7, 2025, 7:15 a.m. | 36 minutes ago
Description : A remote unauthenticated attacker may use default certificates to generate JWT Tokens and gain full access to the tool and all connected devices.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-41672 - Citrix NetScaler JWT Token Default Certificate Vulnerability",
"Content": "CVE ID : CVE-2025-41672
Published : July 7, 2025, 7:15 a.m. | 36 minutes ago
Description : A remote unauthenticated attacker may use default certificates to generate JWT Tokens and gain full access to the tool and all connected devices.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-7114 - SimStudioAI Session Handler Missing Authentication Vulnerability",
"Content": "CVE ID : CVE-2025-7114
Published : July 7, 2025, 6:15 a.m. | 1 hour, 36 minutes ago
Description : A vulnerability was found in SimStudioAI sim up to 37786d371e17d35e0764e1b5cd519d873d90d97b. It has been declared as critical. Affected by this vulnerability is the function POST of the file apps/sim/app/api/files/upload/route.ts of the component Session Handler. The manipulation of the argument Request leads to missing authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-7114 - SimStudioAI Session Handler Missing Authentication Vulnerability",
"Content": "CVE ID : CVE-2025-7114
Published : July 7, 2025, 6:15 a.m. | 1 hour, 36 minutes ago
Description : A vulnerability was found in SimStudioAI sim up to 37786d371e17d35e0764e1b5cd519d873d90d97b. It has been declared as critical. Affected by this vulnerability is the function POST of the file apps/sim/app/api/files/upload/route.ts of the component Session Handler. The manipulation of the argument Request leads to missing authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-7115 - Rowboatlabs Rowboat Remote Authentication Bypass Vulnerability",
"Content": "CVE ID : CVE-2025-7115
Published : July 7, 2025, 6:15 a.m. | 1 hour, 36 minutes ago
Description : A vulnerability was found in rowboatlabs rowboat up to 8096eaf63b5a0732edd8f812bee05b78e214ee97. It has been rated as critical. Affected by this issue is the function PUT of the file apps/rowboat/app/api/uploads/[fileId]/route.ts of the component Session Handler. The manipulation of the argument params leads to missing authentication. The attack may be launched remotely. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. It is expected that this issue will be fixed in the near future.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-7115 - Rowboatlabs Rowboat Remote Authentication Bypass Vulnerability",
"Content": "CVE ID : CVE-2025-7115
Published : July 7, 2025, 6:15 a.m. | 1 hour, 36 minutes ago
Description : A vulnerability was found in rowboatlabs rowboat up to 8096eaf63b5a0732edd8f812bee05b78e214ee97. It has been rated as critical. Affected by this issue is the function PUT of the file apps/rowboat/app/api/uploads/[fileId]/route.ts of the component Session Handler. The manipulation of the argument params leads to missing authentication. The attack may be launched remotely. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. It is expected that this issue will be fixed in the near future.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-7121 - Campcodes Complaint Management System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-7121
Published : July 7, 2025, 9:15 a.m. | 40 minutes ago
Description : A vulnerability was found in Campcodes Complaint Management System 1.0. It has been classified as critical. This affects an unknown part of the file /users/complaint-details.php. The manipulation of the argument cid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-7121 - Campcodes Complaint Management System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-7121
Published : July 7, 2025, 9:15 a.m. | 40 minutes ago
Description : A vulnerability was found in Campcodes Complaint Management System 1.0. It has been classified as critical. This affects an unknown part of the file /users/complaint-details.php. The manipulation of the argument cid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-7120 - Campcodes Complaint Management System SQL Injection",
"Content": "CVE ID : CVE-2025-7120
Published : July 7, 2025, 9:15 a.m. | 40 minutes ago
Description : A vulnerability was found in Campcodes Complaint Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /users/check_availability.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-7120 - Campcodes Complaint Management System SQL Injection",
"Content": "CVE ID : CVE-2025-7120
Published : July 7, 2025, 9:15 a.m. | 40 minutes ago
Description : A vulnerability was found in Campcodes Complaint Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /users/check_availability.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-3920 - SUR-FBD CMMS Hard-Coded Credentials Disclosure",
"Content": "CVE ID : CVE-2025-3920
Published : July 7, 2025, 9:15 a.m. | 40 minutes ago
Description : A vulnerability was identified in SUR-FBD CMMS where hard-coded credentials were found within a compiled DLL file. These credentials correspond to a built-in administrative account of the software. An attacker with local access to the system or the application's installation directory could extract these credentials, potentially leading to a complete compromise of the application's administrative functions. This issue was fixed in version 2025.03.27 of the SUR-FBD CMMS software.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-3920 - SUR-FBD CMMS Hard-Coded Credentials Disclosure",
"Content": "CVE ID : CVE-2025-3920
Published : July 7, 2025, 9:15 a.m. | 40 minutes ago
Description : A vulnerability was identified in SUR-FBD CMMS where hard-coded credentials were found within a compiled DLL file. These credentials correspond to a built-in administrative account of the software. An attacker with local access to the system or the application's installation directory could extract these credentials, potentially leading to a complete compromise of the application's administrative functions. This issue was fixed in version 2025.03.27 of the SUR-FBD CMMS software.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-7118 - UTT HiPER 840G Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-7118
Published : July 7, 2025, 8:15 a.m. | 1 hour, 40 minutes ago
Description : A vulnerability, which was classified as critical, has been found in UTT HiPER 840G up to 3.1.1-190328. This issue affects some unknown processing of the file /goform/formPictureUrl. The manipulation of the argument importpictureurl leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-7118 - UTT HiPER 840G Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-7118
Published : July 7, 2025, 8:15 a.m. | 1 hour, 40 minutes ago
Description : A vulnerability, which was classified as critical, has been found in UTT HiPER 840G up to 3.1.1-190328. This issue affects some unknown processing of the file /goform/formPictureUrl. The manipulation of the argument importpictureurl leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น