Total
313272 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-49146 | 1 Postgresql | 1 Postgresql Jdbc Driver | 2025-10-06 | N/A | 8.2 HIGH |
| pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding set to required (default value is prefer), the driver would incorrectly allow connections to proceed with authentication methods that do not support channel binding (such as password, MD5, GSS, or SSPI authentication). This could allow a man-in-the-middle attacker to intercept connections that users believed were protected by channel binding requirements. This vulnerability is fixed in 42.7.7. | |||||
| CVE-2025-9710 | 2025-10-06 | N/A | 6.3 MEDIUM | ||
| The Responsive Lightbox & Gallery WordPress plugin before 2.5.3 does not properly handle HTML tag attributes modifications, potentially allowing unauthenticated attackers to abuse the functionality to include event handlers and conduct Stored XSS attacks. | |||||
| CVE-2025-9703 | 2025-10-06 | N/A | 4.3 MEDIUM | ||
| The Ultimate Addons for Elementor (Formerly Elementor Header & Footer Builder) WordPress plugin before 2.5.0 does not sanitize SVG file contents when uploaded through the xmlrpc.php endpoint using base64 encode, leading to a Cross-Site Scripting vulnerability. | |||||
| CVE-2025-61985 | 2025-10-06 | N/A | 3.6 LOW | ||
| ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used. | |||||
| CVE-2025-60967 | 2025-10-06 | N/A | 7.3 HIGH | ||
| Cross Site Scripting (XSS) vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0076-000 Ver 4.00 allows attackers to gain sensitive information. | |||||
| CVE-2025-59951 | 2025-10-06 | N/A | N/A | ||
| Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The official Docker image for Termix versions 1.5.0 and below, due to being configured with an Nginx reverse proxy, causes the backend to retrieve the proxy's IP instead of the client's IP when using the req.ip method. This results in isLocalhost always returning True. Consequently, the /ssh/db/host/internal endpoint can be accessed directly without login or authentication. This endpoint records the system's stored SSH host information, including addresses, usernames, and passwords, posing an extremely high security risk. Users who use the official Termix docker image, build their own image using the official dockerfile, or utilize reverse proxy functionality will be affected by this vulnerability. This issue is fixed in version 1.6.0. | |||||
| CVE-2025-54086 | 2025-10-06 | N/A | N/A | ||
| CVE-2025-54086 is an excess permissions vulnerability in the Warehouse component of Absolute Secure Access prior to version 14.10. Attackers with access to the local file system can read the Java keystore file. The attack complexity is low, there are no attack requirements, the privileges required are low and no user interaction is required. Impact to confidentiality is low, there is no impact to integrity or availability. | |||||
| CVE-2025-28129 | 2025-10-06 | N/A | 5.4 MEDIUM | ||
| Phpgurukul Hostel Management System 2.1 is vulnerable to clickjacking. | |||||
| CVE-2025-11345 | 2025-10-06 | 6.5 MEDIUM | 5.5 MEDIUM | ||
| A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgrading the affected component is advised. | |||||
| CVE-2025-11343 | 2025-10-06 | 7.5 HIGH | 7.3 HIGH | ||
| A security vulnerability has been detected in code-projects Student Crud Operation 3.3. Affected is an unknown function of the file delete.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-49154 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Worry-free Business Security and 1 more | 2025-10-06 | N/A | 8.7 HIGH |
| An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker to overwrite key memory-mapped files which could then have severe consequences for the security and stability of affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2025-9149 | 1 Wavlink | 2 Wl-nu516u1, Wl-nu516u1 Firmware | 2025-10-06 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was determined in Wavlink WL-NU516U1 M16U1_V240425. This impacts the function sub_4032E4 of the file /cgi-bin/wireless.cgi. This manipulation of the argument Guest_ssid causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-9303 | 1 Totolink | 2 A720r, A720r Firmware | 2025-10-06 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in TOTOLINK A720R 4.1.5cu.630_B20250509. This issue affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument desc results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2025-9384 | 1 Broadcom | 1 Tcpreplay | 2025-10-06 | 1.7 LOW | 3.3 LOW |
| A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpedit_post_args of the file /src/tcpedit/parse_args.c. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may be used. Upgrading to version 4.5.2-beta2 is recommended to address this issue. Upgrading the affected component is advised. The vendor explains, that he was "[a]ble to reproduce in 6fcbf03 but not in 4.5.2-beta2". | |||||
| CVE-2025-9385 | 1 Broadcom | 1 Tcpreplay | 2025-10-06 | 4.3 MEDIUM | 5.3 MEDIUM |
| A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been published and may be used. Upgrading to version 4.5.2-beta3 is sufficient to fix this issue. It is advisable to upgrade the affected component. | |||||
| CVE-2025-9386 | 1 Broadcom | 1 Tcpreplay | 2025-10-06 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function get_l2len_protocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Upgrading to version 4.5.2-beta3 is sufficient to resolve this issue. You should upgrade the affected component. | |||||
| CVE-2025-9409 | 1 Lostvip | 1 Ruoyi-go | 2025-10-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| A security flaw has been discovered in lostvip-com ruoyi-go up to 2.1. Impacted is the function DownloadTmp/DownloadUpload of the file modules/system/controller/CommonController.go. Performing manipulation of the argument fileName results in path traversal. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-6985 | 2025-10-06 | N/A | 7.5 HIGH | ||
| The HTMLSectionSplitter class in langchain-text-splitters version 0.3.8 is vulnerable to XML External Entity (XXE) attacks due to unsafe XSLT parsing. This vulnerability arises because the class allows the use of arbitrary XSLT stylesheets, which are parsed using lxml.etree.parse() and lxml.etree.XSLT() without any hardening measures. In lxml versions up to 4.9.x, external entities are resolved by default, allowing attackers to read arbitrary local files or perform outbound HTTP(S) fetches. In lxml versions 5.0 and above, while entity expansion is disabled, the XSLT document() function can still read any URI unless XSLTAccessControl is applied. This vulnerability allows remote attackers to gain read-only access to any file the LangChain process can reach, including sensitive files such as SSH keys, environment files, source code, or cloud metadata. No authentication, special privileges, or user interaction are required, and the issue is exploitable in default deployments that enable custom XSLT. | |||||
| CVE-2025-61769 | 2025-10-06 | N/A | N/A | ||
| Emlog is an open source website building system. A cross-site scripting (XSS) vulnerability in emlog up to and including version 2.5.22 allows authenticated remote attackers to inject arbitrary web script or HTML via the file upload functionality. As an authenticated user it is possible to upload .svg file that contains JavaScript code that is later being executed. Commit 052f9c4226b2c0014bcd857fec47677340b185b1 fixes the issue. | |||||
| CVE-2025-60965 | 2025-10-06 | N/A | 9.1 CRITICAL | ||
| OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts. | |||||