Year: 2025

CVE Alert: CVE-2025-1553

February 23, 2025

Vulnerability Summary: CVE-2025-1553 A vulnerability was found in pankajindevops scale up to 3633544a00245d3df88b6d13d9b3dd0f411be7f6. It has been classified as problematic. Affected...

CVE Alert: CVE-2025-0953

February 23, 2025

Vulnerability Summary: CVE-2025-0953 The SMTP for Sendinblue – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions...

CVE Alert: CVE-2025-1556

February 23, 2025

Vulnerability Summary: CVE-2025-1556 A vulnerability, which was classified as problematic, has been found in westboy CicadasCMS 1.0. This issue affects...

Vulnerability Summary: CVE-2025-26764 Missing Authorization vulnerability in enituretechnology Distance Based Shipping Calculator allows Exploiting Incorrectly Configured Access Control Security Levels....

CVE Alert: CVE-2025-0918

February 23, 2025

Vulnerability Summary: CVE-2025-0918 The SMTP for SendGrid – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions...

CVE Alert: CVE-2025-1557

February 23, 2025

Vulnerability Summary: CVE-2025-1557 A vulnerability, which was classified as problematic, was found in OFCMS 1.1.3. Affected is an unknown function....

CVE Alert: CVE-2025-0957

February 23, 2025

Vulnerability Summary: CVE-2025-0957 The SMTP for Amazon SES – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in...

CVE Alert: CVE-2025-26757

February 23, 2025

Vulnerability Summary: CVE-2025-26757 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in FULL...

CVE Alert: CVE-2025-26760

February 23, 2025

Vulnerability Summary: CVE-2025-26760 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Wow-Company...

CVE Alert: CVE-2025-26750

February 23, 2025

Vulnerability Summary: CVE-2025-26750 Missing Authorization vulnerability in appsbd Vitepos allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects...

CVE Alert: CVE-2025-26756

February 23, 2025

Vulnerability Summary: CVE-2025-26756 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in grimdonkey Magic the Gathering Card...

CVE Alert: CVE-2025-26763

February 23, 2025

Vulnerability Summary: CVE-2025-26763 Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection. This issue affects...

CVE Alert: CVE-2025-27012

February 23, 2025

Vulnerability Summary: CVE-2025-27012 Cross-Site Request Forgery (CSRF) vulnerability in a1post A1POST.BG Shipping for Woo allows Privilege Escalation. This issue affects...

CVE Alert: CVE-2025-26973

February 23, 2025

Vulnerability Summary: CVE-2025-26973 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WarfarePlugins Social Warfare allows DOM-Based...

CVE Alert: CVE-2022-28339

February 23, 2025

Vulnerability Summary: CVE-2022-28339 Trend Micro HouseCall for Home Networks version 5.3.1302 and below contains an uncontrolled search patch element vulnerability...

CVE Alert: CVE-2025-26776

February 23, 2025

Vulnerability Summary: CVE-2025-26776 Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload a Web Shell...

CVE Alert: CVE-2025-26774

February 23, 2025

Vulnerability Summary: CVE-2025-26774 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rock Solid Responsive Modal Builder...

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

February 23, 2025

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

CISA: CISA and FBI Release Updated Guidance on Product Security Bad Practices

February 23, 2025

CISA and FBI Release Updated Guidance on Product Security Bad Practices In partnership with the Federal Bureau of Investigation (FBI),...

CISA: CISA Releases Three Industrial Control Systems Advisories

February 23, 2025

CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on January 21, 2025. These...

CISA: CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications

February 23, 2025

CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications CISA, in partnership with...

CISA: CISA Releases Six Industrial Control Systems Advisories

February 23, 2025

CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on January 23, 2025. These...

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

February 23, 2025

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

February 23, 2025

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

Year: 2025

CVE Alert: CVE-2025-1553

CVE Alert: CVE-2025-0953

CVE Alert: CVE-2025-1556

CVE Alert: CVE-2025-26764

CVE Alert: CVE-2025-0918

CVE Alert: CVE-2025-1557

CVE Alert: CVE-2025-0957

CVE Alert: CVE-2025-26757

CVE Alert: CVE-2025-26760

CVE Alert: CVE-2025-26750

CVE Alert: CVE-2025-26756

CVE Alert: CVE-2025-26763

CVE Alert: CVE-2025-27012

CVE Alert: CVE-2025-26973

CVE Alert: CVE-2022-28339

CVE Alert: CVE-2025-26776

CVE Alert: CVE-2025-26774

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA and FBI Release Updated Guidance on Product Security Bad Practices

CISA: CISA Releases Three Industrial Control Systems Advisories

CISA: CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications

CISA: CISA Releases Six Industrial Control Systems Advisories

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

HackerOne Bug Bounty Disclosure: tls-client-authentication-can-be-bypassed-due-to-ticket-resumption-snhebrok

HackerOne Bug Bounty Disclosure: apache-airflow-sql-injection-by-authenticated-user-nxczje

HackerOne Bug Bounty Disclosure: cve-denial-of-service-vulnerability-in-ipv-validation-sav

HackerOne Bug Bounty Disclosure: -security-cve-apache-tomcat-rce-via-write-enabled-default-servlet-nacl

CVE Alert: CVE-2025-5177

You may have missed