Palo Alto Networks Security Advisories /PAN-SA-2025-0016PAN-SA-2025-0016 Chromium: Monthly Vulnerability Update (October 2025)UrgencyMODERATE047910Severity6.1 ·MEDIUMExploit MaturityUNREPORTEDResponse EffortMODERATERecoveryUSERValue DensityDIFFUSEAttack VectorNETWORKAttack ComplexityLOWAttack RequirementsNONEAutomatableNOUser InteractionACTIVEProduct...
CVE-2025-55321 HIGHNo exploitation known Improper neutralization of input during web page generation ('cross-site scripting') in Azure Monitor allows an authorized...
CVE-2025-59271 HIGHNo exploitation known Redis Enterprise Elevation of Privilege Vulnerability CVSS v3.1 (8.7) Vendor Microsoft, Microsoft Product Azure Cache for...
CVE-2025-11558 HIGHNo exploitation known A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the...
CVE-2025-11557 HIGHNo exploitation known A vulnerability has been found in projectworlds Gate Pass Management System 1.0. This issue affects some...
CVE-2025-59247 HIGHNo exploitation known Azure PlayFab Elevation of Privilege Vulnerability CVSS v3.1 (8.8) Vendor Microsoft Product Azure PlayFab Versions N/A...
CVE-2025-60004 HIGHNo exploitation known An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of...
CVE-2025-11555 HIGHNo exploitation known A vulnerability was detected in Campcodes Online Learning Management System 1.0. This affects an unknown part...
CVE-2025-59975 HIGHNo exploitation known An Uncontrolled Resource Consumption vulnerability in the HTTP daemon (httpd) of Juniper Networks Junos Space allows...
CVE-2025-11556 HIGHNo exploitation known A flaw has been found in code-projects Simple Leave Manager 1.0. This vulnerability affects unknown code...
CVE-2025-59974 HIGHNo exploitation known An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Junos Space Security...
CVE-2025-59964 HIGHNo exploitation known A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos...
CVE-2025-10862 HIGHNo exploitation known The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is...
CVE-2025-11198 HIGHNo exploitation known A Missing Authentication for Critical Function vulnerability in Juniper Networks Security Director Policy Enforcer allows an...
CVE-2025-11561 HIGHNo exploitation known A flaw was found in the integration of Active Directory and the System Security Services Daemon...
CVE-2025-59968 HIGHNo exploitation known A Missing Authorization vulnerability in the Juniper Networks Junos Space Security Director allows an unauthenticated network-based...
CVE-2025-47349 HIGHNo exploitation known Memory corruption while processing an escape call. CVSS v3.1 (7.8) AV LOCAL · AC LOW ·...
CVE-2025-47351 HIGHNo exploitation known Memory corruption while processing user buffers. CVSS v3.1 (7.8) AV LOCAL · AC LOW · PR...
CVE-2025-47347 HIGHNo exploitation known Memory corruption while processing control commands in the virtual memory management interface. CVSS v3.1 (7.8) AV...
CVE-2025-47354 HIGHNo exploitation known Memory corruption while allocating buffers in DSP service. CVSS v3.1 (7.8) AV LOCAL · AC LOW...
CVE-2025-47342 HIGHNo exploitation known Transient DOS may occur when multi-profile concurrency arises with QHS enabled. CVSS v3.1 (7.1) AV NETWORK...
CVE-2025-47338 HIGHNo exploitation known Memory corruption while processing escape commands from userspace. CVSS v3.1 (7.8) AV LOCAL · AC LOW...
CVE-2025-47341 HIGHNo exploitation known memory corruption while processing an image encoding completion event. CVSS v3.1 (7.8) AV LOCAL · AC...
CVE-2025-11523 MEDIUMNo exploitation knownPoC observed A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the...
