CVE Alert: CVE-2025-20340 – Cisco – Cisco IOS XR Software
CVE-2025-20340 HIGHNo exploitation known A vulnerability in the Address Resolution Protocol (ARP) implementation of Cisco IOS XR Software could allow...
Vulnerabilities
CVE Alert: CVE-2025-41714 – Welotec – SmartEMS Web Application
CVE-2025-41714 HIGHNo exploitation known The upload endpoint insufficiently validates the 'Upload-Key' request header. By supplying path traversal sequences, an authenticated...
CVE Alert: CVE-2025-10049 – nik00726 – Responsive Filterable Portfolio
CVE-2025-10049 HIGHNo exploitation known The Responsive Filterable Portfolio plugin for WordPress is vulnerable to arbitrary file uploads due to missing...
CVE Alert: CVE-2025-54259 – Adobe – Substance3D – Modeler
CVE-2025-54259 HIGHNo exploitation known Substance3D - Modeler versions 1.22.2 and earlier are affected by an Integer Overflow or Wraparound vulnerability...
CVE Alert: CVE-2025-10001 – wpallimport – Import any XML, CSV or Excel File to WordPress
CVE-2025-10001 HIGHNo exploitation known The Import any XML, CSV or Excel File to WordPress plugin for WordPress is vulnerable to...
CVE Alert: CVE-2025-54258 – Adobe – Substance3D – Modeler
CVE-2025-54258 HIGHNo exploitation known Substance3D - Modeler versions 1.22.2 and earlier are affected by a Use After Free vulnerability that...
CVE Alert: CVE-2025-54260 – Adobe – Substance3D – Modeler
CVE-2025-54260 HIGHNo exploitation known Substance3D - Modeler versions 1.22.2 and earlier are affected by an out-of-bounds read vulnerability when parsing...
CVE Alert: CVE-2025-10040 – smackcoders – WP Import – Ultimate CSV XML Importer for WordPress
CVE-2025-10040 HIGHNo exploitation known The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to...
CVE Alert: CVE-2025-54257 – Adobe – Acrobat Reader
CVE-2025-54257 HIGHNo exploitation known Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Use After Free vulnerability...
CVE Alert: CVE-2025-54243 – Adobe – Substance3D – Viewer
CVE-2025-54243 HIGHNo exploitation known Substance3D - Viewer versions 0.25.1 and earlier are affected by an out-of-bounds write vulnerability that could...
CVE Alert: CVE-2025-54245 – Adobe – Substance3D – Viewer
CVE-2025-54245 HIGHNo exploitation known Substance3D - Viewer versions 0.25.1 and earlier are affected by an out-of-bounds write vulnerability that could...
CVE Alert: CVE-2025-10171 – UTT – 1250GW
CVE-2025-10171 HIGHNo exploitation known A vulnerability was detected in UTT 1250GW up to 3.2.2-200710. This vulnerability affects the function sub_453DC...
CVE Alert: CVE-2025-54244 – Adobe – Substance3D – Viewer
CVE-2025-54244 HIGHNo exploitation known Substance3D - Viewer versions 0.25.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that...
[Palo Alto Networks Security Advisories] PAN-SA-2025-0015 Chromium: Monthly Vulnerability Update (September 2025)
Palo Alto Networks Security Advisories /PAN-SA-2025-0015PAN-SA-2025-0015 Chromium: Monthly Vulnerability Update (September 2025)UrgencyMODERATE047910Severity6.1 ·MEDIUMExploit MaturityUNREPORTEDResponse EffortMODERATERecoveryUSERValue DensityDIFFUSEAttack VectorNETWORKAttack ComplexityLOWAttack RequirementsNONEAutomatableNOUser InteractionACTIVEProduct...
[Palo Alto Networks Security Advisories] CVE-2025-4235 User-ID Credential Agent: Cleartext Exposure of Service Accountpassword
Palo Alto Networks Security Advisories /CVE-2025-4235CVE-2025-4235 User-ID Credential Agent: Cleartext Exposure of Service Account passwordUrgencyMODERATE047910Severity4.2 ·MEDIUMExploit MaturityUNREPORTEDResponse EffortMODERATERecoveryUSERValue DensityDIFFUSEAttack VectorLOCALAttack...
[Palo Alto Networks Security Advisories] CVE-2025-4234 Cortex XDR Microsoft 365 Defender Pack: Cleartext Exposure ofCredentials
Palo Alto Networks Security Advisories /CVE-2025-4234CVE-2025-4234 Cortex XDR Microsoft 365 Defender Pack: Cleartext Exposure of CredentialsUrgencyMODERATE047910Severity0.5 ·LOWExploit MaturityUNREPORTEDResponse EffortMODERATERecoveryUSERValue DensityDIFFUSEAttack...
CVE Alert: CVE-2025-54110 – Microsoft – Windows 10 Version 1809
CVE-2025-54110 HIGHNo exploitation known Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally. CVSS...
CVE Alert: CVE-2025-54106 – Microsoft – Windows Server 2019
CVE-2025-54106 HIGHNo exploitation known Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker...
CVE Alert: CVE-2025-54111 – Microsoft – Windows 10 Version 1809
CVE-2025-54111 HIGHNo exploitation known Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate privileges...
CVE Alert: CVE-2025-54108 – Microsoft – Windows Server 2025 (Server Core installation)
CVE-2025-54108 HIGHNo exploitation known Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc)...
CVE Alert: CVE-2025-54112 – Microsoft – Windows 10 Version 1809
CVE-2025-54112 HIGHNo exploitation known Use after free in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally....
CVE Alert: CVE-2025-54105 – Microsoft – Windows Server 2025 (Server Core installation)
CVE-2025-54105 HIGHNo exploitation known Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows...
CVE Alert: CVE-2025-54103 – Microsoft – Windows 10 Version 21H2
CVE-2025-54103 HIGHNo exploitation known Use after free in Windows Management Services allows an unauthorized attacker to elevate privileges locally. CVSS...
CVE Alert: CVE-2025-54102 – Microsoft – Windows 10 Version 1809
CVE-2025-54102 HIGHNo exploitation known Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges...
