CVE Alert: CVE-2025-47295
Vulnerability Summary: CVE-2025-47295 A buffer over-read in Fortinet FortiOS versions 7.4.0 through 7.4.3, versions 7.2.0 through 7.2.7, and versions 7.0.0...
Vulnerabilities
CVE Alert: CVE-2025-47294
Vulnerability Summary: CVE-2025-47294 A integer overflow or wraparound in Fortinet FortiOS versions 7.2.0 through 7.2.7, versions 7.0.0 through 7.0.14 may...
CVE Alert: CVE-2025-5082
Vulnerability Summary: CVE-2025-5082 The WP Attachments plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘attachment_id’ parameter in...
CVE Alert: CVE-2025-1753
Vulnerability Summary: CVE-2025-1753 LLama-Index CLI version v0.12.20 contains an OS command injection vulnerability. The vulnerability arises from the improper handling...
CVE Alert: CVE-2025-5287
Vulnerability Summary: CVE-2025-5287 The Likes and Dislikes Plugin plugin for WordPress is vulnerable to SQL Injection via the 'post' parameter...
CVE Alert: CVE-2025-46777
Vulnerability Summary: CVE-2025-46777 A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5,...
CVE Alert: CVE-2025-4963
Vulnerability Summary: CVE-2025-4963 The WP Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in...
CVE Alert: CVE-2025-5297
Vulnerability Summary: CVE-2025-5297 A vulnerability, which was classified as critical, has been found in SourceCodester Computer Store System 1.0. This...
CVE Alert: CVE-2025-5295
Vulnerability Summary: CVE-2025-5295 A vulnerability classified as critical was found in FreeFloat FTP Server 1.0.0. This vulnerability affects unknown code...
CVE Alert: CVE-2025-4493
Vulnerability Summary: CVE-2025-4493 Improper privilege assignment in PAM JIT privilege sets in Devolutions Server allows a PAM user to perform...
CVE Alert: CVE-2025-5299
Vulnerability Summary: CVE-2025-5299 A vulnerability was found in SourceCodester Client Database Management System 1.0. It has been declared as critical....
CVE Alert: CVE-2025-5298
Vulnerability Summary: CVE-2025-5298 A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. Affected...
CVE Alert: CVE-2025-48734
Vulnerability Summary: CVE-2025-48734 Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This...
CVE Alert: CVE-2025-3357
Vulnerability Summary: CVE-2025-3357 IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19 could allow a remote attacker to execute arbitrary...
CVE Alert: CVE-2025-5277
Vulnerability Summary: CVE-2025-5277 aws-mcp-server MCP server is vulnerable to command injection. An attacker can craft a prompt that once accessed...
CVE Alert: CVE-2025-45997
Vulnerability Summary: CVE-2025-45997 Sourcecodester Web-based Pharmacy Product Management System v.1.0 has a file upload vulnerability. An attacker can upload a...
CVE Alert: CVE-2025-4134
Vulnerability Summary: CVE-2025-4134 Lack of file validation in do_update_vps in Avast Business Antivirus for Linux 4.5 on Linux allows local...
CVE Alert: CVE-2025-32801
Vulnerability Summary: CVE-2025-32801 Kea configuration and API directives can be used to load a malicious hook library. Many common configurations...
CVE Alert: CVE-2025-45343
Vulnerability Summary: CVE-2025-45343 An issue in Tenda W18E v.2.0 v.16.01.0.11 allows an attacker to execute arbitrary code via the editing...
CVE Alert: CVE-2024-38341
Vulnerability Summary: CVE-2024-38341 IBM Sterling Secure Proxy 6.0.0.0 through 6.0.3.1, 6.1.0.0 through 6.1.0.0, and 6.2.0.0 through 6.2.0.1 uses weaker than...
CVE Alert: CVE-2024-51453
Vulnerability Summary: CVE-2024-51453 IBM Sterling Secure Proxy 6.2.0.0 through 6.2.0.1 could allow a remote attacker to traverse directories on the...
CVE Alert: CVE-2025-32802
Vulnerability Summary: CVE-2025-32802 Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to...
CVE Alert: CVE-2025-48927
Vulnerability Summary: CVE-2025-48927 The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a...
CVE Alert: CVE-2025-48925
Vulnerability Summary: CVE-2025-48925 The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to do...
