CVE Alert: CVE-2025-52922
Vulnerability Summary: CVE-2025-52922 Innoshop through 0.4.1 allows directory traversal via FileManager API endpoints. An authenticated attacker with access to the...
CVE
CVE Alert: CVE-2025-27387
Vulnerability Summary: CVE-2025-27387 OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure. Affected...
CVE Alert: CVE-2025-52878
Vulnerability Summary: CVE-2025-52878 In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions Affected Endpoints: No...
CVE Alert: CVE-2025-52879
Vulnerability Summary: CVE-2025-52879 In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible Affected Endpoints: No...
CVE Alert: CVE-2025-6513
Vulnerability Summary: CVE-2025-6513 Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt...
CVE Alert: CVE-2025-52877
Vulnerability Summary: CVE-2025-52877 In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible Affected Endpoints: No affected endpoints...
CVE Alert: CVE-2025-6512
Vulnerability Summary: CVE-2025-6512 On a client with a non-admin user, a script can be integrated into a report. The reports...
CVE Alert: CVE-2025-52875
Vulnerability Summary: CVE-2025-52875 In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible Affected Endpoints:...
CVE Alert: CVE-2025-52968
Vulnerability Summary: CVE-2025-52968 xdg-open in xdg-utils through 1.2.1 can send requests containing SameSite=Strict cookies, which can facilitate CSRF. (For example,...
CVE Alert: CVE-2025-4563
Vulnerability Summary: CVE-2025-4563 A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks....
CVE Alert: CVE-2025-52967
Vulnerability Summary: CVE-2025-52967 gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. Affected Endpoints: No affected endpoints listed. Published Date: 6/23/2025,...
CVE Alert: CVE-2025-52876
Vulnerability Summary: CVE-2025-52876 In JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIcon page was possible Affected Endpoints: No affected...
CVE Alert: CVE-2025-52969
Vulnerability Summary: CVE-2025-52969 ClickHouse 25.7.1.557 allows low-privileged users to execute shell commands by querying existing Executable() tables created by higher-privileged...
CVE Alert: CVE-2025-6516
Vulnerability Summary: CVE-2025-6516 A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This vulnerability affects...
CVE Alert: CVE-2025-6510
Vulnerability Summary: CVE-2025-6510 A vulnerability was found in Netgear EX6100 1.0.2.28_1.1.138. It has been rated as critical. Affected by this...
CVE Alert: CVE-2025-6511
Vulnerability Summary: CVE-2025-6511 A vulnerability classified as critical has been found in Netgear EX6150 1.0.0.46_1.0.76. This affects the function sub_410090....
CVE Alert: CVE-2025-6509
Vulnerability Summary: CVE-2025-6509 A vulnerability was found in seaswalker spring-analysis up to 4379cce848af96997a9d7ef91d594aa129be8d71. It has been declared as problematic. Affected...
CVE Alert: CVE-2025-6517
Vulnerability Summary: CVE-2025-6517 A vulnerability was found in Dromara MaxKey up to 4.1.7 and classified as critical. This issue affects...
CVE Alert: CVE-2025-49126
Vulnerability Summary: CVE-2025-49126 Visionatrix is an AI Media processing tool using ComfyUI. In versions 1.5.0 to before 2.5.1, the /docs/flows...
CVE Alert: CVE-2021-47688
Vulnerability Summary: CVE-2021-47688 In WhiteBeam 0.2.0 through 0.2.1 before 0.2.2, a user with local access to a server can bypass...
CVE Alert: CVE-2025-6518
Vulnerability Summary: CVE-2025-6518 A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected...
CVE Alert: CVE-2025-49144
Vulnerability Summary: CVE-2025-49144 Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation...
CVE Alert: CVE-2025-2828
Vulnerability Summary: CVE-2025-2828 A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit component of the langchain-community package (specifically, langchain_community.agent_toolkits.openapi.toolkit.RequestsToolkit)...
CVE Alert: CVE-2025-6524
Vulnerability Summary: CVE-2025-6524 A vulnerability classified as problematic has been found in 70mai 1S up to 20250611. This affects an...
