CVE Alert: CVE-2025-36539
Vulnerability Summary: CVE-2025-36539 AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if exploited, could allow an...
CVE
CVE Alert: CVE-2025-4417
Vulnerability Summary: CVE-2025-4417 A cross-site scripting vulnerability exists in AVEVA PI Connector for CygNet Versions 1.6.14 and prior that, if...
CVE Alert: CVE-2025-2745
Vulnerability Summary: CVE-2025-2745 A cross-site scripting vulnerability exists in AVEVA PI Web API version 2023 SP1 and prior that, if...
CVE Alert: CVE-2025-5485
Vulnerability Summary: CVE-2025-5485 User names used to access the web management interface are limited to the device identifier, which is...
CVE Alert: CVE-2025-27689
Vulnerability Summary: CVE-2025-27689 Dell iDRAC Tools, version(s) prior to 11.3.0.0, contain(s) an Improper Access Control vulnerability. A low privileged attacker...
CVE Alert: CVE-2025-41234
Vulnerability Summary: CVE-2025-41234 Description In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable...
CVE Alert: CVE-2025-5484
Vulnerability Summary: CVE-2025-5484 A username and password are required to authenticate to the central SinoTrack device management interface. The username...
CVE Alert: CVE-2025-41233
Vulnerability Summary: CVE-2025-41233 Description: VMware AVI Load Balancer contains an authenticated blind SQL Injection vulnerability. VMware has evaluated the severity...
CVE Alert: CVE-2025-4275
Vulnerability Summary: CVE-2025-4275 Running the provided utility changes the certificate on any Insyde BIOS and then the attached .efi file...
CVE Alert: CVE-2025-4666
Vulnerability Summary: CVE-2025-4666 The Zotpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘nickname’ parameter in all...
CVE Alert: CVE-2025-5959
Vulnerability Summary: CVE-2025-5959 Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary...
CVE Alert: CVE-2025-49091
Vulnerability Summary: CVE-2025-49091 KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from...
CVE Alert: CVE-2025-5958
Vulnerability Summary: CVE-2025-5958 Use after free in Media in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to potentially...
CVE Alert: CVE-2025-41663
Vulnerability Summary: CVE-2025-41663 An unauthenticated remote attacker in a man-in-the-middle position can inject arbitrary commands in responses returned by WWH...
CVE Alert: CVE-2024-35295
Vulnerability Summary: CVE-2024-35295 A vulnerability has been identified in Perfect Harmony GH180 (All versions >= V8.0 < V8.3.3 with NXGPro+...
CVE Alert: CVE-2025-4798
Vulnerability Summary: CVE-2025-4798 The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and...
CVE Alert: CVE-2025-4799
Vulnerability Summary: CVE-2025-4799 The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on...
CVE Alert: CVE-2025-5395
Vulnerability Summary: CVE-2025-5395 The WordPress Automatic Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file...
CVE Alert: CVE-2025-26412
Vulnerability Summary: CVE-2025-26412 The SIMCom SIM7600G modem supports an undocumented AT command, which allows an attacker to execute system commands...
CVE Alert: CVE-2025-4315
Vulnerability Summary: CVE-2025-4315 The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Privilege Escalation in all...
CVE Alert: CVE-2025-41661
Vulnerability Summary: CVE-2025-41661 An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack...
CVE Alert: CVE-2025-4573
Vulnerability Summary: CVE-2025-4573 Mattermost versions 10.7.x
CVE Alert: CVE-2025-41662
Vulnerability Summary: CVE-2025-41662 An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack...
CVE Alert: CVE-2025-5986
Vulnerability Summary: CVE-2025-5986 A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the...
