CVE

CVE Alert: CVE-2025-55203

August 16, 2025

Vulnerability Summary: CVE-2025-55203 Plane is open-source project management software. Prior to version 0.28.0, a stored cross-site scripting (XSS) vulnerability exists...

CVE Alert: CVE-2025-54989

August 16, 2025

Vulnerability Summary: CVE-2025-54989 Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, and 5.0.3, there is an XDR message...

CVE Alert: CVE-2025-9052

August 16, 2025

Vulnerability Summary: CVE-2025-9052 A vulnerability was identified in projectworlds Travel Management System 1.0. This affects an unknown part of the...

CVE Alert: CVE-2025-54466

August 16, 2025

Vulnerability Summary: CVE-2025-54466 Improper Control of Generation of Code ('Code Injection') vulnerability leading to a possible RCE in Apache OFBiz...

CVE Alert: CVE-2025-5046

August 16, 2025

Vulnerability Summary: CVE-2025-5046 A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force an Out-of-Bounds Read...

CVE Alert: CVE-2025-24975

August 16, 2025

Vulnerability Summary: CVE-2025-24975 Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if...

CVE Alert: CVE-2025-49898

August 16, 2025

Vulnerability Summary: CVE-2025-49898 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xolluteon Dropshix allows DOM-Based XSS.This...

CVE Alert: CVE-2025-5048

August 16, 2025

Vulnerability Summary: CVE-2025-5048 A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force a Memory Corruption...

CVE Alert: CVE-2025-5047

August 16, 2025

Vulnerability Summary: CVE-2025-5047 A maliciously crafted DGN file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A...

CVE Alert: CVE-2025-49897

August 16, 2025

Vulnerability Summary: CVE-2025-49897 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Vertical scroll...

CVE Alert: CVE-2025-8361

August 16, 2025

Vulnerability Summary: CVE-2025-8361 Missing Authorization vulnerability in Drupal Config Pages allows Forceful Browsing.This issue affects Config Pages: from 0.0.0 before...

CVE Alert: CVE-2025-8092

August 16, 2025

Vulnerability Summary: CVE-2025-8092 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal COOKiES Consent Management allows...

CVE Alert: CVE-2025-8362

August 16, 2025

Vulnerability Summary: CVE-2025-8362 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal GoogleTag Manager allows Cross-Site...

CVE Alert: CVE-2025-49432

August 16, 2025

Vulnerability Summary: CVE-2025-49432 Missing Authorization vulnerability in FWDesign Ultimate Video Player allows Exploiting Incorrectly Configured Access Control Security Levels. This...

CVE Alert: CVE-2025-8675

August 16, 2025

Vulnerability Summary: CVE-2025-8675 Server-Side Request Forgery (SSRF) vulnerability in Drupal AI SEO Link Advisor allows Server Side Request Forgery.This issue...

CVE Alert: CVE-2025-36088

August 16, 2025

Vulnerability Summary: CVE-2025-36088 IBM TS4500 1.11.0.0-D00, 1.11.0.1-C00, 1.11.0.2-C00, and 1.10.00-F00 web GUI is vulnerable to cross-site scripting. This vulnerability allows...

CVE Alert: CVE-2025-8995

August 16, 2025

Vulnerability Summary: CVE-2025-8995 Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue...

CVE Alert: CVE-2025-8996

August 16, 2025

Vulnerability Summary: CVE-2025-8996 Missing Authorization vulnerability in Drupal Layout Builder Advanced Permissions allows Forceful Browsing.This issue affects Layout Builder Advanced...

CVE Alert: CVE-2025-55285

August 16, 2025

Vulnerability Summary: CVE-2025-55285 @backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. Prior to version 2.1.1, duplicate logging of...

CVE Alert: CVE-2025-9060

August 16, 2025

Vulnerability Summary: CVE-2025-9060 A vulnerability has been found in the MSoft MFlash application that allows execution of arbitrary code on...

CVE Alert: CVE-2025-52618

August 16, 2025

Vulnerability Summary: CVE-2025-52618 HCL BigFix SaaS Authentication Service is affected by a SQL injection vulnerability. The vulnerability allows potential attackers...

CVE Alert: CVE-2025-52619

August 16, 2025

Vulnerability Summary: CVE-2025-52619 HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. Under certain conditions, error messages...

CVE Alert: CVE-2025-52621

August 16, 2025

Vulnerability Summary: CVE-2025-52621 HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. The BigFix SaaS's HTTP responses were observed...

CVE Alert: CVE-2025-8959

August 16, 2025

Vulnerability Summary: CVE-2025-8959 HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond...

CVE

CVE Alert: CVE-2025-55203

CVE Alert: CVE-2025-54989

CVE Alert: CVE-2025-9052

CVE Alert: CVE-2025-54466

CVE Alert: CVE-2025-5046

CVE Alert: CVE-2025-24975

CVE Alert: CVE-2025-49898

CVE Alert: CVE-2025-5048

CVE Alert: CVE-2025-5047

CVE Alert: CVE-2025-49897

CVE Alert: CVE-2025-8361

CVE Alert: CVE-2025-8092

CVE Alert: CVE-2025-8362

CVE Alert: CVE-2025-49432

CVE Alert: CVE-2025-8675

CVE Alert: CVE-2025-36088

CVE Alert: CVE-2025-8995

CVE Alert: CVE-2025-8996

CVE Alert: CVE-2025-55285

CVE Alert: CVE-2025-9060

CVE Alert: CVE-2025-52618

CVE Alert: CVE-2025-52619

CVE Alert: CVE-2025-52621

CVE Alert: CVE-2025-8959

HackerOne Bug Bounty Disclosure: stack-buffer-overflow-in-curl-cookie-parsing-leads-to-rce-batuhanilgarr

BugCrowd Bug Bounty Disclosure: P3 – Publicly Editable Google Docs Linked from NASA SnowEx PPT –

BugCrowd Bug Bounty Disclosure: P3 – Details of the collaboration between NASA and Inmarsat Government and the type of contract –

Apple Products Multiple Vulnerabilities

Miljödata – 870,108 breached accounts

You may have missed