CVE

CVE Alert: CVE-2025-50688

August 6, 2025

Vulnerability Summary: CVE-2025-50688 A command injection vulnerability exists in TwistedWeb (version 14.0.0) due to improper input sanitization in the file...

CVE Alert: CVE-2025-51857

August 6, 2025

Vulnerability Summary: CVE-2025-51857 The reconcile method in the AttachmentReconciler class of the Halo system v.2.20.18LTS and before is vulnerable to...

CVE Alert: CVE-2025-51060

August 6, 2025

Vulnerability Summary: CVE-2025-51060 An issue was discovered in CPUID cpuz.sys 1.0.5.4. An attacker can use DeviceIoControl with the unvalidated parameters...

CVE Alert: CVE-2025-52078

August 6, 2025

Vulnerability Summary: CVE-2025-52078 File upload vulnerability in Writebot AI Content Generator SaaS React Template thru 4.0.0, allowing remote attackers to...

CVE Alert: CVE-2025-8586

August 6, 2025

Vulnerability Summary: CVE-2025-8586 A vulnerability, which was classified as problematic, was found in libav up to 12.3. This affects the...

CVE Alert: CVE-2025-45512

August 6, 2025

Vulnerability Summary: CVE-2025-45512 A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot (U-Boot) v1.1.3 allows...

CVE Alert: CVE-2025-52237

August 6, 2025

Vulnerability Summary: CVE-2025-52237 An issue in the component /stl/actions/download?filePath of SSCMS v7.3.1 allows attackers to execute a directory traversal. Affected...

CVE Alert: CVE-2025-50592

August 6, 2025

Vulnerability Summary: CVE-2025-50592 Cross site scripting vulnerability in seacms before 13.2 via the vid parameter to Upload/js/player/dmplayer/player. Affected Endpoints: No...

CVE Alert: CVE-2025-44955

August 6, 2025

Vulnerability Summary: CVE-2025-44955 RUCKUS Network Director (RND) before 4.5 allows jailed users to obtain root access vis a weak, hardcoded...

CVE Alert: CVE-2025-5988

August 6, 2025

Vulnerability Summary: CVE-2025-5988 A flaw was found in the Ansible aap-gateway. Cross-site request forgery (CSRF) origin checking is not done...

CVE Alert: CVE-2025-8517

August 6, 2025

Vulnerability Summary: CVE-2025-8517 A vulnerability was found in givanz Vvveb 1.0.6.1. It has been declared as critical. Affected by this...

CVE Alert: CVE-2025-38739

August 6, 2025

Vulnerability Summary: CVE-2025-38739 Dell Digital Delivery, versions prior to 5.6.1.0, contains an Insufficiently Protected Credentials vulnerability. A remote unauthenticated attacker...

CVE Alert: CVE-2025-8516

August 6, 2025

Vulnerability Summary: CVE-2025-8516 A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Edition up to 8.2. It has been classified as...

CVE Alert: CVE-2025-50420

August 6, 2025

Vulnerability Summary: CVE-2025-50420 An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion...

CVE Alert: CVE-2025-44958

August 6, 2025

Vulnerability Summary: CVE-2025-44958 RUCKUS Network Director (RND) before 4.5 stores passwords in a recoverable format. Affected Endpoints: No affected endpoints...

CVE Alert: CVE-2025-50422

August 6, 2025

Vulnerability Summary: CVE-2025-50422 An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream objects is not...

CVE Alert: CVE-2025-44954

August 6, 2025

Vulnerability Summary: CVE-2025-44954 RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user...

CVE Alert: CVE-2025-44957

August 6, 2025

Vulnerability Summary: CVE-2025-44957 Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted...

CVE Alert: CVE-2025-44963

August 5, 2025

Vulnerability Summary: CVE-2025-44963 RUCKUS Network Director (RND) before 4.5 allows spoofing of an administrator JWT by an attacker who knows...

CVE Alert: CVE-2025-44962

August 5, 2025

Vulnerability Summary: CVE-2025-44962 RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files. Affected Endpoints: No...

CVE Alert: CVE-2025-44960

August 5, 2025

Vulnerability Summary: CVE-2025-44960 RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an...

CVE Alert: CVE-2025-8518

August 5, 2025

Vulnerability Summary: CVE-2025-8518 A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this...

CVE Alert: CVE-2025-44961

August 5, 2025

Vulnerability Summary: CVE-2025-44961 In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address...

CVE Alert: CVE-2024-45183

August 5, 2025

Vulnerability Summary: CVE-2024-45183 An issue was discovered in Samsung Mobile Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, and 2400....

CVE

CVE Alert: CVE-2025-50688

CVE Alert: CVE-2025-51857

CVE Alert: CVE-2025-51060

CVE Alert: CVE-2025-52078

CVE Alert: CVE-2025-8586

CVE Alert: CVE-2025-45512

CVE Alert: CVE-2025-52237

CVE Alert: CVE-2025-50592

CVE Alert: CVE-2025-44955

CVE Alert: CVE-2025-5988

CVE Alert: CVE-2025-8517

CVE Alert: CVE-2025-38739

CVE Alert: CVE-2025-8516

CVE Alert: CVE-2025-50420

CVE Alert: CVE-2025-44958

CVE Alert: CVE-2025-50422

CVE Alert: CVE-2025-44954

CVE Alert: CVE-2025-44957

CVE Alert: CVE-2025-44963

CVE Alert: CVE-2025-44962

CVE Alert: CVE-2025-44960

CVE Alert: CVE-2025-8518

CVE Alert: CVE-2025-44961

CVE Alert: CVE-2024-45183

US-CERT Vulnerability Summary for the Week of September 8, 2025

HackerOne Bug Bounty Disclosure: stack-buffer-overflow-in-curl-cookie-parsing-leads-to-rce-batuhanilgarr

BugCrowd Bug Bounty Disclosure: P3 – Publicly Editable Google Docs Linked from NASA SnowEx PPT –

BugCrowd Bug Bounty Disclosure: P3 – Details of the collaboration between NASA and Inmarsat Government and the type of contract –

Apple Products Multiple Vulnerabilities

You may have missed