CVE

CVE Alert: CVE-2025-31512

July 23, 2025

Vulnerability Summary: CVE-2025-31512 An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval via isAddedByApprover in a...

CVE Alert: CVE-2025-51479

July 23, 2025

Vulnerability Summary: CVE-2025-51479 Authorization bypass in update_user_group in onyx-dot-app Onyx Enterprise Edition 0.27.0 allows remote authenticated attackers to modify arbitrary...

CVE Alert: CVE-2025-51471

July 23, 2025

Vulnerability Summary: CVE-2025-51471 Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass...

CVE Alert: CVE-2025-31513

July 23, 2025

Vulnerability Summary: CVE-2025-31513 An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can elevate to administrator privileges via the IsAdminApprover...

CVE Alert: CVE-2025-51472

July 23, 2025

Vulnerability Summary: CVE-2025-51472 Code Injection in AgentTemplate.eval_agent_config in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to execute arbitrary Python code via...

CVE Alert: CVE-2025-51458

July 23, 2025

Vulnerability Summary: CVE-2025-51458 SQL Injection in editor_sql_run and query_ex in eosphoros-ai DB-GPT 0.7.0 allows remote attackers to execute arbitrary SQL...

CVE Alert: CVE-2025-51462

July 23, 2025

Vulnerability Summary: CVE-2025-51462 Stored Cross-site Scripting (XSS) vulnerability in api.apps.dialog_app.set_dialog in RAGFlow 0.17.2 allows remote attackers to execute arbitrary JavaScript...

Vulnerability Summary: CVE-2025-51475 Arbitrary File Overwrite (AFO) in superagi.controllers.resources.upload in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to overwrite arbitrary files...

CVE Alert: CVE-2025-41425

July 23, 2025

Vulnerability Summary: CVE-2025-41425 DuraComm SPM-500 DP-10iN-100-MU is vulnerable to a cross-site scripting attack. This could allow an attacker to prevent...

CVE Alert: CVE-2025-53538

July 23, 2025

Vulnerability Summary: CVE-2025-53538 Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation)...

CVE Alert: CVE-2025-48733

July 23, 2025

Vulnerability Summary: CVE-2025-48733 DuraComm SPM-500 DP-10iN-100-MU lacks access controls for a function that should require user authentication. This could allow...

CVE Alert: CVE-2025-54072

July 23, 2025

Vulnerability Summary: CVE-2025-54072 yt-dlp is a feature-rich command-line audio/video downloader. In versions 2025.06.25 and below, when the --exec option is...

CVE Alert: CVE-2025-53703

July 23, 2025

Vulnerability Summary: CVE-2025-53703 DuraComm SPM-500 DP-10iN-100-MU transmits sensitive data without encryption over a channel that could be intercepted by attackers....

CVE Alert: CVE-2025-54137

July 23, 2025

Vulnerability Summary: CVE-2025-54137 HAX CMS NodeJS allows users to manage their microsite universe with a NodeJS backend. Versions 11.0.9 and...

CVE Alert: CVE-2025-54140

July 23, 2025

Vulnerability Summary: CVE-2025-54140 pyLoad is a free and open-source Download Manager written in pure Python. In version 0.5.0b3.dev89, an authenticated...

CVE Alert: CVE-2025-54138

July 23, 2025

Vulnerability Summary: CVE-2025-54138 LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network...

CVE Alert: CVE-2025-54141

July 23, 2025

Vulnerability Summary: CVE-2025-54141 ViewVC is a browser interface for CVS and Subversion version control repositories. In versions 1.1.0 through 1.1.31...

CVE Alert: CVE-2025-7766

July 23, 2025

Vulnerability Summary: CVE-2025-7766 Lantronix Provisioning Manager is vulnerable to XML external entity attacks in configuration files supplied by network devices,...

CVE Alert: CVE-2025-7289

July 23, 2025

Vulnerability Summary: CVE-2025-7289 IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers...

CVE Alert: CVE-2025-7288

July 23, 2025

Vulnerability Summary: CVE-2025-7288 IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers...

CVE Alert: CVE-2025-7290

July 23, 2025

Vulnerability Summary: CVE-2025-7290 IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers...

CVE Alert: CVE-2025-7291

July 23, 2025

Vulnerability Summary: CVE-2025-7291 IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers...

CVE Alert: CVE-2025-7287

July 23, 2025

Vulnerability Summary: CVE-2025-7287 IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers...

CVE Alert: CVE-2025-7300

July 23, 2025

Vulnerability Summary: CVE-2025-7300 IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers...

CVE

CVE Alert: CVE-2025-31512

CVE Alert: CVE-2025-51479

CVE Alert: CVE-2025-51471

CVE Alert: CVE-2025-31513

CVE Alert: CVE-2025-51472

CVE Alert: CVE-2025-51458

CVE Alert: CVE-2025-51462

CVE Alert: CVE-2025-51475

CVE Alert: CVE-2025-41425

CVE Alert: CVE-2025-53538

CVE Alert: CVE-2025-48733

CVE Alert: CVE-2025-54072

CVE Alert: CVE-2025-53703

CVE Alert: CVE-2025-54137

CVE Alert: CVE-2025-54140

CVE Alert: CVE-2025-54138

CVE Alert: CVE-2025-54141

CVE Alert: CVE-2025-7766

CVE Alert: CVE-2025-7289

CVE Alert: CVE-2025-7288

CVE Alert: CVE-2025-7290

CVE Alert: CVE-2025-7291

CVE Alert: CVE-2025-7287

CVE Alert: CVE-2025-7300

HackerOne Bug Bounty Disclosure: stack-buffer-overflow-in-curl-cookie-parsing-leads-to-rce-batuhanilgarr

BugCrowd Bug Bounty Disclosure: P3 – Publicly Editable Google Docs Linked from NASA SnowEx PPT –

BugCrowd Bug Bounty Disclosure: P3 – Details of the collaboration between NASA and Inmarsat Government and the type of contract –

Apple Products Multiple Vulnerabilities

Miljödata – 870,108 breached accounts

You may have missed