CVE

CVE Alert: CVE-2025-46018

August 2, 2025

Vulnerability Summary: CVE-2025-46018 CSC Pay Mobile App 2.19.4 (fixed in version 2.20.0) contains a vulnerability allowing users to bypass payment...

CVE Alert: CVE-2025-50472

August 2, 2025

Vulnerability Summary: CVE-2025-50472 The modelscope/ms-swift library thru 2.6.1 is vulnerable to arbitrary code execution through deserialization of untrusted data within...

CVE Alert: CVE-2023-44976

August 2, 2025

Vulnerability Summary: CVE-2023-44976 Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other...

CVE Alert: CVE-2025-45767

August 2, 2025

Vulnerability Summary: CVE-2025-45767 jose v6.0.10 was discovered to contain weak encryption. Affected Endpoints: No affected endpoints listed. Published Date: 8/1/2025,...

CVE Alert: CVE-2025-51504

August 2, 2025

Vulnerability Summary: CVE-2025-51504 Microweber CMS 2.0 is vulnerable to Cross Site Scripting (XSS)in the /projects/profile, homepage endpoint via the last...

CVE Alert: CVE-2025-51502

August 2, 2025

Vulnerability Summary: CVE-2025-51502 Reflected Cross-Site Scripting (XSS) in Microweber CMS 2.0 via the layout parameter on the /admin/page/create page allows...

CVE Alert: CVE-2025-45150

August 2, 2025

Vulnerability Summary: CVE-2025-45150 Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive files via supplying...

CVE Alert: CVE-2025-51501

August 2, 2025

Vulnerability Summary: CVE-2025-51501 Reflected Cross-Site Scripting (XSS) in the id parameter of the live_edit.module_settings API endpoint in Microweber CMS2.0 allows...

CVE Alert: CVE-2025-52390

August 2, 2025

Vulnerability Summary: CVE-2025-52390 Saurus CMS Community Edition since commit d886e5b0 (2010-04-23) is vulnerable to a SQL Injection vulnerability in the...

CVE Alert: CVE-2025-2824

August 2, 2025

Vulnerability Summary: CVE-2025-2824 IBM Operational Decision Manager 8.11.0.1, 8.11.1.0, 8.12.0.1, 9.0.0.1, and 9.5.0 could allow a remote attacker to conduct...

CVE Alert: CVE-2025-33118

August 2, 2025

Vulnerability Summary: CVE-2025-33118 IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting. This vulnerability...

CVE Alert: CVE-2025-45778

August 2, 2025

Vulnerability Summary: CVE-2025-45778 A stored cross-site scripting (XSS) vulnerability in The Language Sloth Web Application v1.0 allows attackers to execute...

CVE Alert: CVE-2025-49832

August 2, 2025

Vulnerability Summary: CVE-2025-49832 Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including...

CVE Alert: CVE-2023-32256

August 2, 2025

Vulnerability Summary: CVE-2023-32256 A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation...

CVE Alert: CVE-2025-50868

August 2, 2025

Vulnerability Summary: CVE-2025-50868 A SQL Injection vulnerability exists in the takeassessment2.php file of CloudClassroom-PHP-Project 1.0. The Q4 POST parameter is...

CVE Alert: CVE-2025-50870

August 2, 2025

Vulnerability Summary: CVE-2025-50870 Institute-of-Current-Students 1.0 is vulnerable to Incorrect Access Control in the mydetailsstudent.php endpoint. The myds GET parameter accepts...

CVE Alert: CVE-2025-50869

August 2, 2025

Vulnerability Summary: CVE-2025-50869 A stored Cross-Site Scripting (XSS) vulnerability exists in the qureydetails.php page of Institute-of-Current-Students 1.0, where the input...

CVE Alert: CVE-2025-54593

August 2, 2025

Vulnerability Summary: CVE-2025-54593 FreshRSS is a free, self-hostable RSS aggregator. In versions 1.26.1 and below, an authenticated administrator user can...

CVE Alert: CVE-2025-54595

August 2, 2025

Vulnerability Summary: CVE-2025-54595 Pearcleaner is a free, source-available and fair-code licensed mac app cleaner. The PearcleanerHelper is a privileged helper...

CVE Alert: CVE-2025-54564

August 2, 2025

Vulnerability Summary: CVE-2025-54564 uploadsm in ChargePoint Home Flex 5.5.4.13 does not validate a user-controlled string for bz2 decompression, which allows...

CVE Alert: CVE-2025-6004

August 2, 2025

Vulnerability Summary: CVE-2025-6004 Vault and Vault Enterprise’s (“Vault”) user lockout feature could be bypassed for Userpass and LDAP authentication methods....

CVE Alert: CVE-2025-6011

August 2, 2025

Vulnerability Summary: CVE-2025-6011 A timing side channel in Vault and Vault Enterprise’s (“Vault”) userpass auth method allowed an attacker to...

CVE Alert: CVE-2025-6014

August 2, 2025

Vulnerability Summary: CVE-2025-6014 Vault and Vault Enterprise’s (“Vault”) TOTP Secrets Engine code validation endpoint is susceptible to code reuse within...

CVE Alert: CVE-2025-54574

August 2, 2025

Vulnerability Summary: CVE-2025-54574 Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to...

CVE

CVE Alert: CVE-2025-46018

CVE Alert: CVE-2025-50472

CVE Alert: CVE-2023-44976

CVE Alert: CVE-2025-45767

CVE Alert: CVE-2025-51504

CVE Alert: CVE-2025-51502

CVE Alert: CVE-2025-45150

CVE Alert: CVE-2025-51501

CVE Alert: CVE-2025-52390

CVE Alert: CVE-2025-2824

CVE Alert: CVE-2025-33118

CVE Alert: CVE-2025-45778

CVE Alert: CVE-2025-49832

CVE Alert: CVE-2023-32256

CVE Alert: CVE-2025-50868

CVE Alert: CVE-2025-50870

CVE Alert: CVE-2025-50869

CVE Alert: CVE-2025-54593

CVE Alert: CVE-2025-54595

CVE Alert: CVE-2025-54564

CVE Alert: CVE-2025-6004

CVE Alert: CVE-2025-6011

CVE Alert: CVE-2025-6014

CVE Alert: CVE-2025-54574

[MEDUSA] – Ransomware Victim: Simon Property Group

CVE Alert: CVE-2025-12399 – alexreservations – Alex Reservations: Smart Restaurant Booking

CVE Alert: CVE-2025-12099 – academylms – Academy LMS – WordPress LMS Plugin for Complete eLearning Solution

CVE Alert: CVE-2025-9334 – codesolz – Better Find and Replace – AI-Powered Suggestions

CVE Alert: CVE-2025-11967 – getwpfunnels – Mail Mint – Newsletters, Email Marketing, Automation, WooCommerce Emails, Post Notification, and more

You may have missed