| CVE-2025-3761 | The My Tickets – Accessible Event Ticketing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.0.16. This is due to the mt_save_profile() function not appropriately restricting access to unauthorized users to update roles. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update their role to that of an administrator. | high |
| CVE-2025-35965 | Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10 fail to validate the uniqueness and quantity of task actions within the UpdateRunTaskActions GraphQL operation, which allows an attacker to create task items containing an excessive number of actions triggered by specific posts, overloading the server and leading to a denial-of-service (DoS) condition. | medium |
| CVE-2025-32730 | Use of hard-coded cryptographic key vulnerability in i-PRO Configuration Tool affects the network system for i-PRO Co., Ltd. surveillance cameras and recorders. This vulnerability allows a local authenticated attacker to use the authentication information from the last connected surveillance cameras and recorders. | medium |
| CVE-2025-2558 | The-wound WordPress theme through 0.0.1 does not validate some parameters before using them to generate paths passed to include function/s, allowing unauthenticated users to perform LFI attacks and download arbitrary file from the server | high |
| CVE-2025-1453 | The Category Posts Widget WordPress plugin before 4.9.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | medium |
| CVE-2025-3435 | The Mang Board WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the board_header and board_footer parameters in all versions up to, and including, 1.8.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | medium |
| CVE-2025-46381 | Rejected reason: Not used | No Score |
| CVE-2025-46380 | Rejected reason: Not used | No Score |
| CVE-2025-46379 | Rejected reason: Not used | No Score |
| CVE-2025-46378 | Rejected reason: Not used | No Score |
| CVE-2025-46377 | Rejected reason: Not used | No Score |
| CVE-2025-46376 | Rejected reason: Not used | No Score |
| CVE-2025-46375 | Rejected reason: Not used | No Score |
| CVE-2025-46374 | Rejected reason: Not used | No Score |
| CVE-2025-1976 | Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6. | high |
| CVE-2025-46419 | Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed ESP packet. | medium |
| CVE-2025-46417 | The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_server_certificate can exfiltrate data via DNS after deserialization. | high |
| CVE-2025-27581 | NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 allows users who lack the InET role to access the InET module via direct requests to known endpoints. | medium |
| CVE-2025-27580 | NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 generates predictable tokens (that depend on username, time, and the fixed 7Dl9#dj- string) and thus allows unauthenticated users with a Common Access Card (CAC) to escalate privileges and compromise any account, including administrators. | high |
| CVE-2025-3454 | Grafana Labs reports:
This vulnerability, which was discovered while reviewing a pull
request from an external contributor, effects Grafana’s data source
proxy API and allows authorization checks to be bypassed by adding
an extra slash character (/) in the URL path. Among Grafana-maintained
data sources, the vulnerability only affects the read paths
of Prometheus (all flavors) and Alertmanager when configured with
basic authorization.
The CVSS score for this vulnerability is
5.0 MEDIUM. | high |
| CVE-2025-3260 | Grafana Labs reports:
During the development of a new feature in Grafana 11.6.x,
a security vulnerability was introduced that allows for Viewers
and Editors to bypass dashboard-specific permissions. As a result,
users with the Viewer role could view all the dashboards within their
org and users with the Editor role could view, edit, and delete all
the dashboards in their org.
Note: Organization isolation boundaries still apply, which
means viewers and editors in one organization cannot view or edit
dashboards in another org. Also this vulnerability does not allow
users to query data via data sources they don’t have access to.
The CVSS score for this vulnerability is
8.3 HIGH. | medium |
| CVE-2025-2443 | The vulnerability exists due to insufficient sanitization of user-supplied data in Maven Dependency Proxy. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website. | medium |
| CVE-2025-1763 | The vulnerability exists due to insufficient sanitization of user-supplied data in Maven Dependency Proxy. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website. | medium |
| CVE-2024-12361 | A null pointer dereference vulnerability has been identified in FFmpeg. The error occurs in the ff_mpv_encode_picture function of the avcodec/mpegvideo_enc.c file | medium |
| CVE-2025-25046 | IBM InfoSphere Information Server 11.7 DataStage Flow Designer transmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man in the middle techniques. | low |
| CVE-2025-25045 | IBM InfoSphere Information 11.7 Server authenticated user to obtain sensitive information when a detailed technical error message is returned in a request. This information could be used in further attacks against the system. | medium |
| CVE-2024-22351 | IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. | medium |
| CVE-2025-46400 | Rejected reason: Red Hat Product Security has come to the conclusion that this CVE is not needed. | No Score |
| CVE-2025-46399 | Rejected reason: Red Hat Product Security has come to the conclusion that this CVE is not needed. | No Score |
| CVE-2025-46398 | Rejected reason: Red Hat Product Security has come to the conclusion that this CVE is not needed. | No Score |
| CVE-2025-46397 | Rejected reason: Red Hat Product Security has come to the conclusion that this CVE is not needed. | No Score |
| CVE-2025-32818 | A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potentially leading to a Denial-of-Service (DoS) condition. | high |
| CVE-2025-28169 | BYD QIN PLUS DM-i Dilink OS v3.0_13.1.7.2204050.1 to v3.0_13.1.7.2312290.1_0 was discovered to cend broadcasts to the manufacturer's cloud server unencrypted, allowing attackers to execute a man-in-the-middle attack. | high |
| CVE-2025-3673 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-3092.. Reason: This candidate is a reservation duplicate of CVE-2023-3092. Notes: All CVE users should reference CVE-2023-3092. instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | No Score |
| CVE-2024-58251 | In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up) when netstat is used by a victim. | low |
| CVE-2025-3907 | Cross-Site Request Forgery (CSRF) vulnerability in Drupal Search API Solr allows Cross Site Request Forgery.This issue affects Search API Solr: from 0.0.0 before 4.3.9. | medium |
| CVE-2025-3904 | Vulnerability in Drupal Sportsleague.This issue affects Sportsleague: *.*. | high |
| CVE-2025-3903 | Vulnerability in Drupal UEditor - 百度编辑器.This issue affects UEditor - 百度编辑器: *.*. | high |
| CVE-2025-3902 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Block Class allows Cross-Site Scripting (XSS).This issue affects Block Class: from 4.0.0 before 4.0.1. | medium |
| CVE-2025-3901 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting (XSS).This issue affects Bootstrap Site Alert: from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4. | medium |
| CVE-2025-3900 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Colorbox allows Cross-Site Scripting (XSS).This issue affects Colorbox: from 0.0.0 before 2.1.3. | medium |
| CVE-2025-2773 | BEC Technologies Multiple Routers sys ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of BEC Technologies Multiple Routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the management interface, which listens on TCP port 22 by default. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-25903. | high |
| CVE-2025-2772 | BEC Technologies Multiple Routers Insufficiently Protected Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within /cgi-bin/tools_usermanage.asp. The issue results from transmitting a list of users and their credentials to be handled on the client side. An attacker can leverage this vulnerability to disclose transported credentials, leading to further compromise. Was ZDI-CAN-25895. | medium |
| CVE-2025-2771 | BEC Technologies Multiple Routers Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of BEC Technologies routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web-based user interface. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25894. | medium |
| CVE-2025-2770 | BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the web-based user interface. The issue results from storing credentials in a recoverable format. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-25986. | medium |
| CVE-2025-2769 | Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25295. | high |
| CVE-2025-2768 | Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25041. | high |
| CVE-2025-2767 | Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability. The specific flaw exists within the processing of the User-Agent HTTP header. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24407. | high |
| CVE-2025-2765 | CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the wireless hotspot. The issue results from the use of hard-coded credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-24349. | high |
| CVE-2025-2764 | CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of update packages provided to update.cgi. The issue results from the lack of proper verification of a cryptographic signature. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24355. | high |
