| CVE-2025-35983 | Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could allow an unprivileged attacker to perform a limited denial of service or perform privileged overrides during the initial configuration of the Controller, there is no risk for Controllers once they are connected. This issue affects Controller 7000: 9.30 prior to vCR9.30.250624a (distributed in 9.30.1871 (MR1)). | medium |
| CVE-2025-3499 | The device has two web servers that expose unauthenticated REST APIs on the management network (TCP ports 8084 and 8086). Exploiting OS command injection through these APIs, an attacker can send arbitrary commands that are executed with administrative permissions by the underlying operating system. | critical |
| CVE-2025-3498 | An unauthenticated user with management network access can get and modify the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) configuration. The device has two web servers that expose unauthenticated REST APIs on the management network (TCP ports 8084 and 8086). An attacker can use these APIs to get access to all system settings, modify the configuration and execute some commands (e.g., system reboot). | critical |
| CVE-2025-3497 | The Linux distribution underlying the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) is obsolete and reached end of life (EOL) on June 30, 2024. Thus, any unmitigated vulnerability could be exploited to affect this product. | high |
| CVE-2025-3467 | An XSS vulnerability exists in langgenius/dify versions prior to 1.1.3, specifically affecting Firefox browsers. This vulnerability allows an attacker to obtain the administrator's token by sending a payload in the published chat. When the administrator views the conversation content through the monitoring/log function using Firefox, the XSS vulnerability is triggered, potentially exposing sensitive token information to the attacker. | medium |
| CVE-2025-3466 | langgenius/dify versions 1.1.0 to 1.1.2 are vulnerable to unsanitized input in the code node, allowing execution of arbitrary code with full root permissions. The vulnerability arises from the ability to override global functions in JavaScript, such as parseInt, before sandbox security restrictions are imposed. This can lead to unauthorized access to secret keys, internal network servers, and lateral movement within dify.ai. The issue is resolved in version 1.1.3. | high |
| CVE-2025-3430 | The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'printer_text' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | medium |
| CVE-2025-3429 | The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'material_text' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | medium |
| CVE-2025-3428 | The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'coating_text' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | medium |
| CVE-2025-3427 | The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'infill_text' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | medium |
| CVE-2025-34077 | An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting social_site=true and manipulating the user_id_social_site parameter, an attacker can generate a valid WordPress session cookie for any user ID, including administrators. Once authenticated, the attacker may exploit plugin upload functionality to install a malicious plugin containing arbitrary PHP code, resulting in remote code execution on the underlying server. | critical |
| CVE-2025-3396 | An issue has been discovered in GitLab EE affecting all versions from 13.3 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that could have allowed authenticated project owners to bypass group-level forking restrictions by manipulating API requests. | medium |
| CVE-2025-33073 | Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network. | high |
| CVE-2025-33069 | Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature locally. | medium |
| CVE-2025-33068 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | high |
| CVE-2025-33067 | Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally. | high |
| CVE-2025-33066 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | high |
| CVE-2025-33064 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | high |
| CVE-2025-33057 | Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network. | medium |
| CVE-2025-33056 | Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized attacker to deny service over a network. | high |
| CVE-2025-33052 | Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally. | medium |
| CVE-2025-33050 | Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network. | high |
| CVE-2025-32990 | A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system. | medium |
| CVE-2025-32989 | A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly. | medium |
| CVE-2025-32988 | A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior. | medium |
| CVE-2025-32725 | Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network. | high |
| CVE-2025-32724 | Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network. | high |
| CVE-2025-32722 | Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally. | medium |
| CVE-2025-32721 | Improper link resolution before file access ('link following') in Windows Recovery Driver allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-32718 | Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-32716 | Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-32714 | Improper access control in Windows Installer allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-32713 | Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-32712 | Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-32711 | Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. | high |
| CVE-2025-32710 | Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. | high |
| CVE-2025-30399 | Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network. | high |
| CVE-2025-30313 | Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | medium |
| CVE-2025-29828 | Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a network. | high |
| CVE-2025-29819 | External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally. | medium |
| CVE-2025-29812 | Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-29811 | Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-29810 | Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network. | high |
| CVE-2025-29809 | Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally. | high |
| CVE-2025-29808 | Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally. | medium |
| CVE-2025-29805 | Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network. | high |
| CVE-2025-29804 | Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-29803 | Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-29802 | Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. | high |
| CVE-2025-29801 | Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. | high |
