Total
309461 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-50722 | 1 Sparkshop | 1 Sparkshop | 2025-09-09 | 9.8 Critical |
| Insecure Permissions vulnerability in sparkshop v.1.1.7 allows a remote attacker to execute arbitrary code via the Common.php component | ||||
| CVE-2025-57809 | 1 Mlc-ai | 1 Xgrammar | 2025-09-09 | 7.5 High |
| XGrammar is an open-source library for efficient, flexible, and portable structured generation. Prior to version 0.1.21, XGrammar has an infinite recursion issue in the grammar. This issue has been resolved in version 0.1.21. | ||||
| CVE-2025-52217 | 1 Selectzero | 2 Data Observability Platform, Selectzero | 2025-09-09 | 5.4 Medium |
| SelectZero Data Observability Platform before 2025.5.2 is vulnerable to HTML Injection. Legacy UI fields improperly handle user-supplied input, allowing injection of arbitrary HTML. | ||||
| CVE-2025-52218 | 1 Selectzero | 2 Data Observability Platform, Selectzero | 2025-09-09 | 7.5 High |
| SelectZero Data Observability Platform before 2025.5.2 is vulnerable to Content Spoofing / Text Injection. Improper sanitization of unspecified parameters allows attackers to inject arbitrary text or limited HTML into the login page. | ||||
| CVE-2025-52219 | 1 Selectzero | 2 Data Observability Platform, Selectzero | 2025-09-09 | 6.5 Medium |
| SelectZero SelectZero Data Observability Platform before 2025.5.2 contains an Open Redirect vulnerability. Legacy UI fields can be used to create arbitrary external links via HTML Injection. | ||||
| CVE-2025-56432 | 1 Nagios | 3 Nagios, Nagios Xi, Xi | 2025-09-09 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability exists in Nagios XI 2024R2. The vulnerability allows remote attackers to execute arbitrary JavaScript in the context of a logged-in user's session via a specially crafted URL. The issue resides in a web component responsible for rendering performance-related data. | ||||
| CVE-2025-57810 | 1 Parall | 1 Jspdf | 2025-09-09 | 7.5 High |
| jsPDF is a library to generate PDFs in JavaScript. Prior to 3.0.2, user control of the first argument of the addImage method results in CPU utilization and denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful PNG file that results in high CPU utilization and denial of service. The vulnerability was fixed in jsPDF 3.0.2. | ||||
| CVE-2025-50974 | 1 Ipfire | 1 Ipfire | 2025-09-09 | 6.5 Medium |
| The Calamaris log exporter CGI (/cgi-bin/logs.cgi/calamaris.dat) in IPFire 2.29 does not properly sanitize user-supplied input before incorporating parameter values into a shell command. An unauthenticated remote attacker can inject arbitrary OS commands by embedding shell metacharacters in any of the following parameters BYTE_UNIT, DAY_BEGIN, DAY_END, HIST_LEVEL, MONTH_BEGIN, MONTH_END, NUM_CONTENT, NUM_DOMAINS, NUM_HOSTS, NUM_URLS, PERF_INTERVAL, YEAR_BEGIN, YEAR_END. | ||||
| CVE-2025-52184 | 1 Helpy.io | 1 Helpy | 2025-09-09 | 6.1 Medium |
| Cross Site Scripting vulnerability in Helpy.io v.2.8.0 allows a remote attacker to escalate privileges via the New Topic Ticket funtion. | ||||
| CVE-2025-50976 | 1 Ipfire | 1 Ipfire | 2025-09-09 | 6.1 Medium |
| IPFire 2.29 DNS management interface (dns.cgi) fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLS_HOSTNAME query parameters, resulting in a reflected cross-site scripting (XSS) vulnerability. | ||||
| CVE-2025-50975 | 1 Ipfire | 1 Ipfire | 2025-09-09 | 5.4 Medium |
| IPFire 2.29 web-based firewall interface (firewall.cgi) fails to sanitize several rule parameters such as PROT, SRC_PORT, TGT_PORT, dnatport, key, ruleremark, src_addr, std_net_tgt, and tgt_addr, allowing an authenticated administrator to inject persistent JavaScript. This stored XSS payload is executed whenever another admin views the firewall rules page, enabling session hijacking, unauthorized actions within the interface, or further internal pivoting. Exploitation requires only high-privilege GUI access, and the complexity of the attack is low. | ||||
| CVE-2025-52353 | 1 Uatech | 1 Badaso | 2025-09-09 | 9.8 Critical |
| An arbitrary code execution vulnerability in Badaso CMS 2.9.11. The Media Manager allows authenticated users to upload files containing embedded PHP code via the file-upload endpoint, bypassing content-type validation. When such a file is accessed via its URL, the server executes the PHP payload, enabling an attacker to run arbitrary system commands and achieve full compromise of the underlying host. This has been demonstrated by embedding a backdoor within a PDF and renaming it with a .php extension. | ||||
| CVE-2025-55443 | 2 Google, Telpo | 2 Android, Telpo Mdm | 2025-09-09 | 9.1 Critical |
| Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT server connection details (IP/port) that are stored in plaintext within log files on the device's external storage. This allows attackers with access to these logs to: 1. Authenticate to the MDM web platform to execute administrative operations (device shutdown/factory reset/software installation); 2. Connect to the MQTT server to intercept/publish device data. | ||||
| CVE-2025-56694 | 1 Lumasoft | 1 Fotoshare Cloud | 2025-09-09 | 5.8 Medium |
| Client-side password validation (CWE-602) in lumasoft fotoShare Cloud 2025-03-13 allowing unauthenticated attackers to view password-protected photo albums. | ||||
| CVE-2025-50985 | 1 Diskoverdata | 1 Diskover | 2025-09-09 | 5.6 Medium |
| diskover-web v2.3.0 Community Edition is vulnerable to multiple reflected cross-site scripting (XSS) flaws in its web interface. Unsanitized GET parameters including maxage, maxindex, index, path, q (query), and doctype are directly echoed into the HTML response, allowing attackers to inject and execute arbitrary JavaScript when a victim visits a maliciously crafted URL. | ||||
| CVE-2025-50986 | 2 Diskover, Diskoverdata | 2 Diskover, Diskover | 2025-09-09 | 5.6 Medium |
| diskover-web v2.3.0 Community Edition suffers from multiple stored cross-site scripting (XSS) vulnerabilities in its administrative settings interface. Various configuration fields such as ES_HOST, ES_INDEXREFRESH, ES_PORT, ES_SCROLLSIZE, ES_TRANSLOGSIZE, ES_TRANSLOGSYNCINT, EXCLUDES_FILES, FILE_TYPES[], INCLUDES_DIRS, INCLUDES_FILES, and TIMEZONE do not properly sanitize user-supplied input. Malicious payloads submitted via these parameters are persisted in the application and executed whenever an administrator views or edits the settings page. | ||||
| CVE-2025-52122 | 2 Craftcms, Solspace | 2 Freeform, Freeform | 2025-09-09 | 9.8 Critical |
| Freeform 5.0.0 to before 5.10.16, a plugin for CraftCMS, contains an Server-side template injection (SSTI) vulnerability, resulting in arbitrary code injection for all users that have access to editing a form (submission title). | ||||
| CVE-2025-50978 | 1 Gitblit | 1 Gitblit | 2025-09-09 | 6.1 Medium |
| In Gitblit v1.7.1, a reflected cross-site scripting (XSS) vulnerability exists in the way repository path names are handled. By injecting a specially crafted path payload an attacker can cause arbitrary JavaScript to execute when a victim views the manipulated URL. This flaw stems from insufficient input sanitization of filename elements. | ||||
| CVE-2025-50983 | 1 Readarr | 1 Readarr | 2025-09-09 | 8.3 High |
| SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API endpoint in readarr 0.4.15.2787. The endpoint fails to properly sanitize user-supplied input, allowing attackers to inject and execute arbitrary SQL commands against the backend SQLite database. Sqlmap confirmed exploitation via stacked queries, demonstrating that the parameter can be abused to run arbitrary SQL statements. A heavy query was executed using SQLite's RANDOMBLOB() and HEX() functions to simulate a time-based payload, indicating deep control over database interactions. | ||||
| CVE-2025-50984 | 2 Diskover, Diskoverdata | 2 Diskover, Diskover | 2025-09-09 | 5.3 Medium |
| diskover-web v2.3.0 Community Edition is vulnerable to multiple boolean-based blind SQL injection flaws in its Elasticsearch configuration form. Unsanitized user input in POST parameters such as ES_PASS, ES_MAXSIZE, ES_TRANSLOGSIZE, ES_TIMEOUT, ES_USER, ES_HOST, ES_PORT, ES_SCROLLSIZE, ES_CHUNKSIZE and others can be crafted to inject arbitrary SQLite expressions wrapped in JSON functions. By exploiting these injection points, an attacker can infer or extract sensitive information from the underlying database without authentication. This issue stems from improper input validation and parameterization in the application's JSON-based query construction. | ||||