VYPR

CVEs

1,630 total · page 5 of 33

  • CVE-2025-47729KEVMay 8, 2025
    risk 0.12cvss epss 0.00

    The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL (aka Archive Signal) app users, which is different functionality than described in the TeleMessage "End-to-End encryption from the mobile phone through to the corporate archive"…

  • CVE-2025-35939KEVMay 7, 2025
    risk 0.05cvss epss 0.01

    Craft CMS stores arbitrary content provided by unauthenticated users in session files. This content could be accessed and executed, possibly using an independent vulnerability. Craft CMS redirects requests that require authentication to the login page and generates a session…

  • CVE-2025-2776KEVMay 7, 2025
    risk 0.17cvss epss 0.73

    SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Server URL processing functionality, allowing for administrator account takeover and file read primitives.

  • CVE-2025-2775KEVMay 7, 2025
    risk 0.18cvss epss 0.55

    SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives.

  • CVE-2025-27920KEVMay 5, 2025
    risk 0.16cvss epss 0.02

    Output Messenger before 2.0.63 was vulnerable to a directory traversal attack through improper file path handling. By using ../ sequences in parameters, attackers could access sensitive files outside the intended directory, potentially leading to configuration leakage or…

  • CVE-2025-3935KEVApr 25, 2025
    risk 0.12cvss epss 0.03

    ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys.  It is important to note that to obtain…

  • CVE-2025-3928KEVApr 25, 2025
    risk 0.14cvss epss 0.02

    Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. According to the Commvault advisory: "Webservers can be compromised through bad actors creating and executing webshells." Fixed in version 11.36.46, 11.32.89,…

  • CVE-2025-32432KEVApr 25, 2025
    risk 0.16cvss epss 1.00

    Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Starting from version 3.0.0-RC1 to before 3.9.15, 4.0.0-RC1 to before 4.14.15, and 5.0.0-RC1 to before 5.6.17, Craft is vulnerable to remote code execution. This is a…

  • CVE-2025-31324KEVApr 24, 2025
    risk 0.21cvss epss 0.99

    SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality,…

  • CVE-2025-1976KEVApr 24, 2025
    risk 0.12cvss epss 0.01

    Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6.

  • CVE-2025-34028KEVApr 22, 2025
    risk 0.18cvss epss 0.97

    The Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files that represent install packages that, when expanded by the target server, are vulnerable to path traversal vulnerability that can result in Remote Code Execution via malicious…

  • CVE-2025-42599KEVApr 18, 2025
    risk 0.13cvss epss 0.03

    Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability. Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition.

  • CVE-2025-32433KEVApr 16, 2025
    risk 0.23cvss epss 0.98

    Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling,…

  • CVE-2025-31201CriKEVApr 16, 2025
    risk 0.76cvss 9.8epss 0.12

    This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of…

  • CVE-2025-31200CriKEVApr 16, 2025
    risk 0.76cvss 9.8epss 0.21

    A memory corruption issue was addressed with improved bounds checking. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1, watchOS 11.5. Processing an audio stream in a maliciously crafted media file may result in code…

  • CVE-2024-58136KEVApr 10, 2025
    risk 0.12cvss epss 0.88

    Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025.

  • CVE-2025-29824KEVApr 8, 2025
    risk 0.18cvss epss 0.18

    Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

  • CVE-2025-3248KEVApr 7, 2025
    risk 0.16cvss epss 1.00

    Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.

  • CVE-2025-22457KEVApr 3, 2025
    risk 0.26cvss epss 1.00

    A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.

  • CVE-2025-31161KEVApr 3, 2025
    risk 0.28cvss epss 1.00

    CrushFTP 10 before 10.8.4 and 11 before 11.3.1 allows authentication bypass and takeover of the crushadmin account (unless a DMZ proxy instance is used), as exploited in the wild in March and April 2025, aka "Unauthenticated HTTP(S) port access." A race condition exists in the…

  • CVE-2025-30406KEVApr 3, 2025
    risk 0.22cvss epss 0.93

    Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. This enables threat actors (who know the machineKey) to serialize a…

  • CVE-2025-31125KEVMar 31, 2025
    risk 0.10cvss epss 0.62

    Vite is a frontend tooling framework for javascript. Vite exposes content of non-allowed files using ?inline&import or ?raw?import. Only apps explicitly exposing the Vite dev server to the network (using --host or server.host config option) are affected. This vulnerability is…

  • CVE-2025-2783KEVMar 26, 2025
    risk 0.19cvss epss 0.08

    Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)

  • CVE-2025-29635HigKEVMar 25, 2025
    risk 0.60cvss 7.2epss 0.87

    A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function, triggering remote command execution.

  • CVE-2025-2749HigKEVMar 24, 2025
    risk 0.59cvss 7.2epss 0.04

    An authenticated remote code execution in Kentico Xperience allows authenticated users Staging Sync Server to upload arbitrary data to path relative locations. This results in path traversal and arbitrary file upload, including content that can be executed server side leading to…

  • CVE-2025-2747KEVMar 24, 2025
    risk 0.19cvss epss 0.92

    An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server component password handling for the server defined None type. Authentication bypass allows an attacker to control administrative objects.This issue affects…

  • CVE-2025-2746KEVMar 24, 2025
    risk 0.19cvss epss 0.58

    An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server password handling of empty SHA1 usernames in digest authentication. Authentication bypass allows an attacker to control administrative objects.This issue affects…

  • CVE-2025-30154KEVMar 19, 2025
    risk 0.05cvss epss 0.02

    reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use…

  • CVE-2025-30066KEVMar 15, 2025
    risk 0.12cvss epss 0.41

    tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious…

  • CVE-2025-21590KEVMar 12, 2025
    risk 0.12cvss epss 0.02

    An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device. A local attacker with access to the shell is able to inject arbitrary code which can…

  • CVE-2025-27915KEVMar 12, 2025
    risk 0.14cvss epss 0.04

    An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0 and 10.1. A stored cross-site scripting (XSS) vulnerability exists in the Classic Web Client due to insufficient sanitization of HTML content in ICS files. When a user views an e-mail message containing a…

  • CVE-2025-24201CriKEVMar 11, 2025
    risk 0.77cvss 10.0epss 0.04

    An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.2 and iPadOS 18.3.2, iPadOS 17.7.6, macOS Sequoia 15.3.2, visionOS 2.3.2,…

  • CVE-2025-26633KEVMar 11, 2025
    risk 0.25cvss epss 0.32

    Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.

  • CVE-2025-24993KEVMar 11, 2025
    risk 0.12cvss epss 0.02

    Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

  • CVE-2025-24991KEVMar 11, 2025
    risk 0.12cvss epss 0.02

    Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.

  • CVE-2025-24985KEVMar 11, 2025
    risk 0.12cvss epss 0.04

    Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.

  • CVE-2025-24984KEVMar 11, 2025
    risk 0.12cvss epss 0.02

    Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.

  • CVE-2025-24983KEVMar 11, 2025
    risk 0.12cvss epss 0.01

    Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.

  • CVE-2025-24054KEVMar 11, 2025
    risk 0.16cvss epss 0.59

    External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2025-27363HigKEVMar 11, 2025
    risk 0.70cvss 8.1epss 0.23

    An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned…

  • CVE-2024-54085KEVMar 11, 2025
    risk 0.15cvss epss 0.61

    AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.

  • CVE-2025-24813KEVMar 10, 2025
    risk 0.16cvss epss 1.00

    Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2,…

  • CVE-2025-1316KEVMar 4, 2025
    risk 0.19cvss epss 0.72

    Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device

  • CVE-2025-22226KEVMar 4, 2025
    risk 0.12cvss epss 0.02

    VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process.

  • CVE-2025-22225KEVMar 4, 2025
    risk 0.19cvss epss 0.01

    VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.

  • CVE-2025-22224KEVMar 4, 2025
    risk 0.16cvss epss 0.02

    VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process…

  • CVE-2024-48248KEVMar 4, 2025
    risk 0.20cvss epss 0.94

    NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials).

  • CVE-2025-24893KEVFeb 20, 2025
    risk 0.16cvss epss 1.00

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any guest can perform arbitrary remote code execution through a request to `SolrSearch`. This impacts the confidentiality, integrity and availability of the whole XWiki…

  • CVE-2025-24989KEVFeb 19, 2025
    risk 0.15cvss epss 0.02

    An improper access control vulnerability in Power Pages allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control. This vulnerability has already been mitigated in the service and all affected customers have been…

  • CVE-2025-0111KEVFeb 12, 2025
    risk 0.12cvss epss 0.02

    An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the…