Vulnerability Notes
- CVE-2025-62776 - WTW EAGLE DLL Loading Vulnerability (Arbitrary Code Execution)
- CVE-2025-4665 - WordPress plugin Contact Form CFDB7 SQL Injection and PHP Object Injection
- CVE-2025-64095 - DNN Insufficient Access Control - Image Upload allows for Site Content Overwrite
- CVE-2025-62368 - Taiga Authenticated Remote Code Execution
- CVE-2025-43017 - HP ThinPro 8.1 SP8 Security Updates
- CVE-2025-12423 - Denial of Service - Protocol Manipulation
- CVE-2025-12422 - Vulnerable Upgrade Feature (Arbitrary File Write)
- CVE-2025-36386 - There is a vulnerability in the IBM Maximo Manage application in IBM Maximo Application Suite for Cognos Analytics
- CVE-2025-34311 - IPFire < v2.29 Command Injection via Proxy Report Creation
- CVE-2025-1036 - TropOS 4th Gen Command Injection
- CVE-2025-9313 - Unauthorized database access in Asseco mMedica
- CVE-2025-10150 - Webserver crash caused by scanning on TCP port 80
- CVE-2025-62777 - MZK-DP300N Telnet Hard-Coded Credentials Vulnerability
- CVE-2025-12341 - ermig1979 AntiDupl Delete Duplicate Image AntiDupl.NET.WinForms.exe link following
- CVE-2025-62725 - Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations
- CVE-2025-12322 - Tenda CH22 NatStaticSetting fromNatStaticSetting buffer overflow
- CVE-2025-62516 - Landlord Onboarding & Rental Signup Unauthorized Access Vulnerability in TurboTenant Stripe Integration
- CVE-2025-58356 - Constellation allows insecure use of LUKS2 persistent storage partitions
- CVE-2025-61385 - tlocke pg8000 SQL Injection Vulnerability
- CVE-2025-55754 - Apache Tomcat: console manipulation via escape sequences in log messages
- CVE-2025-12364 - Weak Password Policy